feat: add configurable jwt token sign options

energywebfoundation · Jan 22, 2021 · c82d9ad · c82d9ad
1 parent c6970ca
commit c82d9ad
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 12 deletions.
diff --git a/lib/BaseStrategy.ts b/lib/BaseStrategy.ts
@@ -17,8 +17,8 @@ export abstract class BaseStrategy extends Strategy {
    * @abstract
    * @description contains token validation logic
    * @param token  serialized claims
-   * @param tokenPayload claim payload 
-   * @param done 
+   * @param tokenPayload claim payload
+   * @param done
    */
   abstract validate(
     token: string,
@@ -28,40 +28,40 @@ export abstract class BaseStrategy extends Strategy {
   /**
    * @abstract
    * @description extracts token from request
-   * 
+   *
    * @param req object than encapsules request to protected endpoint
    * @returns encoded token
    */
   abstract extractToken(req: Request): string
   /**
    * @abstract
    * @description decodes token payload
-   * 
+   *
    * @param token encoded payload
    * @returns decoded payload fields
    */
   abstract decodeToken(token: string): string | { [key: string]: any }
   /**
    * @abstract
    * @description fetches claims published by the did
-   * 
+   *
    * @param did
    */
   abstract getUserClaims(did: string): Promise<Claim[]>
 
   /**
    * @constructor
    */
-  constructor({name}: StrategyOptions) {
+  constructor({ name }: StrategyOptions) {
     super()
     this.name = name
   }
 
   /**
    * @description template method to authenticate DID
-   * 
+   *
    * @param req
-   * @param options 
+   * @param options
    */
   authenticate(req: Request, options: AuthenticateOptions) {
     const self = this

diff --git a/lib/LoginStrategy.ts b/lib/LoginStrategy.ts
@@ -25,7 +25,6 @@ import { DidStore } from '@ew-did-registry/did-ipfs-store'
 const { abi: abi1056 } = ethrReg
 
 interface LoginStrategyOptions extends StrategyOptions {
-  jwtSecret: string
   claimField?: string
   rpcUrl: string
   cacheServerUrl?: string
@@ -34,11 +33,14 @@ interface LoginStrategyOptions extends StrategyOptions {
   didContractAddress?: string
   ipfsUrl?: string
   acceptedRoles?: string[]
+  jwtSecret: string | Buffer
+  jwtSignOptions?: jwt.SignOptions
 }
 
 export class LoginStrategy extends BaseStrategy {
   private claimField: string
-  private jwtSecret: string
+  private jwtSecret: string | Buffer
+  private jwtSignOptions?: jwt.SignOptions
   private provider: providers.JsonRpcProvider
   private httpClient: AxiosInstance | undefined
   private numberOfBlocksBack: number
@@ -53,6 +55,7 @@ export class LoginStrategy extends BaseStrategy {
       cacheServerUrl,
       numberOfBlocksBack = 4,
       jwtSecret,
+      jwtSignOptions,
       ensResolverAddress = '0x0a97e07c4Df22e2e31872F20C5BE191D5EFc4680',
       didContractAddress = VoltaAddress1056,
       ipfsUrl = 'https://ipfs.infura.io:5001/api/v0/',
@@ -83,6 +86,7 @@ export class LoginStrategy extends BaseStrategy {
     this.numberOfBlocksBack = numberOfBlocksBack
     this.jwtSecret = jwtSecret
     this.acceptedRoles = acceptedRoles && new Set(acceptedRoles)
+    this.jwtSignOptions = jwtSignOptions
   }
   /**
    * @description verifies issuer signature, then check that claim issued
@@ -169,8 +173,8 @@ export class LoginStrategy extends BaseStrategy {
    * @param data payload to encode
    * @param options
    */
-  encodeToken(data: any, options?: jwt.SignOptions) {
-    return jwt.sign(data, this.jwtSecret, options)
+  encodeToken(data: any) {
+    return jwt.sign(data, this.jwtSecret, this.jwtSignOptions)
   }
 
   /**