+12
-30
@@ -4,7 +4,6 @@ import logger from 'log'
|
||||
|
||||
const log = logger('crypto:jwt')
|
||||
|
||||
export type JWTstring = `${string}.${string}.${string}`
|
||||
export type JWTalgorithm = "HS256" | "HS512" | "ES256" | "ES512" | "EdDSA"
|
||||
export type Key = jose.KeyLike | Uint8Array
|
||||
/** KeyPair for asymmetric algorithms, [PrivKey, PubKey] */
|
||||
@@ -17,8 +16,8 @@ export class JWTcontext {
|
||||
) {}
|
||||
|
||||
public static async gen_key(alg: JWTalgorithm, extractable: boolean = false) : Promise<Key | KeyPair> {
|
||||
log.trace(`Generate new ${alg} key`)
|
||||
log.debug('Key extractable :', extractable ? 'yes' : 'no')
|
||||
log.debug(`Generate new ${alg} key`)
|
||||
log.trace('Key extractable :', extractable ? 'yes' : 'no')
|
||||
|
||||
switch (alg) {
|
||||
case "HS256":
|
||||
@@ -34,15 +33,15 @@ export class JWTcontext {
|
||||
}
|
||||
}
|
||||
|
||||
public async sign<T>(message: T, set_issued: boolean = false, exp?: number | string | Date, audience?: string | string[], issuer?: string): Promise<JWT<T>> {
|
||||
log.trace('sign JWT')
|
||||
log.debug('Config :', {
|
||||
public async sign<T>(message: T, set_issued: boolean = false, exp?: number | string | Date, audience?: string | string[], issuer?: string): Promise<string> {
|
||||
log.debug('sign JWT')
|
||||
log.trace('Config :', {
|
||||
set_issued,
|
||||
exp,
|
||||
issuer,
|
||||
})
|
||||
|
||||
let jwt = new jose.SignJWT({payload: message}).setProtectedHeader({ alg: this.alg })
|
||||
let jwt = new jose.SignJWT({message}).setProtectedHeader({ alg: this.alg })
|
||||
|
||||
if (set_issued) jwt = jwt.setIssuedAt()
|
||||
if (issuer !== undefined) jwt = jwt.setIssuer(issuer)
|
||||
@@ -50,20 +49,18 @@ export class JWTcontext {
|
||||
if (exp !== undefined) jwt = jwt.setExpirationTime(exp)
|
||||
|
||||
const key = this.get_key(true)
|
||||
const res = await jwt.sign(key) as JWTstring
|
||||
|
||||
return new JWT<T>(res)
|
||||
return await jwt.sign(key)
|
||||
}
|
||||
|
||||
public async verify<T>(jwt: JWT<T>, audience?: string | string[], issuer?: string | string[]): Promise<Result<T>> {
|
||||
log.trace('Verify JWT')
|
||||
log.debug('Issuers :', issuer)
|
||||
public async verify<T>(jwt: string, audience?: string | string[], issuer?: string | string[]): Promise<Result<T>> {
|
||||
log.debug('Verify JWT')
|
||||
log.trace('Issuers :', issuer)
|
||||
|
||||
const key = this.get_key(false)
|
||||
|
||||
try {
|
||||
let payload = await jose.jwtVerify(jwt.jwt, key)
|
||||
return Result.ok(payload.payload.payload as T)
|
||||
let payload = await jose.jwtVerify(jwt, key)
|
||||
return Result.ok(payload.payload.message as T)
|
||||
} catch(e) {
|
||||
log.warn('JWT verification failed')
|
||||
log.debug(`Error : ${e}`)
|
||||
@@ -84,18 +81,3 @@ export class JWTcontext {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
export class JWT<T> {
|
||||
public constructor(
|
||||
public readonly _jwt: `${string}.${string}.${string}`
|
||||
) {}
|
||||
|
||||
public get payload() : T {
|
||||
log.trace("Decode payload of JWT")
|
||||
return jose.decodeJwt(this.jwt).payload as T
|
||||
}
|
||||
|
||||
public get jwt() : JWTstring {
|
||||
return this._jwt
|
||||
}
|
||||
}
|
||||
|
||||
@@ -23,9 +23,6 @@ test('Base case', async () => {
|
||||
for (const context of contexts.values()) {
|
||||
const jwt = await context.sign(payload, true, "2 days", "pascal", "server")
|
||||
|
||||
const decoded = jwt.payload
|
||||
expect(decoded).toEqual(payload)
|
||||
|
||||
const verified = (await context.verify(jwt, "pascal", "server")).expect("Should verify the JWT")
|
||||
expect(verified).toEqual(payload)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user