dan/jose
1
0
Fork 0
mirror of https://github.com/danbulant/jose synced 2026-05-19 04:18:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
990 commits 10 branches 160 tags 9.9 MiB
Commit graph

74 commits

Author SHA1 Message Date
Filip Skokan
3d2a2b8eee feat: add jose.decodeJwt utility 2022-02-07 13:49:35 +01:00
Filip Skokan
4a79f7d318 docs: update README.md 2022-01-24 17:19:29 +01:00
Filip Skokan
3925ebc561 docs: update readmes and examples 2021-11-10 15:19:37 +01:00
Filip Skokan
94eca81687 feat: General JWE Encryption 2021-11-08 22:30:58 +01:00
Filip Skokan
6de381213d
chore: update readme, package.json, etc 2021-10-14 14:58:43 +02:00
Filip Skokan
dd2cf9ed2d
refactor: redo exports to support broader tooling 
BREAKING CHANGE: All module named exports have moved from subpaths to
just "jose". For example, `import { jwtVerify } from 'jose/jwt/verify'`
is now just `import { jwtVerify } from 'jose'`.

BREAKING CHANGE: All submodule default exports and named have been
removed in favour of just "jose" named exports.
 2021-10-14 14:08:05 +02:00
Filip Skokan
5afb713fbb
refactor: rename calculateThumprint to calculateJwkThumbprint 
BREAKING CHANGE: The `jose/jwk/thumbprint` named export
is renamed to `calculateJwkThumbprint`, now
`import { calculateJwkThumbprint } from 'jose'`
 2021-10-14 13:44:40 +02:00
Filip Skokan
a2af0f45fe
feat: add X.509/SPKI/PKCS8 key import and SPKI/PKCS8 export functions 2021-09-22 23:50:08 +02:00
Filip Skokan
26c4361c00 fix(docs): update doc links again 2021-07-21 14:19:04 +02:00
Filip Skokan
86f9134248 fix(docs): update doc links 2021-07-21 13:05:44 +02:00
Filip Skokan
3fffdac15d docs: consistent readme fragment 2021-03-15 18:08:06 +01:00
Filip Skokan
edfc6863e5 chore: update build deps and docs 2021-03-15 16:18:39 +01:00
Filip Skokan
c60953fe64 docs: generate keylike hint 2021-01-22 17:03:42 +01:00
Filip Skokan
9369f73d6c docs: include new features 2020-12-17 12:27:35 +01:00
Filip Skokan
4e1ede4dbb docs: include new features 2020-12-16 18:43:35 +01:00
Filip Skokan
7a8418eadd feat: added "KeyLike to JWK" module 
resolves #109
 2020-11-22 12:44:27 +01:00
Filip Skokan
357fe0b964 feat: Revised API, No dependencies, Browser Support, Promises 
BREAKING CHANGE: Revised, Promise-based API
BREAKING CHANGE: No dependencies
BREAKING CHANGE: Browser support (using [Web Cryptography API](https://www.w3.org/TR/WebCryptoAPI/))
BREAKING CHANGE: Support for verification using a remote JWKS endpoint
BREAKING CHANGE: Experimental Node.js libuv thread pool based runtime (non-blocking 🎉)
 2020-11-14 18:26:46 +01:00
Filip Skokan
b6916946ac chore: remove sponsorship campaign 2020-09-23 18:33:30 +02:00
Filip Skokan
30e5c46ecf feat: decrypt allowlists for both key management and content encryption 
BREAKING CHANGE: the `JWE.decrypt` option `algorithms` was removed and
replaced with contentEncryptionAlgorithms (handles `enc` allowlist) and
keyManagementAlgorithms (handles `alg` allowlist)
 2020-09-08 14:12:04 +02:00
Filip Skokan
fd69d7f509 refactor: move JWT profile specifics outside of generic JWT 
BREAKING CHANGE: the `JWT.verify` profile option was removed, use e.g.
`JWT.IdToken.verify` instead.

BREAKING CHANGE: removed the `maxAuthAge` `JWT.verify` option, this
option is now only present at the specific JWT profile APIs where the
`auth_time` property applies.

BREAKING CHANGE: removed the `nonce` `JWT.verify` option, this
option is now only present at the specific JWT profile APIs where the
`nonce` property applies.

BREAKING CHANGE: the `acr`, `amr`, `nonce` and `azp` claim value types
will only be checked when verifying a specific JWT profile using its
dedicated API.

BREAKING CHANGE: using the draft implementing APIs will emit a one-time
warning per process using `process.emitWarning`
 2020-09-08 14:12:04 +02:00
Filip Skokan
c4267cc655 refactor: removed nonce option from JWT.sign 
BREAKING CHANGE: `JWT.sign` function options no longer accept a `nonce`
property. To create a JWT with a `nonce` just pass the value to the
payload.
 2020-09-08 14:12:04 +02:00
Filip Skokan
70bd4ae6b2 refactor: encrypt APIs unprotectedHeader and aad arguments swapped 
BREAKING CHANGE: jose.JWE.Encrypt constructor aad and unprotectedHeader
arguments swapped places
BREAKING CHANGE: jose.JWE.encrypt.flattened header (unprotectedHeader)
and aad arguments swapped places
BREAKING CHANGE: jose.JWE.encrypt.general header (unprotectedHeader)
and aad arguments swapped places
 2020-09-08 14:12:04 +02:00
Filip Skokan
ba5c897919 refactor: removed payload parsing from JWS.verify 
BREAKING CHANGE: JWS.verify returned payloads are now always buffers
BREAKING CHANGE: JWS.verify options `encoding` and `parse` were removed
 2020-09-08 14:12:04 +02:00
GitHubPang
d57e8c59e8
docs: fix grammar (#95) 2020-09-05 10:40:58 +02:00
Filip Skokan
67c1a5de77 docs: update decode docs to be less likely to be discovered instead of verify 2020-09-03 16:05:24 +02:00
Filip Skokan
2a6b34ebe7 docs: update JWT.decode 2020-09-02 14:20:47 +02:00
sboys3
ce6836af88
feat: support for validating issuer from a list of values (#91) 
Co-authored-by: Filip Skokan <panva.ip@gmail.com>
 2020-08-10 18:34:51 +02:00
Filip Skokan
2b1fadfd42 docs: improve EmbeddedX5C 2020-05-19 08:51:29 +02:00
Filip Skokan
7c1cab196e feat: add opt-in objects to verify using embedded JWS Header public keys 2020-05-04 22:37:11 +02:00
Filip Skokan
8c0a8a950e feat: update JWT Profile for OAuth 2.0 Access Tokens to latest draft 
BREAKING CHANGE: `at+JWT` JWT draft profile - in the draft's Section 2.2
the claims `iat` and `jti` are now REQUIRED (was RECOMMENDED).
 2020-04-16 12:09:08 +02:00
Max Ivanov
75e331d28a
docs: fix typo 2020-04-04 13:12:40 +02:00
Filip Skokan
c1d503bdda chore: update readme 2020-03-19 11:08:29 +01:00
Filip Skokan
fc08426466 feat: add JWT.verify "typ" option for checking JWT Type Header parameter 2020-02-24 09:12:27 +01:00
Filip Skokan
3a7e49a782 docs: add note on decrypt 2020-02-20 10:26:24 +01:00
Filip Skokan
a9f6f71350 feat: keystore filtering by JWK Key thumbprint 2020-01-26 19:31:55 +01:00
Filip Skokan
3a6d17fdd1 feat: add opt-in support for Unsecured JWS algorithm "none" 2020-01-23 18:38:00 +01:00
Filip Skokan
a0c0c7ad70
feat: add JWTExpired error and JWTClaimInvalid claim and reason props 
Resolves #62
 2020-01-16 08:49:37 +01:00
Filip Skokan
b1864e319d feat: exposed shorthands for JWT verification profiles 2020-01-12 16:40:51 +01:00
Filip Skokan
3035b8a4f1 docs: fix flattened encrypt docs 2020-01-04 23:19:20 +01:00
Filip Skokan
7bb5c953a9 feat: add JWT validation profiles for Access Tokens and Logout Tokens 2019-12-31 14:20:52 +01:00
Filip Skokan
0ed5025de3 fix: skip validating iat is in the past when exp is present 
validating that iat is in the past is common sense but actually nowhere
defined, in most applications tokens will contain `exp` and for those
it seems requiring a few second leeway just to satisfy `iat` seems
inappropriate
 2019-12-17 20:40:23 +01:00
Filip Skokan
5128d3f7f6 docs: update docs/README.md and README.md 2019-12-17 17:22:59 +01:00
Filip Skokan
40cc05241e docs: add JWK.asKey DER public key type values 2019-12-10 14:01:12 +01:00
Filip Skokan
ce77388254 fix: default JWT.sign kid option value is false for HMAC signatures 2019-11-27 22:04:15 +01:00
Filip Skokan
5e1009a63e feat: allow JWK.asKey inputs for sign/verify/encrypt/decrypt operations 2019-11-27 22:04:14 +01:00
Filip Skokan
ea60338ca6 feat: allow JWKS.KeyStore .all and .get to filter for key curves 2019-11-26 16:01:49 +01:00
Filip Skokan
c3eb8450b9 feat: return the CEK from JWE.decrypt operation with { complete: true } 2019-11-23 12:06:15 +01:00
Filip Skokan
6bb66d4f0b feat: add JWS.verify encoding and parsing options 2019-11-05 20:09:34 +01:00
Filip Skokan
8ea968312e feat: expose crypto.KeyObject instances in supported runtimes 2019-11-03 17:27:44 +01:00
Filip Skokan
aaa4197877 docs: update sponsor link 2019-10-17 14:55:12 +02:00