From c82d9adc0ad6a3799851d06c9a9938dd12d329eb Mon Sep 17 00:00:00 2001 From: Daniel Wojno Date: Fri, 22 Jan 2021 10:53:45 +0100 Subject: [PATCH] feat: add configurable jwt token sign options --- lib/BaseStrategy.ts | 16 ++++++++-------- lib/LoginStrategy.ts | 12 ++++++++---- 2 files changed, 16 insertions(+), 12 deletions(-) diff --git a/lib/BaseStrategy.ts b/lib/BaseStrategy.ts index ffb32e2..59af13b 100644 --- a/lib/BaseStrategy.ts +++ b/lib/BaseStrategy.ts @@ -17,8 +17,8 @@ export abstract class BaseStrategy extends Strategy { * @abstract * @description contains token validation logic * @param token serialized claims - * @param tokenPayload claim payload - * @param done + * @param tokenPayload claim payload + * @param done */ abstract validate( token: string, @@ -28,7 +28,7 @@ export abstract class BaseStrategy extends Strategy { /** * @abstract * @description extracts token from request - * + * * @param req object than encapsules request to protected endpoint * @returns encoded token */ @@ -36,7 +36,7 @@ export abstract class BaseStrategy extends Strategy { /** * @abstract * @description decodes token payload - * + * * @param token encoded payload * @returns decoded payload fields */ @@ -44,7 +44,7 @@ export abstract class BaseStrategy extends Strategy { /** * @abstract * @description fetches claims published by the did - * + * * @param did */ abstract getUserClaims(did: string): Promise @@ -52,16 +52,16 @@ export abstract class BaseStrategy extends Strategy { /** * @constructor */ - constructor({name}: StrategyOptions) { + constructor({ name }: StrategyOptions) { super() this.name = name } /** * @description template method to authenticate DID - * + * * @param req - * @param options + * @param options */ authenticate(req: Request, options: AuthenticateOptions) { const self = this diff --git a/lib/LoginStrategy.ts b/lib/LoginStrategy.ts index 7e4216d..3c070ea 100644 --- a/lib/LoginStrategy.ts +++ b/lib/LoginStrategy.ts @@ -25,7 +25,6 @@ import { DidStore } from '@ew-did-registry/did-ipfs-store' const { abi: abi1056 } = ethrReg interface LoginStrategyOptions extends StrategyOptions { - jwtSecret: string claimField?: string rpcUrl: string cacheServerUrl?: string @@ -34,11 +33,14 @@ interface LoginStrategyOptions extends StrategyOptions { didContractAddress?: string ipfsUrl?: string acceptedRoles?: string[] + jwtSecret: string | Buffer + jwtSignOptions?: jwt.SignOptions } export class LoginStrategy extends BaseStrategy { private claimField: string - private jwtSecret: string + private jwtSecret: string | Buffer + private jwtSignOptions?: jwt.SignOptions private provider: providers.JsonRpcProvider private httpClient: AxiosInstance | undefined private numberOfBlocksBack: number @@ -53,6 +55,7 @@ export class LoginStrategy extends BaseStrategy { cacheServerUrl, numberOfBlocksBack = 4, jwtSecret, + jwtSignOptions, ensResolverAddress = '0x0a97e07c4Df22e2e31872F20C5BE191D5EFc4680', didContractAddress = VoltaAddress1056, ipfsUrl = 'https://ipfs.infura.io:5001/api/v0/', @@ -83,6 +86,7 @@ export class LoginStrategy extends BaseStrategy { this.numberOfBlocksBack = numberOfBlocksBack this.jwtSecret = jwtSecret this.acceptedRoles = acceptedRoles && new Set(acceptedRoles) + this.jwtSignOptions = jwtSignOptions } /** * @description verifies issuer signature, then check that claim issued @@ -169,8 +173,8 @@ export class LoginStrategy extends BaseStrategy { * @param data payload to encode * @param options */ - encodeToken(data: any, options?: jwt.SignOptions) { - return jwt.sign(data, this.jwtSecret, options) + encodeToken(data: any) { + return jwt.sign(data, this.jwtSecret, this.jwtSignOptions) } /**