v1.2.1: better trusted issuer normalization
This commit is contained in:
vanhempi
e6de23532b
commit
e274e5368a
|
@ -41,6 +41,8 @@ keypairs.generate().then(function (pair) {
|
|||
, keyfetch.jwt.verify(jwt, { jwks: [pair.public] })
|
||||
, keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['https://example.com/'] })
|
||||
, keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['https://example.com'] })
|
||||
, keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['example.com'] })
|
||||
, keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['example.com/'] })
|
||||
, keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['*'] })
|
||||
, keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['http://example.com'] })
|
||||
.then(e("bad scheme")).catch(throwIfNotExpected)
|
||||
|
|
|
@ -386,7 +386,8 @@ function ecdsaAsn1SigToJwtSig(header, b64sig) {
|
|||
function isTrustedIssuer(issuer) {
|
||||
return function (trusted) {
|
||||
if ('*' === trusted) { return true; }
|
||||
// TODO normalize and account for '*'
|
||||
// TODO account for '*.example.com'
|
||||
trusted = (/^http(s?):\/\//.test(trusted) ? trusted : ('https://' + trusted));
|
||||
return issuer.replace(/\/$/, '') === trusted.replace(/\/$/, '') && trusted;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"name": "keyfetch",
|
||||
"version": "1.2.0",
|
||||
"version": "1.2.1",
|
||||
"description": "Lightweight support for fetching JWKs.",
|
||||
"homepage": "https://git.coolaj86.com/coolaj86/keyfetch.js",
|
||||
"main": "keyfetch.js",
|
||||
|
|
Ladataan…
Viittaa uudesa ongelmassa