1 |
|
2 |
|
3 |
|
4 |
|
5 |
|
6 |
|
7 |
|
8 |
|
9 |
|
10 |
|
11 |
|
12 |
|
13 |
|
14 |
|
15 |
|
16 |
|
17 |
|
18 |
|
19 | export class JsonWebTokenError extends Error {
|
20 | inner: Error;
|
21 |
|
22 | constructor(message: string, error?: Error);
|
23 | }
|
24 |
|
25 | export class TokenExpiredError extends JsonWebTokenError {
|
26 | expiredAt: Date;
|
27 |
|
28 | constructor(message: string, expiredAt: Date);
|
29 | }
|
30 |
|
31 | /**
|
32 | * Thrown if current time is before the nbf claim.
|
33 | */
|
34 | export class NotBeforeError extends JsonWebTokenError {
|
35 | date: Date;
|
36 |
|
37 | constructor(message: string, date: Date);
|
38 | }
|
39 |
|
40 | export interface SignOptions {
|
41 | |
42 |
|
43 |
|
44 |
|
45 |
|
46 |
|
47 |
|
48 |
|
49 |
|
50 |
|
51 |
|
52 |
|
53 |
|
54 | algorithm?: Algorithm | undefined;
|
55 | keyid?: string | undefined;
|
56 |
|
57 | expiresIn?: string | number | undefined;
|
58 |
|
59 | notBefore?: string | number | undefined;
|
60 | audience?: string | string[] | undefined;
|
61 | subject?: string | undefined;
|
62 | issuer?: string | undefined;
|
63 | jwtid?: string | undefined;
|
64 | mutatePayload?: boolean | undefined;
|
65 | noTimestamp?: boolean | undefined;
|
66 | header?: JwtHeader | undefined;
|
67 | encoding?: string | undefined;
|
68 | }
|
69 |
|
70 | export interface VerifyOptions {
|
71 | algorithms?: Algorithm[] | undefined;
|
72 | audience?: string | RegExp | Array<string | RegExp> | undefined;
|
73 | clockTimestamp?: number | undefined;
|
74 | clockTolerance?: number | undefined;
|
75 |
|
76 | complete?: boolean | undefined;
|
77 | issuer?: string | string[] | undefined;
|
78 | ignoreExpiration?: boolean | undefined;
|
79 | ignoreNotBefore?: boolean | undefined;
|
80 | jwtid?: string | undefined;
|
81 | |
82 |
|
83 |
|
84 |
|
85 | nonce?: string | undefined;
|
86 | subject?: string | undefined;
|
87 | maxAge?: string | number | undefined;
|
88 | }
|
89 |
|
90 | export interface DecodeOptions {
|
91 | complete?: boolean | undefined;
|
92 | json?: boolean | undefined;
|
93 | }
|
94 | export type VerifyErrors =
|
95 | | JsonWebTokenError
|
96 | | NotBeforeError
|
97 | | TokenExpiredError;
|
98 | export type VerifyCallback<T = Jwt | JwtPayload | string> = (
|
99 | error: VerifyErrors | null,
|
100 | decoded: T | undefined,
|
101 | ) => void;
|
102 |
|
103 | export type SignCallback = (
|
104 | error: Error | null,
|
105 | encoded: string | undefined,
|
106 | ) => void;
|
107 |
|
108 |
|
109 | export interface JwtHeader {
|
110 | alg: string | Algorithm;
|
111 | typ?: string | undefined;
|
112 | cty?: string | undefined;
|
113 | crit?: Array<string | Exclude<keyof JwtHeader, 'crit'>> | undefined;
|
114 | kid?: string | undefined;
|
115 | jku?: string | undefined;
|
116 | x5u?: string | string[] | undefined;
|
117 | 'x5t#S256'?: string | undefined;
|
118 | x5t?: string | undefined;
|
119 | x5c?: string | string[] | undefined;
|
120 | }
|
121 |
|
122 |
|
123 | export interface JwtPayload {
|
124 | [key: string]: any;
|
125 | iss?: string | undefined;
|
126 | sub?: string | undefined;
|
127 | aud?: string | string[] | undefined;
|
128 | exp?: number | undefined;
|
129 | nbf?: number | undefined;
|
130 | iat?: number | undefined;
|
131 | jti?: string | undefined;
|
132 | }
|
133 |
|
134 | export interface Jwt {
|
135 | header: JwtHeader;
|
136 | payload: JwtPayload | string;
|
137 | signature: string;
|
138 | }
|
139 |
|
140 |
|
141 | export type Algorithm =
|
142 | "HS256" | "HS384" | "HS512" |
|
143 | "RS256" | "RS384" | "RS512" |
|
144 | "ES256" | "ES384" | "ES512" |
|
145 | "PS256" | "PS384" | "PS512" |
|
146 | "none";
|
147 |
|
148 | export type SigningKeyCallback = (
|
149 | error: Error | null,
|
150 | signingKey?: Secret
|
151 | ) => void;
|
152 |
|
153 | export type GetPublicKeyOrSecret = (
|
154 | header: JwtHeader,
|
155 | callback: SigningKeyCallback
|
156 | ) => void;
|
157 |
|
158 | export type Secret =
|
159 | | string
|
160 | | Buffer
|
161 | | { key: string | Buffer; passphrase: string };
|
162 |
|
163 |
|
164 |
|
165 |
|
166 |
|
167 |
|
168 |
|
169 |
|
170 | export function sign(
|
171 | payload: string | Buffer | object,
|
172 | secretOrPrivateKey: Secret,
|
173 | options?: SignOptions,
|
174 | ): string;
|
175 |
|
176 |
|
177 |
|
178 |
|
179 |
|
180 |
|
181 |
|
182 |
|
183 | export function sign(
|
184 | payload: string | Buffer | object,
|
185 | secretOrPrivateKey: Secret,
|
186 | callback: SignCallback,
|
187 | ): void;
|
188 | export function sign(
|
189 | payload: string | Buffer | object,
|
190 | secretOrPrivateKey: Secret,
|
191 | options: SignOptions,
|
192 | callback: SignCallback,
|
193 | ): void;
|
194 |
|
195 |
|
196 |
|
197 |
|
198 |
|
199 |
|
200 |
|
201 |
|
202 | export function verify(token: string, secretOrPublicKey: Secret, options: VerifyOptions & { complete: true }): Jwt;
|
203 | export function verify(token: string, secretOrPublicKey: Secret, options?: VerifyOptions & { complete?: false }): JwtPayload | string;
|
204 | export function verify(token: string, secretOrPublicKey: Secret, options?: VerifyOptions): Jwt | JwtPayload | string;
|
205 |
|
206 |
|
207 |
|
208 |
|
209 |
|
210 |
|
211 |
|
212 |
|
213 |
|
214 |
|
215 | export function verify(
|
216 | token: string,
|
217 | secretOrPublicKey: Secret | GetPublicKeyOrSecret,
|
218 | callback?: VerifyCallback<JwtPayload | string>,
|
219 | ): void;
|
220 | export function verify(
|
221 | token: string,
|
222 | secretOrPublicKey: Secret | GetPublicKeyOrSecret,
|
223 | options: VerifyOptions & { complete: true },
|
224 | callback?: VerifyCallback<Jwt>,
|
225 | ): void;
|
226 | export function verify(
|
227 | token: string,
|
228 | secretOrPublicKey: Secret | GetPublicKeyOrSecret,
|
229 | options?: VerifyOptions & { complete?: false },
|
230 | callback?: VerifyCallback<JwtPayload | string>,
|
231 | ): void;
|
232 | export function verify(
|
233 | token: string,
|
234 | secretOrPublicKey: Secret | GetPublicKeyOrSecret,
|
235 | options?: VerifyOptions,
|
236 | callback?: VerifyCallback,
|
237 | ): void;
|
238 |
|
239 |
|
240 |
|
241 |
|
242 |
|
243 |
|
244 |
|
245 | export function decode(token: string, options: DecodeOptions & { complete: true }): null | Jwt;
|
246 | export function decode(token: string, options: DecodeOptions & { json: true }): null | JwtPayload;
|
247 | export function decode(token: string, options?: DecodeOptions): null | JwtPayload | string;
|