From a7cee68fdf8d91403e1b0fe1e18e9c6aff22c8cf Mon Sep 17 00:00:00 2001 From: SomaticIT Date: Sun, 14 Sep 2014 23:04:50 +0200 Subject: [PATCH 1/4] Add jsonwebtoken node module definitions --- jsonwebtoken/jsonwebtoken.d.ts | 66 ++++++++++++++++++++++++++++++++++ 1 file changed, 66 insertions(+) create mode 100644 jsonwebtoken/jsonwebtoken.d.ts diff --git a/jsonwebtoken/jsonwebtoken.d.ts b/jsonwebtoken/jsonwebtoken.d.ts new file mode 100644 index 0000000000..16256c24af --- /dev/null +++ b/jsonwebtoken/jsonwebtoken.d.ts @@ -0,0 +1,66 @@ +// Type definitions for jsonwebtoken 0.4.0 +// Project: https://github.com/auth0/node-jsonwebtoken +// Definitions by: Maxime LUCE +// Definitions: https://github.com/borisyankov/DefinitelyTyped + +declare module "jsonwebtoken" { + + interface SignOptions { + /** + * Signature algorithm. Could be one of these values : + * - HS256: HMAC using SHA-256 hash algorithm + * - HS384: HMAC using SHA-384 hash algorithm + * - HS512: HMAC using SHA-512 hash algorithm + * - RS256: RSASSA using SHA-256 hash algorithm + * - RS384: RSASSA using SHA-384 hash algorithm + * - RS512: RSASSA using SHA-512 hash algorithm + * - ES256: ECDSA using P-256 curve and SHA-256 hash algorithm + * - ES384: ECDSA using P-384 curve and SHA-384 hash algorithm + * - ES512: ECDSA using P-521 curve and SHA-512 hash algorithm + * - none: No digital signature or MAC value included + */ + algorithm?: string; + /** @member {number} - Lifetime for the token in minutes */ + expiresInMinutes?: number; + audience?: string; + subject?: string; + issuer?: string; + } + + interface VerifyOptions { + audience?: string; + issuer?: string; + } + + /** + * Sign the given payload into a JSON Web Token string + * @param {string|object|buffer} payload - Payload to sign, could be an literal, buffer or string + * @param {string|buffer} secretOrPrivateKey - Either the secret for HMAC algorithms, or the PEM encoded private key for RSA and ECDSA. + * @param {SignOptions} options - Options for the signature + * @returns The JSON Web Token string + */ + function sign(payload: any, secretOrPrivateKey: any, options?: SignOptions): string; + + /** + * Verify given token using a secret or a public key to get a decoded token + * @param {string} token - JWT string to verify + * @param {string|buffer} secretOrPublicKey - Either the secret for HMAC algorithms, or the PEM encoded public key for RSA and ECDSA. + * @param {Function} callback - Callback to get the decoded token on + */ + function verify(token: string, secretOrPublicKey: any, callback: (err: Error, decoded: {}) => void): void; + /** + * Verify given token using a secret or a public key to get a decoded token + * @param {string} token - JWT string to verify + * @param {string|buffer} secretOrPublicKey - Either the secret for HMAC algorithms, or the PEM encoded public key for RSA and ECDSA. + * @param {VerifyOptions} options - Options for the verification + * @param {Function} callback - Callback to get the decoded token on + */ + function verify(token: string, secretOrPublicKey: any, options: VerifyOptions, callback: (err: Error, decoded: {}) => void): void; + + /** + * Returns the decoded payload without verifying if the signature is valid. + * @param {string} token - JWT string to decode + * @returns The decoded Token + */ + function decode(token: string): {}; +} From d6fe5776f8d135b3293e5fa2f9d01f8417ffab9d Mon Sep 17 00:00:00 2001 From: SomaticIT Date: Mon, 15 Sep 2014 19:28:51 +0200 Subject: [PATCH 2/4] Add test suite for jsonwebtoken package --- jsonwebtoken/jsonwebtoken-tests.ts | 64 ++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) create mode 100644 jsonwebtoken/jsonwebtoken-tests.ts diff --git a/jsonwebtoken/jsonwebtoken-tests.ts b/jsonwebtoken/jsonwebtoken-tests.ts new file mode 100644 index 0000000000..52f1163353 --- /dev/null +++ b/jsonwebtoken/jsonwebtoken-tests.ts @@ -0,0 +1,64 @@ +/** + * Test suite created by Maxime LUCE + * + * Created by using code samples from https://github.com/auth0/node-jsonwebtoken. + */ + +/// +/// + +import jwt = require("jsonwebtoken"); +import fs = require("fs"); + +var token: string; +var cert: Buffer; + +/** + * jwt.sign + * https://github.com/auth0/node-jsonwebtoken#usage + */ +// sign with default (HMAC SHA256) +token = jwt.sign({ foo: 'bar' }, 'shhhhh'); + +// sign with RSA SHA256 +cert = fs.readFileSync('private.key'); // get private key +token = jwt.sign({ foo: 'bar' }, cert, { algorithm: 'RS256'}); + +/** + * jwt.verify + * https://github.com/auth0/node-jsonwebtoken#jwtverifytoken-secretorpublickey-options-callback + */ +// verify a token symmetric +jwt.verify(token, 'shhhhh', function(err, decoded) { + console.log(decoded.foo) // bar +}); + +// invalid token +jwt.verify(token, 'wrong-secret', function(err, decoded) { + // err + // decoded undefined +}); + +// verify a token asymmetric +cert = fs.readFileSync('public.pem'); // get public key +jwt.verify(token, cert, function(err, decoded) { + console.log(decoded.foo) // bar +}); + +// verify audience +cert = fs.readFileSync('public.pem'); // get public key +jwt.verify(token, cert, { audience: 'urn:foo' }, function(err, decoded) { + // if audience mismatch, err == invalid audience +}); + +// verify issuer +cert = fs.readFileSync('public.pem'); // get public key +jwt.verify(token, cert, { audience: 'urn:foo', issuer: 'urn:issuer' }, function(err, decoded) { + // if issuer mismatch, err == invalid issuer +}); + +/** + * jwt.decode + * https://github.com/auth0/node-jsonwebtoken#jwtdecodetoken + */ +var decoded = jwt.decode(token); From 3f84d98bbac155c5f641c96e7e0d42c8cdb74c96 Mon Sep 17 00:00:00 2001 From: SomaticIT Date: Mon, 15 Sep 2014 19:38:14 +0200 Subject: [PATCH 3/4] Improve functions definitions --- jsonwebtoken/jsonwebtoken.d.ts | 55 +++++++++++++++++++++------------- 1 file changed, 34 insertions(+), 21 deletions(-) diff --git a/jsonwebtoken/jsonwebtoken.d.ts b/jsonwebtoken/jsonwebtoken.d.ts index 16256c24af..4deaf36ce1 100644 --- a/jsonwebtoken/jsonwebtoken.d.ts +++ b/jsonwebtoken/jsonwebtoken.d.ts @@ -3,9 +3,11 @@ // Definitions by: Maxime LUCE // Definitions: https://github.com/borisyankov/DefinitelyTyped +/// + declare module "jsonwebtoken" { - interface SignOptions { + export interface SignOptions { /** * Signature algorithm. Could be one of these values : * - HS256: HMAC using SHA-256 hash algorithm @@ -27,40 +29,51 @@ declare module "jsonwebtoken" { issuer?: string; } - interface VerifyOptions { + export interface VerifyOptions { audience?: string; issuer?: string; } + export interface VerifyCallbak { + (err: Error, decoded: any): void; + } + /** * Sign the given payload into a JSON Web Token string - * @param {string|object|buffer} payload - Payload to sign, could be an literal, buffer or string - * @param {string|buffer} secretOrPrivateKey - Either the secret for HMAC algorithms, or the PEM encoded private key for RSA and ECDSA. - * @param {SignOptions} options - Options for the signature - * @returns The JSON Web Token string + * @param {String|Object|Buffer} payload - Payload to sign, could be an literal, buffer or string + * @param {String|Buffer} secretOrPrivateKey - Either the secret for HMAC algorithms, or the PEM encoded private key for RSA and ECDSA. + * @param {SignOptions} [options] - Options for the signature + * @returns {String} The JSON Web Token string */ - function sign(payload: any, secretOrPrivateKey: any, options?: SignOptions): string; + export function sign(payload: string, secretOrPrivateKey: string): string; + export function sign(payload: string, secretOrPrivateKey: Buffer): string; + export function sign(payload: Buffer, secretOrPrivateKey: string): string; + export function sign(payload: Buffer, secretOrPrivateKey: Buffer): string; + export function sign(payload: Object, secretOrPrivateKey: string): string; + export function sign(payload: Object, secretOrPrivateKey: Buffer): string; + export function sign(payload: string, secretOrPrivateKey: string, options: SignOptions): string; + export function sign(payload: string, secretOrPrivateKey: Buffer, options: SignOptions): string; + export function sign(payload: Buffer, secretOrPrivateKey: string, options: SignOptions): string; + export function sign(payload: Buffer, secretOrPrivateKey: Buffer, options: SignOptions): string; + export function sign(payload: Object, secretOrPrivateKey: string, options: SignOptions): string; + export function sign(payload: Object, secretOrPrivateKey: Buffer, options: SignOptions): string; /** * Verify given token using a secret or a public key to get a decoded token - * @param {string} token - JWT string to verify - * @param {string|buffer} secretOrPublicKey - Either the secret for HMAC algorithms, or the PEM encoded public key for RSA and ECDSA. + * @param {String} token - JWT string to verify + * @param {String|Buffer} secretOrPublicKey - Either the secret for HMAC algorithms, or the PEM encoded public key for RSA and ECDSA. + * @param {VerifyOptions} [options] - Options for the verification * @param {Function} callback - Callback to get the decoded token on */ - function verify(token: string, secretOrPublicKey: any, callback: (err: Error, decoded: {}) => void): void; - /** - * Verify given token using a secret or a public key to get a decoded token - * @param {string} token - JWT string to verify - * @param {string|buffer} secretOrPublicKey - Either the secret for HMAC algorithms, or the PEM encoded public key for RSA and ECDSA. - * @param {VerifyOptions} options - Options for the verification - * @param {Function} callback - Callback to get the decoded token on - */ - function verify(token: string, secretOrPublicKey: any, options: VerifyOptions, callback: (err: Error, decoded: {}) => void): void; + function verify(token: string, secretOrPublicKey: string, callback: VerifyCallbak): void; + function verify(token: string, secretOrPublicKey: Buffer, callback: VerifyCallbak): void; + function verify(token: string, secretOrPublicKey: string, options: VerifyOptions, callback: VerifyCallbak): void; + function verify(token: string, secretOrPublicKey: Buffer, options: VerifyOptions, callback: VerifyCallbak): void; /** * Returns the decoded payload without verifying if the signature is valid. - * @param {string} token - JWT string to decode - * @returns The decoded Token + * @param {String} token - JWT string to decode + * @returns {Object} The decoded Token */ - function decode(token: string): {}; + function decode(token: string): any; } From c078217a5a2f27f655192861b10d6376fdb3f858 Mon Sep 17 00:00:00 2001 From: SomaticIT Date: Tue, 16 Sep 2014 04:26:46 +0200 Subject: [PATCH 4/4] Add jsonwebtoken to contributors.md --- CONTRIBUTORS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md index ef83ff093c..7257af2445 100644 --- a/CONTRIBUTORS.md +++ b/CONTRIBUTORS.md @@ -210,6 +210,7 @@ All definitions files include a header with the author and editors, so at some p * [JSDeferred](http://cho45.stfuawsc.com/jsdeferred/) (by [Daisuke Mino](https://github.com/minodisk)) * [JSONEditorOnline](https://github.com/josdejong/jsoneditoronline) (by [Vincent Bortone](https://github.com/vbortone/)) * [JSON-Pointer](https://www.npmjs.org/package/json-pointer) (by [Bart van der Schoor](https://github.com/Bartvds)) +* [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) (by [Maxime LUCE](https://github.com/SomaticIT)) * [JsRender](http://www.jsviews.com/#jsrender) (by [Kensuke MATSUZAKI](https://github.com/zakki)) * [jStorage](http://www.jstorage.info/) (by [Danil Flores](https://github.com/dflor003/)) * [jsTree](http://www.jstree.com/) (by [Adam Pluciński](https://github.com/adaskothebeast))