|
1 | | -declare module 'jwks-rsa' { |
| 1 | +import { SecretCallback, SecretCallbackLong } from 'express-jwt'; |
2 | 2 |
|
3 | | - import * as ExpressJwt from "express-jwt"; |
| 3 | +declare function JwksRsa(options: JwksRsa.ClientOptions): JwksRsa.JwksClient; |
4 | 4 |
|
5 | | - function JwksRsa(options: JwksRsa.Options): JwksRsa.JwksClient; |
| 5 | +declare namespace JwksRsa { |
| 6 | + class JwksClient { |
| 7 | + constructor(options: ClientOptions); |
6 | 8 |
|
7 | | - namespace JwksRsa { |
8 | | - class JwksClient { |
9 | | - constructor(options: Options); |
| 9 | + getKeys(cb: (err: Error | null, keys: unknown) => void): void; |
| 10 | + getSigningKeys(cb: (err: Error | null, keys: SigningKey[]) => void): void; |
| 11 | + getSigningKey: (kid: string, cb: (err: Error | null, key: SigningKey) => void) => void; |
| 12 | + } |
| 13 | + |
| 14 | + interface Headers { |
| 15 | + [key: string]: string; |
| 16 | + } |
| 17 | + |
| 18 | + interface ClientOptions { |
| 19 | + jwksUri: string; |
| 20 | + rateLimit?: boolean; |
| 21 | + cache?: boolean; |
| 22 | + cacheMaxEntries?: number; |
| 23 | + cacheMaxAge?: number; |
| 24 | + jwksRequestsPerMinute?: number; |
| 25 | + strictSsl?: boolean; |
| 26 | + requestHeaders?: Headers; |
| 27 | + } |
| 28 | + |
| 29 | + interface CertSigningKey { |
| 30 | + kid: string; |
| 31 | + nbf: string; |
| 32 | + publicKey: string; |
| 33 | + } |
| 34 | + |
| 35 | + interface RsaSigningKey { |
| 36 | + kid: string; |
| 37 | + nbf: string; |
| 38 | + rsaPublicKey: string; |
| 39 | + } |
| 40 | + |
| 41 | + type SigningKey = CertSigningKey | RsaSigningKey; |
10 | 42 |
|
11 | | - getKeys: (cb: (err: Error, keys: Jwk[]) => any) => any; |
12 | | - getSigningKeys: (cb: (err: Error, keys: Jwk[]) => any) => any; |
13 | | - getSigningKey: (kid: string, cb: (err: Error, key: Jwk) => any) => any; |
14 | | - } |
| 43 | + function expressJwtSecret(options: ExpressJwtOptions): SecretCallbackLong; |
15 | 44 |
|
16 | | - interface Jwk { |
17 | | - kid: string; |
18 | | - nbf?: number; |
19 | | - publicKey?: string; |
20 | | - rsaPublicKey?: string; |
21 | | - } |
| 45 | + function passportJwtSecret(options: ExpressJwtOptions): SecretCallback; |
22 | 46 |
|
23 | | - interface Headers { |
24 | | - [key: string]: string; |
25 | | - } |
| 47 | + interface ExpressJwtOptions extends ClientOptions { |
| 48 | + handleSigningKeyError?: (err: Error | null, cb: (err: Error | null) => void) => void; |
| 49 | + } |
26 | 50 |
|
27 | | - interface Options { |
28 | | - jwksUri: string; |
29 | | - rateLimit?: boolean; |
30 | | - cache?: boolean; |
31 | | - cacheMaxEntries?: number; |
32 | | - cacheMaxAge?: number; |
33 | | - jwksRequestsPerMinute?: number; |
34 | | - strictSsl?: boolean; |
35 | | - requestHeaders?: Headers; |
36 | | - handleSigningKeyError?(err: Error, cb: (err: Error) => void): any; |
37 | | - } |
| 51 | + function hapiJwt2Key(options: HapiJwtOptions): (decodedToken: DecodedToken, cb: HapiCallback) => void; |
38 | 52 |
|
39 | | - function expressJwtSecret(options: JwksRsa.Options): ExpressJwt.SecretCallback; |
| 53 | + interface HapiJwtOptions extends ClientOptions { |
| 54 | + handleSigningKeyError?: (err: Error | null, cb: HapiCallback) => void; |
| 55 | + } |
40 | 56 |
|
41 | | - function hapiJwt2Key(options: JwksRsa.Options): (name: string, scheme: string, options?: any) => void; |
| 57 | + type HapiCallback = (err: Error | null, publicKey: string, signingKey: SigningKey) => void; |
42 | 58 |
|
43 | | - function hapiJwt2KeyAsync(options: JwksRsa.Options): (name: string, scheme: string, options?: any) => void; |
| 59 | + interface DecodedToken { |
| 60 | + header: TokenHeader; |
| 61 | + } |
| 62 | + |
| 63 | + interface TokenHeader { |
| 64 | + alg: string; |
| 65 | + kid: string; |
| 66 | + } |
44 | 67 |
|
45 | | - function koaJwtSecret(options: JwksRsa.Options): (name: string, scheme: string, options?: any) => void; |
| 68 | + function hapiJwt2KeyAsync(options: HapiJwtOptions): (decodedToken: DecodedToken) => Promise<{ key: string }>; |
46 | 69 |
|
47 | | - function passportJwtSecret(options: JwksRsa.Options): ExpressJwt.SecretCallback; |
| 70 | + function koaJwtSecret(options: KoaJwtOptions): (header: TokenHeader) => Promise<string>; |
48 | 71 |
|
49 | | - class ArgumentError extends Error { |
50 | | - constructor(message: string); |
51 | | - } |
| 72 | + interface KoaJwtOptions extends ClientOptions { |
| 73 | + handleSigningKeyError?(err: Error | null): Promise<void>; |
| 74 | + } |
52 | 75 |
|
53 | | - class JwksError extends Error { |
54 | | - constructor(message: string); |
55 | | - } |
| 76 | + class ArgumentError extends Error { |
| 77 | + name: 'ArgumentError'; |
| 78 | + constructor(message: string); |
| 79 | + } |
56 | 80 |
|
57 | | - class JwksRateLimitError extends Error { |
58 | | - constructor(message: string); |
59 | | - } |
| 81 | + class JwksError extends Error { |
| 82 | + name: 'JwksError'; |
| 83 | + constructor(message: string); |
| 84 | + } |
60 | 85 |
|
61 | | - class SigningKeyNotFoundError extends Error { |
62 | | - constructor(message: string); |
63 | | - } |
| 86 | + class JwksRateLimitError extends Error { |
| 87 | + name: 'JwksRateLimitError'; |
| 88 | + constructor(message: string); |
64 | 89 | } |
65 | 90 |
|
66 | | - export = JwksRsa; |
| 91 | + class SigningKeyNotFoundError extends Error { |
| 92 | + name: 'SigningKeyNotFoundError'; |
| 93 | + constructor(message: string); |
| 94 | + } |
67 | 95 | } |
| 96 | + |
| 97 | +export = JwksRsa; |
0 commit comments