From c1aaa8d9b88d50a1b402f95a11ffcc3b1a531bc3 Mon Sep 17 00:00:00 2001
From: Justin Beckwith <beckwith@google.com>
Date: Sun, 12 Nov 2017 15:29:34 -0800
Subject: [PATCH] Add types for jws

---
 types/jws/index.d.ts    | 152 ++++++++++++++++++++++++++++++++++++++++
 types/jws/jws-tests.ts  |  51 ++++++++++++++
 types/jws/tsconfig.json |  23 ++++++
 types/jws/tslint.json   |   1 +
 4 files changed, 227 insertions(+)
 create mode 100644 types/jws/index.d.ts
 create mode 100644 types/jws/jws-tests.ts
 create mode 100644 types/jws/tsconfig.json
 create mode 100644 types/jws/tslint.json

diff --git a/types/jws/index.d.ts b/types/jws/index.d.ts
new file mode 100644
index 0000000000..f384fadefc
--- /dev/null
+++ b/types/jws/index.d.ts
@@ -0,0 +1,152 @@
+// Type definitions for jws 3.1
+// Project: https://github.com/brianloveswords/node-jws
+// Definitions by: Justin Beckwith <https://github.com/JustinBeckwith>
+// Definitions: https://github.com/DefinitelyTyped/DefinitelyTyped
+
+/// <reference types="node" />
+
+import * as events from 'events';
+import * as stream from 'stream';
+
+/**
+ * (Synchronous) Return a JSON Web Signature for a header
+ * and a payload.
+ */
+export function sign(options: SignOptions): string;
+
+/**
+ * (Synchronous) Returns true or false for whether a signature
+ * matches a secret or key.
+ * @param signature JWS Signature
+ * @param algorithm Algorithm
+ * @param secretOrKey string or buffer containing either the secret
+ * for HMAC algorithms, or the PEM encoded public key for RSA and ECDSA
+ */
+export function verify(signature: string, algorithm: Algorithm, secretOrKey: string|Buffer): boolean;
+
+/**
+ * (Synchronous) Returns the decoded header, decoded payload,
+ * and signature parts of the JWS Signature.
+ */
+export function decode(signature: string): Signature;
+
+/**
+ * Returns a new SignStream object.
+ */
+export function createSign(options: SignOptions): SignStream;
+
+/**
+ * Returns a new VerifyStream object.
+ */
+export function createVerify(options?: VerifyOptions): VerifyStream;
+
+/**
+ * A Readable Stream that emits a single data event, the
+ * calculated signature, when done.
+ */
+export interface SignStream extends stream.Readable {
+    /**
+     * A Writable Stream that expects the JWS payload. Do not
+     * use if you passed a payload option to the constructor.
+     *
+     *  Example: payloadStream.pipe(signer.payload);
+     */
+    payload: stream.Writable;
+
+    /**
+     * Can be a string, Buffer, Readable stream, or object.
+     */
+    secret: any;
+
+    /**
+     * Can be a string, Buffer, Readable stream, or object.
+     */
+    key: any;
+
+    /**
+     * A Writable Stream. Expects the JWS secret for HMAC, or
+     * the privateKey for ECDSA and RSA. Do not use if you
+     * passed a secret or key option to the constructor.
+     *
+     * Example: privateKeyStream.pipe(signer.privateKey);
+     */
+    privateKey: any;
+}
+
+/**
+ * This is a Readable Stream that emits a single data event,
+ * the result of whether or not that signature was valid.
+ */
+export interface VerifyStream extends events.EventEmitter {
+    /**
+     * A Writable Stream that expects a JWS Signature. Do not
+     * use if you passed a signature option to the constructor.
+     */
+    signature: stream.Writable;
+
+    /**
+     * Secret.  Can be a string, buffer, or object.
+     */
+    secret: any;
+
+    /**
+     * Key.  Can be a string, buffer, or object.
+     */
+    key: any;
+
+    /**
+     * A Writable Stream that expects a public key or secret.
+     * Do not use if you passed a key or secret option to the
+     * constructor.
+     */
+    publicKey: stream.Writable;
+}
+
+export interface Signature {
+    header: Header;
+    payload: any;
+    signature: string;
+}
+
+export interface SignOptions {
+    header: Header;
+
+    /**
+     * Can be a string, Buffer, Readable stream, or object.
+     */
+    payload?: any;
+
+    /**
+     * Can be a string, Buffer, Readable stream, or object.
+     */
+    key?: any;
+
+    /**
+     * Can be a string, Buffer, Readable stream, or object.
+     */
+    secret?: any;
+
+    /**
+     * Can be a string, Buffer, Readable stream, or object.
+     */
+    privateKey?: any;
+
+    encoding?: string|Buffer|stream.Readable;
+}
+
+export interface VerifyOptions {
+    signature?: string|Buffer|stream.Readable;
+    algorithm?: Algorithm|Buffer|stream.Readable;
+    key?: string|stream.Readable|Buffer;
+    secret?: string|stream.Readable|Buffer;
+    publicKey?: string|stream.Readable|Buffer;
+    encoding?: string|Buffer|stream.Readable;
+}
+
+export type Algorithm = 'HS256' | 'HS384' | 'HS512' | 'RS256' |
+                        'RS384' | 'RS512' | 'ES256' | 'ES384' |
+                        'ES512' | 'none';
+
+export interface Header {
+    alg: Algorithm;
+}
diff --git a/types/jws/jws-tests.ts b/types/jws/jws-tests.ts
new file mode 100644
index 0000000000..d5271b24ca
--- /dev/null
+++ b/types/jws/jws-tests.ts
@@ -0,0 +1,51 @@
+/**
+ * Tests are built by copying samples from the github repository:
+ * https://github.com/brianloveswords/node-jws
+ */
+
+import * as jws from 'jws';
+import * as fs from "fs";
+
+// set up mock objects
+const fakeStream = fs.createReadStream('fakefile');
+const privateKeyStream = fakeStream;
+const payloadStream = fakeStream;
+const pubKeyStream = fakeStream;
+const sigStream = fakeStream;
+
+// jws.sign
+const signature = jws.sign({
+  header: { alg: 'HS256' },
+  payload: 'h. jon benjamin',
+  secret: 'has a van',
+});
+
+// jws.decode
+const message = jws.decode('djfakdid');
+
+// jws.createSign
+jws.createSign({
+  header: { alg: 'RS256' },
+  privateKey: privateKeyStream,
+  payload: payloadStream,
+}).on('done', signature => {});
+
+// jws.createSign no params
+const signer = jws.createSign({
+  header: { alg: 'RS256' },
+});
+privateKeyStream.pipe(signer.privateKey);
+payloadStream.pipe(signer.payload);
+signer.on('done', signature => {});
+
+// jws.createVerify
+jws.createVerify({
+  publicKey: pubKeyStream,
+  signature: sigStream,
+}).on('done', (verified, obj) => {});
+
+// jws.createVerify with no options
+const verifier = jws.createVerify();
+pubKeyStream.pipe(verifier.publicKey);
+sigStream.pipe(verifier.signature);
+verifier.on('done', (verified, obj) => {});
diff --git a/types/jws/tsconfig.json b/types/jws/tsconfig.json
new file mode 100644
index 0000000000..a8a2f625d3
--- /dev/null
+++ b/types/jws/tsconfig.json
@@ -0,0 +1,23 @@
+{
+    "compilerOptions": {
+        "module": "commonjs",
+        "lib": [
+            "es6"
+        ],
+        "noImplicitAny": true,
+        "noImplicitThis": true,
+        "strictNullChecks": true,
+        "strictFunctionTypes": true,
+        "baseUrl": "../",
+        "typeRoots": [
+            "../"
+        ],
+        "types": [],
+        "noEmit": true,
+        "forceConsistentCasingInFileNames": true
+    },
+    "files": [
+        "index.d.ts",
+        "jws-tests.ts"
+    ]
+}
diff --git a/types/jws/tslint.json b/types/jws/tslint.json
new file mode 100644
index 0000000000..3db14f85ea
--- /dev/null
+++ b/types/jws/tslint.json
@@ -0,0 +1 @@
+{ "extends": "dtslint/dt.json" }