From 37462b6538980bd18755735f8f50da9407ce75ed Mon Sep 17 00:00:00 2001 From: Kalle Virtaneva Date: Tue, 6 Apr 2021 16:29:17 -0400 Subject: [PATCH] fix(pkg): install express-jwt from @labshare/express-jwt --- package-lock.json | 37 ++++++++++++------------ package.json | 2 +- src/providers/authentication.provider.ts | 5 +++- 3 files changed, 24 insertions(+), 20 deletions(-) diff --git a/package-lock.json b/package-lock.json index b194006..0f02781 100644 --- a/package-lock.json +++ b/package-lock.json @@ -385,6 +385,25 @@ } } }, + "@labshare/express-jwt": { + "version": "6.1.0", + "resolved": "https://registry.npmjs.org/@labshare/express-jwt/-/express-jwt-6.1.0.tgz", + "integrity": "sha512-Dpj0wsHi4ub2WK4gtjXkeiRBRk5c8a9jRTY/T3rGx3qTSdRONpVoW/FtdO6IVWYyAbP+4+6AEjx3KOlZn7Wa0A==", + "requires": { + "async": "^1.5.0", + "express-unless": "^0.3.0", + "jsonwebtoken": "^8.1.0", + "lodash.isfunction": "^3.0.9", + "lodash.set": "^4.0.0" + }, + "dependencies": { + "async": { + "version": "1.5.2", + "resolved": "https://registry.npmjs.org/async/-/async-1.5.2.tgz", + "integrity": "sha1-7GphrlZIDAw8skHJVhjiCJL5Zyo=" + } + } + }, "@loopback/boot": { "version": "1.4.4", "resolved": "https://registry.npmjs.org/@loopback/boot/-/boot-1.4.4.tgz", @@ -5438,24 +5457,6 @@ } } }, - "express-jwt": { - "version": "github:KalleV/express-jwt#dad0daebe354a9ad0fc8ab160e406fd5a3cac7d9", - "from": "github:KalleV/express-jwt#dad0daebe354a9ad0fc8ab160e406fd5a3cac7d9", - "requires": { - "async": "^1.5.0", - "express-unless": "^0.3.0", - "jsonwebtoken": "^8.1.0", - "lodash.isfunction": "^3.0.9", - "lodash.set": "^4.0.0" - }, - "dependencies": { - "async": { - "version": "1.5.2", - "resolved": "https://registry.npmjs.org/async/-/async-1.5.2.tgz", - "integrity": "sha1-7GphrlZIDAw8skHJVhjiCJL5Zyo=" - } - } - }, "express-unless": { "version": "0.3.1", "resolved": "https://registry.npmjs.org/express-unless/-/express-unless-0.3.1.tgz", diff --git a/package.json b/package.json index 44e8cdd..8698156 100644 --- a/package.json +++ b/package.json @@ -45,11 +45,11 @@ }, "homepage": "https://github.com/LabShare/services-auth#readme", "dependencies": { + "@labshare/express-jwt": "^6.1.0", "@loopback/boot": "^1.4.4", "@loopback/context": "^1.20.2", "@loopback/core": "^1.8.5", "@loopback/rest": "^1.16.3", - "express-jwt": "github:KalleV/express-jwt#dad0daebe354a9ad0fc8ab160e406fd5a3cac7d9", "jwks-rsa": "^1.12.2", "parse-bearer-token": "^1.0.1", "tiny-json-http": "^7.1.2" diff --git a/src/providers/authentication.provider.ts b/src/providers/authentication.provider.ts index f1b1724..869a743 100644 --- a/src/providers/authentication.provider.ts +++ b/src/providers/authentication.provider.ts @@ -10,7 +10,7 @@ import { } from '@loopback/rest'; import {AuthenticateFn, AuthenticationBindings} from '../keys'; import * as jwksClient from 'jwks-rsa'; -import * as jwt from 'express-jwt'; +import * as jwt from '@labshare/express-jwt'; import getToken from 'parse-bearer-token'; import {CoreBindings} from '@loopback/core'; import {get} from 'lodash'; @@ -23,6 +23,8 @@ const defaultJwksClientOptions = { jwksRequestsPerMinute: 10, }; +const defaultAlgorithms = ['HS256', 'RS256']; + interface ParsedParams { path: {[key: string]: any}; query: {[key: string]: any}; @@ -146,6 +148,7 @@ export class AuthenticateActionProvider implements Provider { audience: jwtAudience, // Optionally validate the audience and the issuer issuer, credentialsRequired, + algorithms: defaultAlgorithms, })(request, response, (error: any) => { if (error) { reject(error);