dan/jose
1
0
Fork 0
mirror of https://github.com/danbulant/jose synced 2026-05-24 20:41:46 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
738 commits 10 branches 160 tags 9.9 MiB
Commit graph

179 commits

Author SHA1 Message Date
Filip Skokan
71a2bae874 style: prettier lint 2021-09-06 14:00:53 +02:00
Filip Skokan
0b112cf63e feat(node): support rsa-pss keys in Node.js >= 16.9.0 for sign/verify 2021-09-06 11:14:01 +02:00
Filip Skokan
5c7d2656b6 feat: experimental Deno build & publish 2021-08-20 12:01:17 +02:00
Filip Skokan
59aa96d28d fix(typescript): allow sign results to be passed to verify 2021-08-20 11:57:16 +02:00
Filip Skokan
1a4092f89b chore: lint 2021-08-16 15:12:57 +02:00
Filip Skokan
991d4350d0 fix: throw JWEInvalid when jwe protected header is invalid 2021-08-16 12:38:04 +02:00
Andrey Trebler
1fc79aa831
fix: throw JWSInvalid when jws protected header is invalid (#244) 2021-08-16 12:34:44 +02:00
Filip Skokan
df56b942c6 feat: add verbose key type error messages 2021-07-01 14:48:53 +02:00
Filip Skokan
65fdec22be style: prettier lint 2021-07-01 09:54:21 +02:00
Filip Skokan
4103719c24 fix: guard SignJWT.prototype.sign() from missing protected header 
fixes #221
 2021-07-01 09:50:48 +02:00
Filip Skokan
afae428f39 feat(webcrypto): allow generate* modules extractable: false override 2021-05-12 14:07:26 +02:00
Filip Skokan
b84d6a307d style: prettier lint 2021-05-12 13:27:02 +02:00
Filip Skokan
da5c5d78ac refactor: unified "unsupported" error messages 2021-05-05 15:26:28 +02:00
Filip Skokan
7819df73eb fix: isObject helper in different vm contexts or jest re-assigned globals 
closes #178
 2021-04-13 22:01:58 +02:00
Filip Skokan
147759220b test: add a JWK export/import roundtrip test 
refs #178
 2021-04-13 18:11:34 +02:00
Filip Skokan
f724323074 test: conditional everything three way 2021-04-01 14:34:02 +02:00
Filip Skokan
54343596b3 test: add X25519 and X448 ECDH test vectors 2021-04-01 14:24:11 +02:00
Filip Skokan
e0adf49e57 fix: swallow invalid signature encoding errors 2021-03-11 14:56:57 +01:00
Filip Skokan
5110a6b7c6 lint: prettier tests 2021-03-09 10:06:21 +01:00
Filip Skokan
8fffd3e2e1 feat: electron >=12.0.0 is now supported (and tested on ci) 2021-03-03 00:19:04 +01:00
Filip Skokan
fc584b2efd fix: node runtime json fetch handles connection errors properly 2021-02-10 13:36:29 +01:00
Filip Skokan
c037e5907c style: lint cookbooks 2021-02-05 12:43:42 +01:00
Filip Skokan
e8d41a9335 feat: allow CryptoKey instances in a regular non-webcrypto node runtime 2021-02-04 17:39:28 +01:00
Filip Skokan
69a7edea0a refactor: explicit new uint8array arg 2021-01-28 16:16:12 +01:00
Filip Skokan
ad88ee2cd5 perf: use KeyObject.prototype asymmetricKeyDetails when available 2021-01-18 13:50:42 +01:00
Filip Skokan
16dea9ec7d feat: added JWE General JSON Serialization decryption 2020-12-17 12:18:13 +01:00
Filip Skokan
47d7001c02 test: deflake different payload produce test 2020-12-16 19:10:50 +01:00
Filip Skokan
6fb862cf12 feat: added JWS General JSON Serialization signing 
resolves #129
 2020-12-16 18:43:35 +01:00
Filip Skokan
fa29d68cfd feat: added utility function for decoding token's protected header 2020-12-16 18:29:30 +01:00
Filip Skokan
55b77810d0 feat: added JWS General JSON Serialization verification 
resolves #129
 2020-12-16 18:29:05 +01:00
Filip Skokan
5163116ca1 feat: support recognizing proprietary crit header parameters 
closes #123
 2020-12-06 17:54:38 +01:00
Filip Skokan
691b44ad47 fix: reject JWTs with b64: false 
As per https://tools.ietf.org/html/rfc7797 abstract

This specification updates RFC 7519 by stating that JSON Web Tokens
(JWTs) MUST NOT use the unencoded payload option defined by this
specification.
 2020-12-06 17:54:32 +01:00
Filip Skokan
e72af2742e test: add coverage for generate key pair options 2020-12-01 12:12:24 +01:00
Filip Skokan
ce521d567b refactor: less for in, added type checks, error messages 2020-11-22 12:44:27 +01:00
Filip Skokan
e39c3dba75 feat: allow compact verify/decrypt tokens to be uint8array encoded 
This means that when Nested JWT is used the decrypted plaintext can
be piped directly to verify.
 2020-11-22 12:44:27 +01:00
Filip Skokan
7a8418eadd feat: added "KeyLike to JWK" module 
resolves #109
 2020-11-22 12:44:27 +01:00
Filip Skokan
a6fa15e64d test: add coverage 2020-11-22 12:35:38 +01:00
Filip Skokan
87b80a6c9c test: deflake cbc hmac 2020-11-15 16:46:34 +01:00
Filip Skokan
78d424c886 lint: tests 2020-11-15 13:16:38 +01:00
Filip Skokan
4fd035f03e test: deflake a cbc test 2020-11-15 12:47:54 +01:00
Filip Skokan
357fe0b964 feat: Revised API, No dependencies, Browser Support, Promises 
BREAKING CHANGE: Revised, Promise-based API
BREAKING CHANGE: No dependencies
BREAKING CHANGE: Browser support (using [Web Cryptography API](https://www.w3.org/TR/WebCryptoAPI/))
BREAKING CHANGE: Support for verification using a remote JWKS endpoint
BREAKING CHANGE: Experimental Node.js libuv thread pool based runtime (non-blocking 🎉)
 2020-11-14 18:26:46 +01:00
Filip Skokan
921737fa83 style: upgrade standard 2020-10-29 20:43:19 +01:00
Filip Skokan
97d46fb7c9 refactor: change JWT.decode error message for encrypted JWTs 2020-09-08 14:12:04 +02:00
Filip Skokan
30e5c46ecf feat: decrypt allowlists for both key management and content encryption 
BREAKING CHANGE: the `JWE.decrypt` option `algorithms` was removed and
replaced with contentEncryptionAlgorithms (handles `enc` allowlist) and
keyManagementAlgorithms (handles `alg` allowlist)
 2020-09-08 14:12:04 +02:00
Filip Skokan
fd69d7f509 refactor: move JWT profile specifics outside of generic JWT 
BREAKING CHANGE: the `JWT.verify` profile option was removed, use e.g.
`JWT.IdToken.verify` instead.

BREAKING CHANGE: removed the `maxAuthAge` `JWT.verify` option, this
option is now only present at the specific JWT profile APIs where the
`auth_time` property applies.

BREAKING CHANGE: removed the `nonce` `JWT.verify` option, this
option is now only present at the specific JWT profile APIs where the
`nonce` property applies.

BREAKING CHANGE: the `acr`, `amr`, `nonce` and `azp` claim value types
will only be checked when verifying a specific JWT profile using its
dedicated API.

BREAKING CHANGE: using the draft implementing APIs will emit a one-time
warning per process using `process.emitWarning`
 2020-09-08 14:12:04 +02:00
Filip Skokan
c4267cc655 refactor: removed nonce option from JWT.sign 
BREAKING CHANGE: `JWT.sign` function options no longer accept a `nonce`
property. To create a JWT with a `nonce` just pass the value to the
payload.
 2020-09-08 14:12:04 +02:00
Filip Skokan
6c35c519c9 refactor: removed deprecated methods and utilities 
BREAKING CHANGE: deprecated method `JWK.importKey` was removed
BREAKING CHANGE: deprecated method `JWKS.KeyStore.fromJWKS` was removed
BREAKING CHANGE: the use of unregistered curve name P-256K for secp256k1
was removed
 2020-09-08 14:12:04 +02:00
Filip Skokan
70bd4ae6b2 refactor: encrypt APIs unprotectedHeader and aad arguments swapped 
BREAKING CHANGE: jose.JWE.Encrypt constructor aad and unprotectedHeader
arguments swapped places
BREAKING CHANGE: jose.JWE.encrypt.flattened header (unprotectedHeader)
and aad arguments swapped places
BREAKING CHANGE: jose.JWE.encrypt.general header (unprotectedHeader)
and aad arguments swapped places
 2020-09-08 14:12:04 +02:00
Filip Skokan
ba5c897919 refactor: removed payload parsing from JWS.verify 
BREAKING CHANGE: JWS.verify returned payloads are now always buffers
BREAKING CHANGE: JWS.verify options `encoding` and `parse` were removed
 2020-09-08 14:12:04 +02:00
sboys3
ce6836af88
feat: support for validating issuer from a list of values (#91) 
Co-authored-by: Filip Skokan <panva.ip@gmail.com>
 2020-08-10 18:34:51 +02:00