UNPKG

njwt

Version:

JWT Library for Node.js

github.com/jwtk/njwt

jwtk/njwt

66 lines (35 loc) 1.69 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
# nJwt Change Log ### 2.0.1 * [#107](https://github.com/jwtk/njwt/pull/107) Freeze `prototype` of all classes to prevent prototype pollution vuln ([CVE-2024-34273](https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-34273)) ### 2.0.0 * [#98](https://github.com/jwtk/njwt/pull/98) Bumps jsonwebtoken version, drop Node < 12 from engines ### 1.2.0 * [#84](https://github.com/jwtk/njwt/pull/84) Resolves `uuid` vulnerability. ### 1.1.0 * [#77](https://github.com/jwtk/njwt/pull/77) Adds TypeScript type definitions. ### 1.0.0 * Removed support for older Node versions. Now requires Node 6+. ### 0.4.1 * Updated `nJwt.base64urlEncode()` to replace deprecated `new Buffer()` with `Buffer.from()` ### 0.4.0 * Added a key resolver interface, use `nJwt.createVerifier().withKeyResolver(function(kid, cb){ })` * Added `jwt.setClaim(claim, value)` and `jwt.setHeader(param, value)` for setting body claims and header values in a chain-able way. ### 0.3.2 Added support for the `nbf`, "not before", claim. ### 0.3.1 Fixed to support proper signing and verification of ECDSA signatures. ### 0.3.0 The JWTs that are returned by `nJwt.verify()` and `nJwt.parse()` will no longer populate the `iat` and `jti` fields with default random values. ### 0.2.3 Fixed to prevent the `jti` and `iat` claims of the passed token from being over-written with default random values during verification. ### 0.2.2 `jwt.toString()` is now an alias for `jwt.compact()`. ### 0.2.1 When parsing a JWT string, the header values of the JWT are now populated on the object that is returned. ### 0.2.0 The default `exp` field is now set to a default expiration of 1 hour. ### 0.1.0 First release.