Add string jwt #2666
Add string jwt #2666
Conversation
✅ Deploy Preview for guileless-rolypoly-866f8a ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
|
Just a reminder that you left some |
|
Ooopss... thanks man, already removed. |
deno/lib/types.ts
Outdated
| } | ||
|
|
||
| const [header] = tokensParts; | ||
| const parsedHeader = JSON.parse(Buffer.from(header, "base64").toString()); |
There was a problem hiding this comment.
It should works both in node.js and modern browsers, so you can't use Buffer. You can take a look at the code. https://github.com/validatorjs/validator.js/blob/master/src/lib/isJWT.js
There was a problem hiding this comment.
Sorry, not a front-end guy 🙈.
The link you've passed, they do not decode base64 as I intended to do. Replace Buffer for atob are supposed to work.
Also added option to pass algorithm used in JWT.
|
Why wasn't this PR merged yet? It will be very useful for my use case! Does it need some improvements? |
|
Hey guys, anything else I should do to it be accept? |
|
Hello @colinhacks I believe this PR are good to go. Let me know if need anything else. |
Validate string in JWT format. NOT validate signature
Validate all possibilities for validation function
Add z.string().jwt() to String validations list
…validation atob method is compatible with Node and modern browsers
Property is 'typ' and not 'type'
Can pass a algorithm option to jwt method to check the algorithm of token. If not pass, no check is done for alg.
Fix tests with false positive and add tests to check algorithm validation
Add info that jwt method accepts algorithm as option
colinhacks
force-pushed
the
add-string-jwt
branch
from
1e31d81 to
00ba486
Compare
|
Thanks, this is excellent stuff! Apologies for the long turnaround time. I'm hesitant to merge features like this into Zod 3 for bundle size reasons. Zod 4 will have better tree shaking characteristics so I'm merging this into the v4 branch. Some version of this will land in Zod 4, but (as a heads up) it may be a while, and this feature/API will likely undergo some changes in the interim. |
* feat(string): add jwt validator type Validate string in JWT format. NOT validate signature * test(string): add tests to validate jwt parse Validate all possibilities for validation function * docs(main): update main README Add z.string().jwt() to String validations list * fix(types): remove forgotten console.log * refactor(types-string): replace Buffer.from method for atob into JWT validation atob method is compatible with Node and modern browsers * fix(types-string): header property was misspelled Property is 'typ' and not 'type' * feat(types-string): add algorithm option to jwt Can pass a algorithm option to jwt method to check the algorithm of token. If not pass, no check is done for alg. * test(string): update tests to check jwt method Fix tests with false positive and add tests to check algorithm validation * docs(README): update readme.md Add info that jwt method accepts algorithm as option * Tweak API and docs * Fix tests --------- Co-authored-by: Colin McDonnell <colinmcd94@gmail.com>
Add a
.jwt()validator in string type.It expects for a string with 3 parts splited by
.with the first part being a base64 encoded string that represents a objetc wit a propertytypewith valueJWT.It validates just format NOT signature.
Resolves #2946