From 50aaaf1744baa40cda1fd1a6651466882427c55d Mon Sep 17 00:00:00 2001 From: Matteo Pietro Dazzi Date: Sat, 14 Dec 2024 22:37:12 +0100 Subject: [PATCH] chore: upgrade deps --- .eslintrc.js | 30 -------------- benchmarks/auth0.mjs | 9 +---- benchmarks/clinic-server.js | 8 ++-- benchmarks/decode.mjs | 5 +-- benchmarks/sign.mjs | 7 +--- benchmarks/utils.mjs | 79 +++++++++++++++---------------------- benchmarks/verify.mjs | 7 +--- eslint.config.js | 25 ++++++++++++ package.json | 38 +++++++++--------- src/crypto.js | 48 ++++++---------------- src/index.d.ts | 2 +- src/signer.js | 15 ++++--- test/compliance.spec.js | 24 ++++------- test/crypto.spec.js | 10 +---- test/decoder.spec.js | 26 ++++++++---- test/signer.spec.js | 15 ++++--- test/types.spec.ts | 2 - test/verifier.spec.js | 4 +- 18 files changed, 146 insertions(+), 208 deletions(-) delete mode 100644 .eslintrc.js create mode 100644 eslint.config.js diff --git a/.eslintrc.js b/.eslintrc.js deleted file mode 100644 index 09edd0d..0000000 --- a/.eslintrc.js +++ /dev/null @@ -1,30 +0,0 @@ -module.exports = { - extends: ['standard'], - plugins: ['@typescript-eslint'], - rules: { - /* - This is inserted to make this compatible with prettier. - Once https://github.com/prettier/prettier/issues/3845 and https://github.com/prettier/prettier/issues/3847 are solved this might be not needed any more. - */ - 'space-before-function-paren': 0, - curly: [2, 'all'] - }, - overrides: [ - { - extends: ['plugin:@typescript-eslint/recommended'], - rules: { - /* - This is inserted to make this compatible with prettier. - Once https://github.com/prettier/prettier/issues/3845 and https://github.com/prettier/prettier/issues/3847 are solved this might be not needed any more. - */ - '@typescript-eslint/space-before-function-paren': 0, - '@typescript-eslint/no-explicit-any': 0 - }, - files: ['*.ts'], - parser: '@typescript-eslint/parser', - parserOptions: { - project: 'tsconfig.json' - } - } - ] -} diff --git a/benchmarks/auth0.mjs b/benchmarks/auth0.mjs index 03b04e6..163c7a9 100644 --- a/benchmarks/auth0.mjs +++ b/benchmarks/auth0.mjs @@ -2,14 +2,7 @@ import { isMainThread } from 'worker_threads' -import { - tokens, - privateKeys, - publicKeys, - compareSigning, - compareVerifying, - saveLogs -} from './utils.mjs' +import { tokens, privateKeys, publicKeys, compareSigning, compareVerifying, saveLogs } from './utils.mjs' async function runSuites() { if (!isMainThread) { diff --git a/benchmarks/clinic-server.js b/benchmarks/clinic-server.js index 6bb8d6d..5f1e38b 100644 --- a/benchmarks/clinic-server.js +++ b/benchmarks/clinic-server.js @@ -66,21 +66,21 @@ const authRoute = { fastify.post('/sign-jwt', { ...signRoute, - async handler(request, reply) { + async handler(request) { return { token: signerJwt(request.query, key, { algorithm: 'HS256' }) } } }) fastify.post('/sign-fast', { ...signRoute, - async handler(request, reply) { + async handler(request) { return { token: await signerFast(request.query) } } }) fastify.get('/auth-jwt', { ...authRoute, - async handler(request, reply) { + async handler(request) { return { payload: verifierJwt(request.query.token, key, { algorithm: 'HS256' }) } @@ -89,7 +89,7 @@ fastify.get('/auth-jwt', { fastify.get('/auth-fast', { ...authRoute, - async handler(request, reply) { + async handler(request) { return { payload: await verifierFast(request.query.token) } } }) diff --git a/benchmarks/decode.mjs b/benchmarks/decode.mjs index 4cfb6a3..b2022a3 100644 --- a/benchmarks/decode.mjs +++ b/benchmarks/decode.mjs @@ -1,9 +1,6 @@ 'use strict' -import { - compareDecoding, - saveLogs -} from './utils.mjs' +import { compareDecoding, saveLogs } from './utils.mjs' // Regenerate this token after regenerating the keys by running `npm run generate-tokens` and getting the RS512 token const rsToken = diff --git a/benchmarks/sign.mjs b/benchmarks/sign.mjs index d62eaae..2587803 100644 --- a/benchmarks/sign.mjs +++ b/benchmarks/sign.mjs @@ -1,12 +1,7 @@ 'use strict' import { isMainThread } from 'worker_threads' -import { - privateKeys, - publicKeys, - compareSigning, - saveLogs -} from './utils.mjs' +import { privateKeys, publicKeys, compareSigning, saveLogs } from './utils.mjs' async function runSuites() { if (!isMainThread) { diff --git a/benchmarks/utils.mjs b/benchmarks/utils.mjs index deec7ff..37cd8ea 100644 --- a/benchmarks/utils.mjs +++ b/benchmarks/utils.mjs @@ -9,30 +9,15 @@ import { fileURLToPath } from 'url' import jwt from 'jsonwebtoken' -import { - JWK as JWKJose, - JWT as JWTJose -} from 'jose' +import { JWK as JWKJose, JWT as JWTJose } from 'jose' -import { - createDecoder, - createSigner, - createVerifier -} from '../src/index.js' +import { createDecoder, createSigner, createVerifier } from '../src/index.js' const __dirname = dirname(fileURLToPath(import.meta.url)) -const { - sign: jsonwebtokenSign, - decode: jsonwebtokenDecode, - verify: jsonwebtokenVerify -} = jwt +const { sign: jsonwebtokenSign, decode: jsonwebtokenDecode, verify: jsonwebtokenVerify } = jwt -const { - sign: nodeRsSign, - signSync: nodeRsSignSync, - verifySync: nodeRsVerifySync -} = nodeRsJwt +const { sign: nodeRsSign, signSync: nodeRsSignSync, verifySync: nodeRsVerifySync } = nodeRsJwt const { sign: joseSign, verify: joseVerify, decode: joseDecode } = JWTJose const { asKey } = JWKJose @@ -88,17 +73,13 @@ export const publicKeys = { } export async function saveLogs(type) { - const now = new Date() - .toISOString() - .replace(/[-:]/g, '') - .replace('T', '-') - .slice(0, 15) + const now = new Date().toISOString().replace(/[-:]/g, '').replace('T', '-').slice(0, 15) const directory = resolve(__dirname, 'logs') try { await mkdir(directory) - } catch (e) { + } catch { // No-op } @@ -125,22 +106,22 @@ export function compareDecoding(token, algorithm) { return cronometro( { - [`${algorithm} - fast-jwt`]: function() { + [`${algorithm} - fast-jwt`]: function () { fastjwtDecoder(token) }, - [`${algorithm} - fast-jwt (complete)`]: function() { + [`${algorithm} - fast-jwt (complete)`]: function () { fastjwtCompleteDecoder(token) }, - [`${algorithm} - jsonwebtoken`]: function() { + [`${algorithm} - jsonwebtoken`]: function () { jsonwebtokenDecode(token) }, - [`${algorithm} - jsonwebtoken (complete)`]: function() { + [`${algorithm} - jsonwebtoken (complete)`]: function () { jsonwebtokenDecode(token, { complete: true }) }, - [`${algorithm} - jose`]: function() { + [`${algorithm} - jose`]: function () { joseDecode(token) }, - [`${algorithm} - jose (complete)`]: function() { + [`${algorithm} - jose (complete)`]: function () { joseDecode(token, { complete: true }) } }, @@ -167,7 +148,9 @@ export async function compareSigning(payload, algorithm, privateKey, publicKey) if ((process.env.NODE_DEBUG || '').includes('fast-jwt')) { const fastjwtGenerated = fastjwtSign(payload) const joseGenerated = joseSign(payload, josePrivateKey, joseOptions) - const nodeRsGenerated = nodeRsSignSync({ data: payload, exp: Date.now() }, privateKey, { algorithm: Algorithm[algorithm.toUpperCase()] }) + const nodeRsGenerated = nodeRsSignSync({ data: payload, exp: Date.now() }, privateKey, { + algorithm: Algorithm[algorithm.toUpperCase()] + }) const jsonwebtokenGenerated = isEdDSA ? null : jsonwebtokenSign(payload, privateKey, { algorithm, noTimestamp: true }) @@ -186,41 +169,43 @@ export async function compareSigning(payload, algorithm, privateKey, publicKey) } log(` jose: ${JSON.stringify(joseVerify(joseGenerated, asKey(publicKey)))}`) log(` fastjwt: ${JSON.stringify(fastjwtVerify(fastjwtGenerated))}`) - log(`@node-rs/jsonwebtoken: ${JSON.stringify(nodeRsVerifySync(nodeRsGenerated, publicKey, { algorithms: [Algorithm[algorithm.toUpperCase()]] }))}`) + log( + `@node-rs/jsonwebtoken: ${JSON.stringify(nodeRsVerifySync(nodeRsGenerated, publicKey, { algorithms: [Algorithm[algorithm.toUpperCase()]] }))}` + ) log('-------') } const tests = { - [`${algorithm} - jose (sync)`]: function() { + [`${algorithm} - jose (sync)`]: function () { joseSign(payload, josePrivateKey, joseOptions) } } if (!isEdDSA) { Object.assign(tests, { - [`${algorithm} - jsonwebtoken (sync)`]: function() { + [`${algorithm} - jsonwebtoken (sync)`]: function () { jsonwebtokenSign(payload, privateKey, { algorithm, noTimestamp: true }) }, - [`${algorithm} - jsonwebtoken (async)`]: function(done) { + [`${algorithm} - jsonwebtoken (async)`]: function (done) { jsonwebtokenSign(payload, privateKey, { algorithm, noTimestamp: true }, done) } }) } Object.assign(tests, { - [`${algorithm} - fast-jwt (sync)`]: function() { + [`${algorithm} - fast-jwt (sync)`]: function () { fastjwtSign(payload) }, - [`${algorithm} - fast-jwt (async)`]: function(done) { + [`${algorithm} - fast-jwt (async)`]: function (done) { fastjwtSignAsync(payload, done) } }) Object.assign(tests, { - [`${algorithm} - @node-rs/jsonwebtoken (sync)`]: function() { + [`${algorithm} - @node-rs/jsonwebtoken (sync)`]: function () { nodeRsSignSync({ data: payload }, privateKey, { algorithm: Algorithm[algorithm.toUpperCase()] }) }, - [`${algorithm} - @node-rs/jsonwebtoken (async)`]: function(done) { + [`${algorithm} - @node-rs/jsonwebtoken (async)`]: function (done) { nodeRsSign({ data: payload }, privateKey, { algorithm: Algorithm[algorithm.toUpperCase()] }).then(() => done()) } }) @@ -252,28 +237,28 @@ export function compareVerifying(token, algorithm, publicKey) { } const tests = { - [`${algorithm} - fast-jwt (sync)`]: function() { + [`${algorithm} - fast-jwt (sync)`]: function () { fastjwtVerify(token) }, - [`${algorithm} - fast-jwt (async)`]: function(done) { + [`${algorithm} - fast-jwt (async)`]: function (done) { fastjwtVerifyAsync(token, done) }, - [`${algorithm} - fast-jwt (sync with cache)`]: function() { + [`${algorithm} - fast-jwt (sync with cache)`]: function () { fastjwtCachedVerify(token) }, - [`${algorithm} - fast-jwt (async with cache)`]: function(done) { + [`${algorithm} - fast-jwt (async with cache)`]: function (done) { fastjwtCachedVerifyAsync(token, done) }, - [`${algorithm} - jose (sync)`]: function() { + [`${algorithm} - jose (sync)`]: function () { joseVerify(token, josePublicKey) } } if (!isEdDSA) { - tests[`${algorithm} - jsonwebtoken (sync)`] = function() { + tests[`${algorithm} - jsonwebtoken (sync)`] = function () { jsonwebtokenVerify(token, publicKey) } - tests[`${algorithm} - jsonwebtoken (async)`] = function(done) { + tests[`${algorithm} - jsonwebtoken (async)`] = function (done) { jsonwebtokenVerify(token, publicKey, done) } } diff --git a/benchmarks/verify.mjs b/benchmarks/verify.mjs index 4dcb453..4ee7c64 100644 --- a/benchmarks/verify.mjs +++ b/benchmarks/verify.mjs @@ -1,12 +1,7 @@ 'use strict' import { isMainThread } from 'worker_threads' -import { - tokens, - publicKeys, - compareVerifying, - saveLogs -} from './utils.mjs' +import { tokens, publicKeys, compareVerifying, saveLogs } from './utils.mjs' async function runSuites() { if (!isMainThread) { diff --git a/eslint.config.js b/eslint.config.js new file mode 100644 index 0000000..4891a7c --- /dev/null +++ b/eslint.config.js @@ -0,0 +1,25 @@ +const js = require('@eslint/js') +const prettierRecommended = require('eslint-plugin-prettier/recommended') +const globals = require('globals') +const tseslint = require('typescript-eslint') + +module.exports = tseslint.config( + js.configs.recommended, + prettierRecommended, + { + files: ['*.ts'], + extends: [tseslint.configs.recommended], + rules: { + '@typescript-eslint/no-explicit-any': 'off' + } + }, + { + languageOptions: { + globals: { + ...globals.node + }, + ecmaVersion: 'latest', + sourceType: 'module' + } + } +) diff --git a/package.json b/package.json index 665dd19..babb736 100644 --- a/package.json +++ b/package.json @@ -39,7 +39,7 @@ ], "scripts": { "postpublish": "git push origin && git push origin -f --tags", - "lint": "eslint src/**/*.js test/**/*.js src/**/*.ts test/**/*.ts", + "lint": "eslint .", "test": "node --test --experimental-test-coverage && tsd", "test:ci": "npm run lint && npm run test", "test:watch": "node --test --watch --experimental-test-coverage", @@ -51,29 +51,29 @@ "benchmark:auth0": "node benchmarks/auth0.mjs" }, "dependencies": { - "@lukeed/ms": "^2.0.1", + "@lukeed/ms": "^2.0.2", "asn1.js": "^5.4.1", "ecdsa-sig-formatter": "^1.0.11", - "mnemonist": "^0.39.5" + "mnemonist": "^0.39.8" }, "devDependencies": { - "@node-rs/jsonwebtoken": "^0.5.6", - "@sinonjs/fake-timers": "^13.0.1", - "@types/node": "^22.0.0", - "@typescript-eslint/eslint-plugin": "^5.49.0", - "@typescript-eslint/parser": "^5.49.0", + "@node-rs/jsonwebtoken": "^0.5.9", + "@sinonjs/fake-timers": "^13.0.5", + "@types/node": "^22.10.2", "cronometro": "^4.0.0", - "eslint": "^8.33.0", - "eslint-config-standard": "^17.0.0", - "eslint-plugin-import": "^2.27.5", - "eslint-plugin-n": "^16.0.0", - "eslint-plugin-promise": "^6.1.1", - "fastify": "^5.0.0", - "jose": "^2.0.6", - "jsonwebtoken": "^9.0.0", - "prettier": "^3.0.0", - "tsd": "^0.31.0", - "typescript": "^5.0.2" + "eslint": "^9.17.0", + "eslint-config-prettier": "^9.1.0", + "eslint-plugin-import": "^2.31.0", + "eslint-plugin-n": "^17.15.0", + "eslint-plugin-prettier": "^5.2.1", + "eslint-plugin-promise": "^7.2.1", + "fastify": "^5.2.0", + "jose": "^2.0.7", + "jsonwebtoken": "^9.0.2", + "prettier": "^3.4.2", + "tsd": "^0.31.2", + "typescript": "^5.7.2", + "typescript-eslint": "^8.18.0" }, "engines": { "node": ">=20" diff --git a/src/crypto.js b/src/crypto.js index 1a13e4c..15cea3b 100644 --- a/src/crypto.js +++ b/src/crypto.js @@ -43,27 +43,13 @@ const ecCurves = { const PrivateKey = asn.define('PrivateKey', function () { this.seq().obj( this.key('version').int(), - this.key('algorithm') - .seq() - .obj( - this.key('algorithm').objid(), - this.key('parameters') - .optional() - .objid() - ) + this.key('algorithm').seq().obj(this.key('algorithm').objid(), this.key('parameters').optional().objid()) ) }) const PublicKey = asn.define('PublicKey', function () { this.seq().obj( - this.key('algorithm') - .seq() - .obj( - this.key('algorithm').objid(), - this.key('parameters') - .optional() - .objid() - ) + this.key('algorithm').seq().obj(this.key('algorithm').objid(), this.key('parameters').optional().objid()) ) }) @@ -71,10 +57,7 @@ const ECPrivateKey = asn.define('ECPrivateKey', function () { this.seq().obj( this.key('version').int(), this.key('privateKey').octstr(), - this.key('parameters') - .explicit(0) - .optional() - .choice({ namedCurve: this.objid() }) + this.key('parameters').explicit(0).optional().choice({ namedCurve: this.objid() }) ) }) @@ -208,7 +191,12 @@ function detectPrivateKeyAlgorithm(key, providedAlgorithm) { } return cacheSet(privateKeysCache, key, detectedAlgorithm) } catch (e) { - throw cacheSet(privateKeysCache, key, null, TokenError.wrap(e, TokenError.codes.invalidKey, 'Unsupported PEM private key.')) + throw cacheSet( + privateKeysCache, + key, + null, + TokenError.wrap(e, TokenError.codes.invalidKey, 'Unsupported PEM private key.') + ) } } @@ -253,9 +241,7 @@ function createSignature(algorithm, key, input) { switch (type) { case 'HS': - raw = createHmac(alg, key) - .update(input) - .digest('base64') + raw = createHmac(alg, key).update(input).digest('base64') break case 'ES': raw = derToJose(directSign(alg, Buffer.from(input, 'utf-8'), key), algorithm).toString('base64') @@ -273,10 +259,7 @@ function createSignature(algorithm, key, input) { options.saltLength = RSA_PSS_SALTLEN_DIGEST } - raw = createSign(alg) - .update(input) - .sign(options) - .toString('base64') + raw = createSign(alg).update(input).sign(options).toString('base64') break case 'Ed': raw = directSign(undefined, Buffer.from(input, 'utf-8'), key).toString('base64') @@ -298,13 +281,8 @@ function verifySignature(algorithm, key, input, signature) { if (type === 'HS') { try { - return timingSafeEqual( - createHmac(alg, key) - .update(input) - .digest(), - signature - ) - } catch (e) { + return timingSafeEqual(createHmac(alg, key).update(input).digest(), signature) + } catch { return false } } else if (type === 'Ed') { diff --git a/src/index.d.ts b/src/index.d.ts index 20d278d..323b16a 100644 --- a/src/index.d.ts +++ b/src/index.d.ts @@ -65,7 +65,7 @@ type VerifierCallback = (e: Error | TokenError | null, payload: any) => void type DecodedJwt = { header: Record payload: any - signature: string, + signature: string input: string } diff --git a/src/signer.js b/src/signer.js index ecb0c67..5e4cd1d 100644 --- a/src/signer.js +++ b/src/signer.js @@ -185,10 +185,7 @@ module.exports = function createSigner(options) { } = { clockTimestamp: 0, ...options } // Validate options - if ( - algorithm && - !supportedAlgorithms.has(algorithm) - ) { + if (algorithm && !supportedAlgorithms.has(algorithm)) { throw new TokenError( TokenError.codes.invalidOption, `The algorithm option must be one of the following values: ${supportedAlgorithmsList}.` @@ -239,7 +236,10 @@ module.exports = function createSigner(options) { expiresIn = parseMs(expiresIn) } if (typeof expiresIn !== 'number' || expiresIn < 0) { - throw new TokenError(TokenError.codes.invalidOption, 'The expiresIn option must be a positive number or a valid string.') + throw new TokenError( + TokenError.codes.invalidOption, + 'The expiresIn option must be a positive number or a valid string.' + ) } } @@ -248,7 +248,10 @@ module.exports = function createSigner(options) { notBefore = parseMs(notBefore) } if (typeof notBefore !== 'number' || notBefore < 0) { - throw new TokenError(TokenError.codes.invalidOption, 'The notBefore option must be a positive number or a valid string.') + throw new TokenError( + TokenError.codes.invalidOption, + 'The notBefore option must be a positive number or a valid string.' + ) } } diff --git a/test/compliance.spec.js b/test/compliance.spec.js index 5fc5932..67c1b48 100644 --- a/test/compliance.spec.js +++ b/test/compliance.spec.js @@ -24,8 +24,7 @@ const rsaPublicKey = asKey({ kty: 'RSA', kid: 'bilbo.baggins@hobbiton.example', use: 'sig', - n: - 'n4EPtAOCc9AlkeQHPzHStgAbgs7bTZLwUBZdR8_KuKPEHLd4rHVTeT-O-XV2jRojdNhxJWTDvNd7nqQ0VEiZQHz_AJmSCpMaJMRBSFKrKb2wqVwGU_NsYOYL-QtiWN2lbzcEe6XC0dApr5ydQLrHqkHHig3RBordaZ6Aj-oBHqFEHYpPe7Tpe-OfVfHd1E6cS6M1FZcD1NNLYD5lFHpPI9bTwJlsde3uhGqC0ZCuEHg8lhzwOHrtIQbS0FVbb9k3-tVTU4fg_3L_vniUFAKwuCLqKnS2BYwdq_mzSnbLY7h_qixoR7jig3__kRhuaxwUkRz5iaiQkqgc5gHdrNP5zw', + n: 'n4EPtAOCc9AlkeQHPzHStgAbgs7bTZLwUBZdR8_KuKPEHLd4rHVTeT-O-XV2jRojdNhxJWTDvNd7nqQ0VEiZQHz_AJmSCpMaJMRBSFKrKb2wqVwGU_NsYOYL-QtiWN2lbzcEe6XC0dApr5ydQLrHqkHHig3RBordaZ6Aj-oBHqFEHYpPe7Tpe-OfVfHd1E6cS6M1FZcD1NNLYD5lFHpPI9bTwJlsde3uhGqC0ZCuEHg8lhzwOHrtIQbS0FVbb9k3-tVTU4fg_3L_vniUFAKwuCLqKnS2BYwdq_mzSnbLY7h_qixoR7jig3__kRhuaxwUkRz5iaiQkqgc5gHdrNP5zw', e: 'AQAB' }).toPEM() @@ -33,21 +32,14 @@ const rsaPrivateKey = asKey({ kty: 'RSA', kid: 'bilbo.baggins@hobbiton.example', use: 'sig', - n: - 'n4EPtAOCc9AlkeQHPzHStgAbgs7bTZLwUBZdR8_KuKPEHLd4rHVTeT-O-XV2jRojdNhxJWTDvNd7nqQ0VEiZQHz_AJmSCpMaJMRBSFKrKb2wqVwGU_NsYOYL-QtiWN2lbzcEe6XC0dApr5ydQLrHqkHHig3RBordaZ6Aj-oBHqFEHYpPe7Tpe-OfVfHd1E6cS6M1FZcD1NNLYD5lFHpPI9bTwJlsde3uhGqC0ZCuEHg8lhzwOHrtIQbS0FVbb9k3-tVTU4fg_3L_vniUFAKwuCLqKnS2BYwdq_mzSnbLY7h_qixoR7jig3__kRhuaxwUkRz5iaiQkqgc5gHdrNP5zw', + n: 'n4EPtAOCc9AlkeQHPzHStgAbgs7bTZLwUBZdR8_KuKPEHLd4rHVTeT-O-XV2jRojdNhxJWTDvNd7nqQ0VEiZQHz_AJmSCpMaJMRBSFKrKb2wqVwGU_NsYOYL-QtiWN2lbzcEe6XC0dApr5ydQLrHqkHHig3RBordaZ6Aj-oBHqFEHYpPe7Tpe-OfVfHd1E6cS6M1FZcD1NNLYD5lFHpPI9bTwJlsde3uhGqC0ZCuEHg8lhzwOHrtIQbS0FVbb9k3-tVTU4fg_3L_vniUFAKwuCLqKnS2BYwdq_mzSnbLY7h_qixoR7jig3__kRhuaxwUkRz5iaiQkqgc5gHdrNP5zw', e: 'AQAB', - d: - 'bWUC9B-EFRIo8kpGfh0ZuyGPvMNKvYWNtB_ikiH9k20eT-O1q_I78eiZkpXxXQ0UTEs2LsNRS-8uJbvQ-A1irkwMSMkK1J3XTGgdrhCku9gRldY7sNA_AKZGh-Q661_42rINLRCe8W-nZ34ui_qOfkLnK9QWDDqpaIsA-bMwWWSDFu2MUBYwkHTMEzLYGqOe04noqeq1hExBTHBOBdkMXiuFhUq1BU6l-DqEiWxqg82sXt2h-LMnT3046AOYJoRioz75tSUQfGCshWTBnP5uDjd18kKhyv07lhfSJdrPdM5Plyl21hsFf4L_mHCuoFau7gdsPfHPxxjVOcOpBrQzwQ', - p: - '3Slxg_DwTXJcb6095RoXygQCAZ5RnAvZlno1yhHtnUex_fp7AZ_9nRaO7HX_-SFfGQeutao2TDjDAWU4Vupk8rw9JR0AzZ0N2fvuIAmr_WCsmGpeNqQnev1T7IyEsnh8UMt-n5CafhkikzhEsrmndH6LxOrvRJlsPp6Zv8bUq0k', - q: - 'uKE2dh-cTf6ERF4k4e_jy78GfPYUIaUyoSSJuBzp3Cubk3OCqs6grT8bR_cu0Dm1MZwWmtdqDyI95HrUeq3MP15vMMON8lHTeZu2lmKvwqW7anV5UzhM1iZ7z4yMkuUwFWoBvyY898EXvRD-hdqRxHlSqAZ192zB3pVFJ0s7pFc', - dp: - 'B8PVvXkvJrj2L-GYQ7v3y9r6Kw5g9SahXBwsWUzp19TVlgI-YV85q1NIb1rxQtD-IsXXR3-TanevuRPRt5OBOdiMGQp8pbt26gljYfKU_E9xn-RULHz0-ed9E9gXLKD4VGngpz-PfQ_q29pk5xWHoJp009Qf1HvChixRX59ehik', - dq: - 'CLDmDGduhylc9o7r84rEUVn7pzQ6PF83Y-iBZx5NT-TpnOZKF1pErAMVeKzFEl41DlHHqqBLSM0W1sOFbwTxYWZDm6sI6og5iTbwQGIC3gnJKbi_7k_vJgGHwHxgPaX2PnvP-zyEkDERuf-ry4c_Z11Cq9AqC2yeL6kdKT1cYF8', - qi: - '3PiqvXQN0zwMeE-sBvZgi289XP9XCQF3VWqPzMKnIgQp7_Tugo6-NZBKCQsMf3HaEGBjTVJs_jcK8-TRXvaKe-7ZMaQj8VfBdYkssbu0NKDDhjJ-GtiseaDVWt7dcH0cfwxgFUHpQh7FoCrjFJ6h6ZEpMF6xmujs4qMpPz8aaI4' + d: 'bWUC9B-EFRIo8kpGfh0ZuyGPvMNKvYWNtB_ikiH9k20eT-O1q_I78eiZkpXxXQ0UTEs2LsNRS-8uJbvQ-A1irkwMSMkK1J3XTGgdrhCku9gRldY7sNA_AKZGh-Q661_42rINLRCe8W-nZ34ui_qOfkLnK9QWDDqpaIsA-bMwWWSDFu2MUBYwkHTMEzLYGqOe04noqeq1hExBTHBOBdkMXiuFhUq1BU6l-DqEiWxqg82sXt2h-LMnT3046AOYJoRioz75tSUQfGCshWTBnP5uDjd18kKhyv07lhfSJdrPdM5Plyl21hsFf4L_mHCuoFau7gdsPfHPxxjVOcOpBrQzwQ', + p: '3Slxg_DwTXJcb6095RoXygQCAZ5RnAvZlno1yhHtnUex_fp7AZ_9nRaO7HX_-SFfGQeutao2TDjDAWU4Vupk8rw9JR0AzZ0N2fvuIAmr_WCsmGpeNqQnev1T7IyEsnh8UMt-n5CafhkikzhEsrmndH6LxOrvRJlsPp6Zv8bUq0k', + q: 'uKE2dh-cTf6ERF4k4e_jy78GfPYUIaUyoSSJuBzp3Cubk3OCqs6grT8bR_cu0Dm1MZwWmtdqDyI95HrUeq3MP15vMMON8lHTeZu2lmKvwqW7anV5UzhM1iZ7z4yMkuUwFWoBvyY898EXvRD-hdqRxHlSqAZ192zB3pVFJ0s7pFc', + dp: 'B8PVvXkvJrj2L-GYQ7v3y9r6Kw5g9SahXBwsWUzp19TVlgI-YV85q1NIb1rxQtD-IsXXR3-TanevuRPRt5OBOdiMGQp8pbt26gljYfKU_E9xn-RULHz0-ed9E9gXLKD4VGngpz-PfQ_q29pk5xWHoJp009Qf1HvChixRX59ehik', + dq: 'CLDmDGduhylc9o7r84rEUVn7pzQ6PF83Y-iBZx5NT-TpnOZKF1pErAMVeKzFEl41DlHHqqBLSM0W1sOFbwTxYWZDm6sI6og5iTbwQGIC3gnJKbi_7k_vJgGHwHxgPaX2PnvP-zyEkDERuf-ry4c_Z11Cq9AqC2yeL6kdKT1cYF8', + qi: '3PiqvXQN0zwMeE-sBvZgi289XP9XCQF3VWqPzMKnIgQp7_Tugo6-NZBKCQsMf3HaEGBjTVJs_jcK8-TRXvaKe-7ZMaQj8VfBdYkssbu0NKDDhjJ-GtiseaDVWt7dcH0cfwxgFUHpQh7FoCrjFJ6h6ZEpMF6xmujs4qMpPz8aaI4' }).toPEM(true) const ecPublicKey = asKey({ diff --git a/test/crypto.spec.js b/test/crypto.spec.js index 9cd7971..836d55a 100644 --- a/test/crypto.spec.js +++ b/test/crypto.spec.js @@ -5,12 +5,7 @@ const { readFileSync } = require('node:fs') const { resolve } = require('node:path') const { createVerifier, createSigner } = require('../src') -const { - hsAlgorithms, - rsaAlgorithms, - detectPrivateKeyAlgorithm, - detectPublicKeyAlgorithms -} = require('../src/crypto') +const { hsAlgorithms, rsaAlgorithms, detectPrivateKeyAlgorithm, detectPublicKeyAlgorithms } = require('../src/crypto') const start = Math.floor(Date.now() / 1000) @@ -342,8 +337,7 @@ for (const type of ['Ed25519', 'Ed448']) { await t.assert.rejects( createSigner({ algorithm: 'EdDSA', key: async () => 123 })({ payload: 'PAYLOAD' }), { - message: - 'The key returned from the callback must be a string or a buffer containing a secret or a private key.' + message: 'The key returned from the callback must be a string or a buffer containing a secret or a private key.' }, null ) diff --git a/test/decoder.spec.js b/test/decoder.spec.js index 58e7f36..500abb9 100644 --- a/test/decoder.spec.js +++ b/test/decoder.spec.js @@ -45,9 +45,13 @@ test('token must be well formed', t => { }) test('invalid header', t => { - t.assert.throws(() => defaultDecoder('a.b.c'), { message: 'The token header is not a valid base64url serialized JSON.' }) + t.assert.throws(() => defaultDecoder('a.b.c'), { + message: 'The token header is not a valid base64url serialized JSON.' + }) - t.assert.throws(() => defaultDecoder('Zm9v.b.c'), { message: 'The token header is not a valid base64url serialized JSON.' }) + t.assert.throws(() => defaultDecoder('Zm9v.b.c'), { + message: 'The token header is not a valid base64url serialized JSON.' + }) t.assert.throws(() => typDecoder(nonJwtToken), { message: 'The type must be "JWT".' }) }) @@ -65,12 +69,18 @@ test('invalid payload', t => { // RFC 7159 [RFC7159]; let the JWT Claims Set be this JSON object. test('payload must be a JSON object', t => { // string - t.assert.throws(() => defaultDecoder('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.MTIz.5frDWv6bqXyHPXl3oZYOTnALMCGwfEYjQZbke2iyR3Y'), { - message: 'The payload must be an object' - }) + t.assert.throws( + () => defaultDecoder('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.MTIz.5frDWv6bqXyHPXl3oZYOTnALMCGwfEYjQZbke2iyR3Y'), + { + message: 'The payload must be an object' + } + ) // null - t.assert.throws(() => defaultDecoder('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.bnVsbA.Y-B_ctjXNWaZlNk8kqfSZ06B8GSZvPAfhMz-pQ2prfo'), { - message: 'The payload must be an object' - }) + t.assert.throws( + () => defaultDecoder('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.bnVsbA.Y-B_ctjXNWaZlNk8kqfSZ06B8GSZvPAfhMz-pQ2prfo'), + { + message: 'The payload must be an object' + } + ) }) diff --git a/test/signer.spec.js b/test/signer.spec.js index b382542..30c86c3 100644 --- a/test/signer.spec.js +++ b/test/signer.spec.js @@ -474,7 +474,7 @@ test('it correctly handle errors - callback', t => { }, noTimestamp: true }, - (error, token) => { + error => { t.assert.ok(error instanceof TokenError) t.assert.equal(error.message, 'Cannot fetch key.') } @@ -490,7 +490,7 @@ test('it correctly validates the key received from the callback', t => { }, noTimestamp: true }, - (error, token) => { + error => { t.assert.ok(error instanceof TokenError) t.assert.equal( error.message, @@ -510,7 +510,7 @@ test('it correctly handle errors - evented callback', t => { noTimestamp: true, algorithm: 'RS256' }, - (error, token) => { + error => { t.assert.ok(error instanceof TokenError) t.assert.equal(error.message, 'Invalid private key provided for algorithm RS256.') } @@ -561,15 +561,18 @@ test('options validation - algorithm', async t => { test('options validation - key', async t => { t.assert.throws(() => createSigner({ key: 123 }), { - message: 'The key option must be a string, a buffer, an object containing key/passphrase properties or a function returning the algorithm secret or private key.' + message: + 'The key option must be a string, a buffer, an object containing key/passphrase properties or a function returning the algorithm secret or private key.' }) t.assert.throws(() => createSigner({ key: { key: privateKeys.PPRS } }), { - message: 'The key option must be a string, a buffer, an object containing key/passphrase properties or a function returning the algorithm secret or private key.' + message: + 'The key option must be a string, a buffer, an object containing key/passphrase properties or a function returning the algorithm secret or private key.' }) t.assert.throws(() => createSigner({ key: { passphrase: 'secret' } }), { - message: 'The key option must be a string, a buffer, an object containing key/passphrase properties or a function returning the algorithm secret or private key.' + message: + 'The key option must be a string, a buffer, an object containing key/passphrase properties or a function returning the algorithm secret or private key.' }) t.assert.throws(() => createSigner({ algorithm: 'none', key: 123 }), { diff --git a/test/types.spec.ts b/test/types.spec.ts index a7c33fa..f164bab 100644 --- a/test/types.spec.ts +++ b/test/types.spec.ts @@ -1,7 +1,5 @@ -/* eslint-disable no-unused-expressions */ /* eslint-disable @typescript-eslint/no-unused-expressions */ /* eslint-disable @typescript-eslint/no-unused-vars */ -/* eslint-disable @typescript-eslint/no-empty-function */ import { createDecoder, diff --git a/test/verifier.spec.js b/test/verifier.spec.js index c898999..d722e2c 100644 --- a/test/verifier.spec.js +++ b/test/verifier.spec.js @@ -250,7 +250,7 @@ test('it correctly handle errors - callback', t => { callback(new Error('FAILED')) } }, - (error, token) => { + error => { t.assert.ok(error instanceof TokenError) t.assert.equal(error.message, 'Cannot fetch key.') } @@ -265,7 +265,7 @@ test('it correctly handle errors - evented callback', t => { process.nextTick(() => callback(null, 'FAILED')) } }, - (error, token) => { + error => { t.assert.ok(error instanceof TokenError) t.assert.equal(error.message, 'The token signature is invalid.') }