dan/jose
1
0
Fork 0
mirror of https://github.com/danbulant/jose synced 2026-05-25 04:51:47 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
414 commits 10 branches 160 tags 9.9 MiB
Commit graph

414 commits

This branch
This branch
All branches
Author SHA1 Message Date
Filip Skokan
fd69d7f509 refactor: move JWT profile specifics outside of generic JWT 
BREAKING CHANGE: the `JWT.verify` profile option was removed, use e.g.
`JWT.IdToken.verify` instead.

BREAKING CHANGE: removed the `maxAuthAge` `JWT.verify` option, this
option is now only present at the specific JWT profile APIs where the
`auth_time` property applies.

BREAKING CHANGE: removed the `nonce` `JWT.verify` option, this
option is now only present at the specific JWT profile APIs where the
`nonce` property applies.

BREAKING CHANGE: the `acr`, `amr`, `nonce` and `azp` claim value types
will only be checked when verifying a specific JWT profile using its
dedicated API.

BREAKING CHANGE: using the draft implementing APIs will emit a one-time
warning per process using `process.emitWarning`
 2020-09-08 14:12:04 +02:00
Filip Skokan
c4267cc655 refactor: removed nonce option from JWT.sign 
BREAKING CHANGE: `JWT.sign` function options no longer accept a `nonce`
property. To create a JWT with a `nonce` just pass the value to the
payload.
 2020-09-08 14:12:04 +02:00
Filip Skokan
655679715e ci: remove macos from the ci matrix 2020-09-08 14:12:04 +02:00
Filip Skokan
19487dbe32 ci: add electron@10 2020-09-08 14:12:04 +02:00
Filip Skokan
1aa9035552 feat: added support for ESM (ECMAScript modules) 
BREAKING CHANGE: due to added ESM module support Node.js version with
ESM implementation bugs are no longer supported, this only affects early
v13.x versions. The resulting Node.js semver range is
`>=10.13.0 < 13 || >=13.7.0`
 2020-09-08 14:12:04 +02:00
Filip Skokan
6c35c519c9 refactor: removed deprecated methods and utilities 
BREAKING CHANGE: deprecated method `JWK.importKey` was removed
BREAKING CHANGE: deprecated method `JWKS.KeyStore.fromJWKS` was removed
BREAKING CHANGE: the use of unregistered curve name P-256K for secp256k1
was removed
 2020-09-08 14:12:04 +02:00
Filip Skokan
70bd4ae6b2 refactor: encrypt APIs unprotectedHeader and aad arguments swapped 
BREAKING CHANGE: jose.JWE.Encrypt constructor aad and unprotectedHeader
arguments swapped places
BREAKING CHANGE: jose.JWE.encrypt.flattened header (unprotectedHeader)
and aad arguments swapped places
BREAKING CHANGE: jose.JWE.encrypt.general header (unprotectedHeader)
and aad arguments swapped places
 2020-09-08 14:12:04 +02:00
Filip Skokan
ba5c897919 refactor: removed payload parsing from JWS.verify 
BREAKING CHANGE: JWS.verify returned payloads are now always buffers
BREAKING CHANGE: JWS.verify options `encoding` and `parse` were removed
 2020-09-08 14:12:04 +02:00
Filip Skokan
cadbd047ca fix(typescript): allow Buffer when verifying detached signature 2020-09-08 14:12:04 +02:00
Filip Skokan
4c23bd65fe fix(typescript): properly type all decode/verify/decrypt fn options 2020-09-08 14:12:04 +02:00
GitHubPang
d57e8c59e8
docs: fix grammar (#95) 2020-09-05 10:40:58 +02:00
Filip Skokan
67c1a5de77 docs: update decode docs to be less likely to be discovered instead of verify 2020-09-03 16:05:24 +02:00
Filip Skokan
2a6b34ebe7 docs: update JWT.decode 2020-09-02 14:20:47 +02:00
Filip Skokan
338c604f29 docs: update secp256k1 link to point to rfc8812 2020-08-18 15:26:11 +02:00
Filip Skokan
57f276165d chore: update standard-version to v8.x 2020-08-12 14:56:45 +02:00
Filip Skokan
9a8404a759 chore(release): 1.28.0 2020-08-10 18:42:31 +02:00
Filip Skokan
eb482a8ab8 style: lib/jwe/encrypt.js 2020-08-10 18:35:02 +02:00
Filip Skokan
e0a2d57926 refactor: sign.js PROCESS_RECIPIENT 2020-08-10 18:35:02 +02:00
sboys3
ce6836af88
feat: support for validating issuer from a list of values (#91) 
Co-authored-by: Filip Skokan <panva.ip@gmail.com>
 2020-08-10 18:34:51 +02:00
Filip Skokan
db6254e575 ci: improve CI runtime 2020-08-04 17:11:37 +02:00
Filip Skokan
1a4a68fb9a chore(release): 1.27.3 2020-08-04 14:56:02 +02:00
Filip Skokan
d56ec9f5dd fix: ensure "b64" is the same for all recipients edge cases 2020-08-04 14:37:52 +02:00
Filip Skokan
169542363f fix: do not mutate unencoded payload when signing for multiple parties 
resolves #89
 2020-08-04 14:36:52 +02:00
Filip Skokan
495a7873a4 ci: skip codeql for markdown changes 2020-07-24 13:55:31 +02:00
Filip Skokan
fcbc468d24 ci: push scheduled ci by two hours 2020-07-16 11:27:00 +02:00
Filip Skokan
5a17e92f09 chore: update dev deps 2020-07-14 22:46:45 +02:00
Filip Skokan
2c49d9a771 chore: disable bugged PR sponsor label 2020-07-05 11:34:38 +02:00
Filip Skokan
e485487964 chore(release): 1.27.2 2020-07-01 13:28:23 +02:00
Filip Skokan
e8ad38993e
fix: handle private EC keys without public component (#86) 
Only possible to handle when KeyObject API is available in the runtime.

closes #85
 2020-07-01 13:13:34 +02:00
Filip Skokan
899d60130f
ci: add codeql-analysis 2020-06-30 19:17:08 +02:00
Filip Skokan
d4d4d02075 chore(release): 1.27.1 2020-06-01 14:59:19 +02:00
Filip Skokan
7ba492237a fix: allow any JSON numeric value for timestamp values 
> NumericDate
>    A JSON numeric value representing the number of seconds from
>    1970-01-01T00:00:00Z UTC until the specified UTC date/time,
>    ignoring leap seconds.  This is equivalent to the IEEE Std 1003.1,
>    2013 Edition [POSIX.1] definition "Seconds Since the Epoch", in
>    which each day is accounted for by exactly 86400 seconds, other
>    than that non-integer values can be represented.  See RFC 3339
>    [RFC3339] for details regarding date/times in general and UTC in
>    particular.
 2020-06-01 14:58:25 +02:00
Filip Skokan
b50d69544b docs: update readme.md X25519 ECDH support caveat 2020-05-26 16:35:07 +02:00
Filip Skokan
e48c46369a ci: add electron@9 2020-05-21 18:12:04 +02:00
Filip Skokan
2b1fadfd42 docs: improve EmbeddedX5C 2020-05-19 08:51:29 +02:00
Filip Skokan
a2fb45dc58 chore(release): 1.27.0 2020-05-05 17:15:33 +02:00
Filip Skokan
9f2d6d9953 chore: update package.json keywords 2020-05-05 16:11:28 +02:00
Filip Skokan
7c1cab196e feat: add opt-in objects to verify using embedded JWS Header public keys 2020-05-04 22:37:11 +02:00
Filip Skokan
5c7888869f chore(release): 1.26.1 2020-04-27 20:49:25 +02:00
Filip Skokan
7e60722ae7 fix(typescript): types of key generate functions without overloads 
fixes #80
 2020-04-27 20:49:08 +02:00
Filip Skokan
06915861b3 fix: "typ" content-type validation, case insensitive and handled prefix 2020-04-27 20:48:35 +02:00
Filip Skokan
7389bee2ff docs: update readme.md 2020-04-23 13:58:36 +02:00
Filip Skokan
f6f657745a repo: add sponsor label 2020-04-23 11:55:26 +02:00
Filip Skokan
c821bad8b6 docs: remove chacha plugin from the list 2020-04-22 10:40:07 +02:00
Filip Skokan
f136a7ea72 chore: remove bug label, only keep triage until bug is confirmed 2020-04-21 18:04:33 +02:00
Filip Skokan
90ea159683 ci: test on node 14 2020-04-21 18:04:15 +02:00
Filip Skokan
044caa5c33 docs: update readme.md 2020-04-16 12:16:18 +02:00
Filip Skokan
d4ea95d788 chore(release): 1.26.0 2020-04-16 12:09:31 +02:00
Filip Skokan
8c0a8a950e feat: update JWT Profile for OAuth 2.0 Access Tokens to latest draft 
BREAKING CHANGE: `at+JWT` JWT draft profile - in the draft's Section 2.2
the claims `iat` and `jti` are now REQUIRED (was RECOMMENDED).
 2020-04-16 12:09:08 +02:00
Filip Skokan
2ebba8ebe7 chore(release): 1.25.2 2020-04-15 09:52:05 +02:00