1 | import { Algorithm, VerifyOptions } from "jsonwebtoken";
|
2 | import { Strategy as PassportStrategy } from "passport-strategy";
|
3 |
|
4 | export declare class Strategy extends PassportStrategy {
|
5 | |
6 |
|
7 |
|
8 | constructor(opt: StrategyOptionsWithoutRequest, verify: VerifyCallback);
|
9 | /**
|
10 | * Strategy constructor
|
11 | */
|
12 | constructor(opt: StrategyOptionsWithRequest, verify: VerifyCallbackWithRequest);
|
13 | name: string;
|
14 | }
|
15 |
|
16 | /**
|
17 | * Interface for providing the secret or key for verification.
|
18 | */
|
19 | export interface SecretOrKeyProvider<T = any> {
|
20 | /**
|
21 | * Callback for secret or key provider.
|
22 | *
|
23 | * @param request - The request object from your framework (e.g., Express.Request)
|
24 | * @param rawJwtToken - The raw JWT token string
|
25 | * @param done - A function with the signature function(err, secret)
|
26 | */
|
27 | (request: T, rawJwtToken: any, done: (err: any, secretOrKey?: string | Buffer) => void): void;
|
28 | }
|
29 |
|
30 | interface BaseStrategyOptions {
|
31 | /**
|
32 | * Function that accepts a request as the only parameter and returns either the JWT as a string or null.
|
33 | * REQUIRED.
|
34 | */
|
35 | jwtFromRequest: JwtFromRequestFunction;
|
36 | /**
|
37 | * If defined, the issuer will be verified against this value.
|
38 | */
|
39 | issuer?: string | string[] | undefined;
|
40 | /**
|
41 | * If defined, the audience will be verified against this value.
|
42 | */
|
43 | audience?: string | string[] | undefined;
|
44 | /**
|
45 | * List of strings with the names of allowed algorithms (e.g., ["HS256", "HS384"]).
|
46 | */
|
47 | algorithms?: Algorithm[] | undefined;
|
48 | /**
|
49 | * If true, do not validate the expiration of the token.
|
50 | */
|
51 | ignoreExpiration?: boolean | undefined;
|
52 |
|
53 | /**
|
54 | * @deprecated
|
55 | * for backwards compatibility, still allowing you to pass
|
56 | * audience / issuer / algorithms / ignoreExpiration
|
57 | * on the options.
|
58 | */
|
59 | jsonWebTokenOptions?: VerifyOptions | undefined;
|
60 | }
|
61 | interface WithSecretOrKeyProvider extends BaseStrategyOptions {
|
62 | secretOrKeyProvider: SecretOrKeyProvider;
|
63 | }
|
64 | interface WithSecretOrKey extends BaseStrategyOptions {
|
65 | secretOrKey: string | Buffer;
|
66 | }
|
67 | type StrategyOptionsWithSecret =
|
68 | | Omit<WithSecretOrKey, "secretOrKeyProvider">
|
69 | | Omit<WithSecretOrKeyProvider, "secretOrKey">;
|
70 | type StrategyOptionsWithRequest = StrategyOptionsWithSecret & {
|
71 | |
72 |
|
73 |
|
74 | passReqToCallback: true;
|
75 | };
|
76 | type StrategyOptionsWithoutRequest = StrategyOptionsWithSecret & {
|
77 | |
78 |
|
79 |
|
80 | passReqToCallback?: false;
|
81 | };
|
82 |
|
83 |
|
84 |
|
85 |
|
86 | export type StrategyOptions = StrategyOptionsWithRequest | StrategyOptionsWithoutRequest;
|
87 |
|
88 |
|
89 |
|
90 |
|
91 | export type VerifyCallback = (payload: any, done: VerifiedCallback) => void;
|
92 |
|
93 |
|
94 |
|
95 |
|
96 | export type VerifyCallbackWithRequest<T = any> = (req: T, payload: any, done: VerifiedCallback) => void;
|
97 |
|
98 |
|
99 |
|
100 |
|
101 | export interface VerifiedCallback {
|
102 | (error: any, user?: unknown | false, info?: any): void;
|
103 | }
|
104 |
|
105 |
|
106 |
|
107 |
|
108 | export interface JwtFromRequestFunction<T = any> {
|
109 | (req: T): string | null;
|
110 | }
|
111 |
|
112 | export declare namespace ExtractJwt {
|
113 | |
114 |
|
115 |
|
116 |
|
117 |
|
118 |
|
119 | export function fromHeader(header_name: string): JwtFromRequestFunction;
|
120 | |
121 |
|
122 |
|
123 |
|
124 |
|
125 |
|
126 | export function fromBodyField(field_name: string): JwtFromRequestFunction;
|
127 | |
128 |
|
129 |
|
130 |
|
131 |
|
132 |
|
133 | export function fromUrlQueryParameter(param_name: string): JwtFromRequestFunction;
|
134 | |
135 |
|
136 |
|
137 |
|
138 |
|
139 |
|
140 | export function fromAuthHeaderWithScheme(auth_scheme: string): JwtFromRequestFunction;
|
141 | |
142 |
|
143 |
|
144 |
|
145 |
|
146 |
|
147 | export function fromExtractors<T = any>(extractors: Array<JwtFromRequestFunction<T>>): JwtFromRequestFunction<T>;
|
148 | |
149 |
|
150 |
|
151 |
|
152 |
|
153 | export function fromAuthHeaderAsBearerToken(): JwtFromRequestFunction;
|
154 | }
|