-
-
Notifications
You must be signed in to change notification settings - Fork 36
/
Copy pathindex.d.ts
162 lines (155 loc) · 4.67 KB
/
index.d.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
/* auto-generated by NAPI-RS */
/* eslint-disable */
export declare const enum Algorithm {
/** HMAC using SHA-256 */
HS256 = 'HS256',
/** HMAC using SHA-384 */
HS384 = 'HS384',
/** HMAC using SHA-512 */
HS512 = 'HS512',
/** ECDSA using SHA-256 */
ES256 = 'ES256',
/** ECDSA using SHA-384 */
ES384 = 'ES384',
/** RSASSA-PKCS1-v1_5 using SHA-256 */
RS256 = 'RS256',
/** RSASSA-PKCS1-v1_5 using SHA-384 */
RS384 = 'RS384',
/** RSASSA-PKCS1-v1_5 using SHA-512 */
RS512 = 'RS512',
/** RSASSA-PSS using SHA-256 */
PS256 = 'PS256',
/** RSASSA-PSS using SHA-384 */
PS384 = 'PS384',
/** RSASSA-PSS using SHA-512 */
PS512 = 'PS512',
/** Edwards-curve Digital Signature Algorithm (EdDSA) */
EdDSA = 'EdDSA'
}
export declare function decodeHeader(token: string): Header
export interface Header {
/**
* The algorithm used
*
* Defined in [RFC7515#4.1.1](https://tools.ietf.org/html/rfc7515#section-4.1.1).
* Default to `HS256`
*/
algorithm?: Algorithm
/**
* Content type
*
* Defined in [RFC7519#5.2](https://tools.ietf.org/html/rfc7519#section-5.2).
*/
contentType?: string
/**
* JSON Key URL
*
* Defined in [RFC7515#4.1.2](https://tools.ietf.org/html/rfc7515#section-4.1.2).
*/
jsonKeyUrl?: string
/**
* JSON Web Key
*
* Defined in [RFC7515#4.1.3](https://tools.ietf.org/html/rfc7515#section-4.1.3).
* Key ID
*
* Defined in [RFC7515#4.1.4](https://tools.ietf.org/html/rfc7515#section-4.1.4).
*/
keyId?: string
/**
* X.509 URL
*
* Defined in [RFC7515#4.1.5](https://tools.ietf.org/html/rfc7515#section-4.1.5).
*/
x5Url?: string
/**
* X.509 certificate chain. A Vec of base64 encoded ASN.1 DER certificates.
*
* Defined in [RFC7515#4.1.6](https://tools.ietf.org/html/rfc7515#section-4.1.6).
*/
x5CertChain?: Array<string>
/**
* X.509 SHA1 certificate thumbprint
*
* Defined in [RFC7515#4.1.7](https://tools.ietf.org/html/rfc7515#section-4.1.7).
*/
x5CertThumbprint?: string
/**
* X.509 SHA256 certificate thumbprint
*
* Defined in [RFC7515#4.1.8](https://tools.ietf.org/html/rfc7515#section-4.1.8).
*
* This will be serialized/deserialized as "x5t#S256", as defined by the RFC.
*/
x5TS256CertThumbprint?: string
}
export declare function sign(claims: { [key: string]: any }, key: string | Uint8Array, header?: Header | undefined | null, abortSignal?: AbortSignal | undefined | null): Promise<string>
export declare function signSync(claims: { [key: string]: any }, key: string | Uint8Array, header?: Header | undefined | null): string
export interface Validation {
/**
* If it contains a value, the validation will check that the `aud` field is a member of the
* audience provided and will error otherwise.
*
* Defaults to an empty collection.
*/
aud?: Array<string>
/**
* Which claims are required to be present before starting the validation.
* This does not interact with the various `validate_*`. If you remove `exp` from that list, you still need
* to set `validate_exp` to `false`.
* The only value that will be used are "exp", "nbf", "aud", "iss", "sub". Anything else will be ignored.
*
* Defaults to `exp`.
*/
requiredSpecClaims?: Array<string>
/**
* Add some leeway (in seconds) to the `exp` and `nbf` validation to
* account for clock skew.
*
* Defaults to `60`.
*/
leeway?: number
/**
* Whether to validate the `exp` field.
*
* Defaults to `true`.
*/
validateExp?: boolean
/**
* Whether to validate the `nbf` field.
*
* It will return an error if the current timestamp is before the time in the `nbf` field.
*
* Defaults to `false`.
*/
validateNbf?: boolean
/**
* If it contains a value, the validation will check that the `sub` field is the same as the
* one provided and will error otherwise.
*
* Turned off by default.
*/
sub?: string
/**
* The algorithm used to verify the signature.
*
* Defaults to `HS256`.
*/
algorithms?: Array<Algorithm>
/**
* If it contains a value, the validation will check that the `iss` field is a member of the
* iss provided and will error otherwise.
* Use `set_issuer` to set it
*
* Defaults to an empty collection.
*/
iss?: Array<string>
/**
* Whether to validate the JWT signature.
*
* Defaults to `true`.
*/
validateSignature?: boolean
}
export declare function verify(token: string, key: string | Uint8Array, validation?: Validation | undefined | null, abortSignal?: AbortSignal | undefined | null): Promise<{ [key: string]: any }>
export declare function verifySync(token: string, key: string | Uint8Array, validation?: Validation | undefined | null): { [key: string]: any }