Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

support notBefore and expiresIn as strings #364

Merged
merged 3 commits into from
Aug 10, 2023
Merged

support notBefore and expiresIn as strings #364

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
a873f47
support notBefore and expiresIn as strings
Aug 10, 2023
c49c015
add lib (ms) url to readme
Aug 10, 2023
d5ae6cf
make tests async and remove t.end()
Aug 10, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 6 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,13 @@ Create a signer function by calling `createSigner` and providing one or more of

- `mutatePayload`: If set to `true`, the original payload will be modified in place (via `Object.assign`) by the signing function. This is useful if you need a raw reference to the payload after claims have been applied to it but before it has been encoded into a token. Default is `false`.

- `expiresIn`: Time span (in milliseconds) after which the token expires, added as the `exp` claim in the payload as defined by the [section 4.1.4 of RFC 7519](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.4). This will override any existing value in the claim.
- `expiresIn`: Time span (in milliseconds or text describing time) after which the token expires, added as the `exp` claim in the payload as defined by the [section 4.1.4 of RFC 7519](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.4). This will override any existing value in the claim.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

rather, or in addition to providing explicit example, mention the library we use to parse the string format of the time. it's a popular library so mentioning that one is more explanatory than providing explicit examples

> Eg: `60`, `"2 days"`, `"10h"`, `"7d"`. A numeric value is interpreted as a seconds count. If you use a string be sure you provide the time units (days, hours, etc), otherwise milliseconds unit is used by default (`"120"` is equal to `"120ms"`).
For more info look into [@lukeed/ms](https://www.npmjs.com/package/@lukeed/ms).

- `notBefore`: Time span (in milliseconds) before the token is active, added as the `nbf` claim in the payload as defined by the [section 4.1.5 of RFC 7519](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.5). This will override any existing value in the claim.
- `notBefore`: Time span (in milliseconds or text describing time) before the token is active, added as the `nbf` claim in the payload as defined by the [section 4.1.5 of RFC 7519](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.5). This will override any existing value in the claim.
> Eg: `60`, `"2 days"`, `"10h"`, `"7d"`. A numeric value is interpreted as a seconds count. If you use a string be sure you provide the time units (days, hours, etc), otherwise milliseconds unit is used by default (`"120"` is equal to `"120ms"`).
For more info look into [@lukeed/ms](https://www.npmjs.com/package/@lukeed/ms).

- `jti`: The token unique identifier, added as the `jti` claim in the payload as defined by the [section 4.1.7 of RFC 7519](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.7). This will override any existing value in the claim.

Expand Down
1 change: 1 addition & 0 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@
"benchmark:auth0": "node benchmarks/auth0.mjs"
},
"dependencies": {
"@lukeed/ms": "^2.0.1",
"asn1.js": "^5.4.1",
"ecdsa-sig-formatter": "^1.0.11",
"mnemonist": "^0.39.5"
Expand Down
19 changes: 15 additions & 4 deletions src/signer.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ const {
const { TokenError } = require('./error')
const { getAsyncKey, ensurePromiseCallback } = require('./utils')
const { createPrivateKey, createSecretKey } = require('crypto')
const { parse: parseMs } = require('@lukeed/ms')

const supportedAlgorithms = new Set([...hsAlgorithms, ...esAlgorithms, ...rsaAlgorithms, ...edAlgorithms, 'none'])

Expand Down Expand Up @@ -240,12 +241,22 @@ module.exports = function createSigner(options) {
key = prepareKeyOrSecret(key, algorithm)
}

if (expiresIn && (typeof expiresIn !== 'number' || expiresIn < 0)) {
throw new TokenError(TokenError.codes.invalidOption, 'The expiresIn option must be a positive number.')
if (expiresIn) {
if (typeof expiresIn === 'string') {
expiresIn = parseMs(expiresIn)
}
if (typeof expiresIn !== 'number' || expiresIn < 0) {
throw new TokenError(TokenError.codes.invalidOption, 'The expiresIn option must be a positive number or a valid string.')
}
}

if (notBefore && (typeof notBefore !== 'number' || notBefore < 0)) {
throw new TokenError(TokenError.codes.invalidOption, 'The notBefore option must be a positive number.')
if (notBefore) {
if (typeof notBefore === 'string') {
notBefore = parseMs(notBefore)
}
if (typeof notBefore !== 'number' || notBefore < 0) {
throw new TokenError(TokenError.codes.invalidOption, 'The notBefore option must be a positive number or a valid string.')
}
}

if (clockTimestamp && (typeof clockTimestamp !== 'number' || clockTimestamp < 0)) {
Expand Down
Loading
Loading