Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Remove joi to shrink module size (#348)
* Add cost-of-modules report to npm test Results before any changes ┌─────────────┬────────────┬───────┐ │ name │ children │ size │ ├─────────────┼────────────┼───────┤ │ joi │ 4 │ 3.12M │ <--!!! ├─────────────┼────────────┼───────┤ │ jws │ 5 │ 0.18M │ ├─────────────┼────────────┼───────┤ │ lodash.once │ 0 │ 0.01M │ ├─────────────┼────────────┼───────┤ │ ms │ 0 │ 0.01M │ ├─────────────┼────────────┼───────┤ │ xtend │ 0 │ 0.00M │ ├─────────────┼────────────┼───────┤ │ 5 modules │ 9 children │ 3.32M │ └─────────────┴────────────┴───────┘ * Replace joi with bespoke validator based on lodash Dramatically reduces the module size without breaking ES5 compatability - ┌──────────────────────┬────────────┬───────┐ │ name │ children │ size │ ├──────────────────────┼────────────┼───────┤ │ jws │ 5 │ 0.18M │ ├──────────────────────┼────────────┼───────┤ │ lodash.includes │ 0 │ 0.02M │ ├──────────────────────┼────────────┼───────┤ │ lodash.once │ 0 │ 0.01M │ ├──────────────────────┼────────────┼───────┤ │ lodash.isinteger │ 0 │ 0.01M │ ├──────────────────────┼────────────┼───────┤ │ ms │ 0 │ 0.01M │ ├──────────────────────┼────────────┼───────┤ │ lodash.isplainobject │ 0 │ 0.01M │ ├──────────────────────┼────────────┼───────┤ │ xtend │ 0 │ 0.00M │ ├──────────────────────┼────────────┼───────┤ │ lodash.isstring │ 0 │ 0.00M │ ├──────────────────────┼────────────┼───────┤ │ lodash.isboolean │ 0 │ 0.00M │ ├──────────────────────┼────────────┼───────┤ │ lodash.isnumber │ 0 │ 0.00M │ ├──────────────────────┼────────────┼───────┤ │ lodash.isarray │ 0 │ 0.00M │ ├──────────────────────┼────────────┼───────┤ │ 11 modules │ 5 children │ 0.25M │ └──────────────────────┴────────────┴───────┘ * Enhance validator error messages and add tests
- Loading branch information
1 parent
e54e53c
commit 2e7e68d
Showing
5 changed files
with
200 additions
and
39 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,136 @@ | ||
var jwt = require('../index'); | ||
var expect = require('chai').expect; | ||
var fs = require('fs'); | ||
|
||
describe('schema', function() { | ||
|
||
describe('sign options', function() { | ||
|
||
var cert_rsa_priv = fs.readFileSync(__dirname + '/rsa-private.pem'); | ||
var cert_ecdsa_priv = fs.readFileSync(__dirname + '/ecdsa-private.pem'); | ||
|
||
function sign(options) { | ||
var isEcdsa = options.algorithm && options.algorithm.indexOf('ES') === 0; | ||
jwt.sign({foo: 123}, isEcdsa ? cert_ecdsa_priv : cert_rsa_priv, options); | ||
} | ||
|
||
it('should validate expiresIn', function () { | ||
expect(function () { | ||
sign({ expiresIn: '1 monkey' }); | ||
}).to.throw(/"expiresIn" should be a number of seconds or string representing a timespan/); | ||
expect(function () { | ||
sign({ expiresIn: 1.1 }); | ||
}).to.throw(/"expiresIn" should be a number of seconds or string representing a timespan/); | ||
sign({ expiresIn: '10s' }); | ||
sign({ expiresIn: 10 }); | ||
}); | ||
|
||
it('should validate notBefore', function () { | ||
expect(function () { | ||
sign({ notBefore: '1 monkey' }); | ||
}).to.throw(/"notBefore" should be a number of seconds or string representing a timespan/); | ||
expect(function () { | ||
sign({ notBefore: 1.1 }); | ||
}).to.throw(/"notBefore" should be a number of seconds or string representing a timespan/); | ||
sign({ notBefore: '10s' }); | ||
sign({ notBefore: 10 }); | ||
}); | ||
|
||
it('should validate audience', function () { | ||
expect(function () { | ||
sign({ audience: 10 }); | ||
}).to.throw(/"audience" must be a string or array/); | ||
sign({ audience: 'urn:foo' }); | ||
sign({ audience: ['urn:foo'] }); | ||
}); | ||
|
||
it('should validate algorithm', function () { | ||
expect(function () { | ||
sign({ algorithm: 'foo' }); | ||
}).to.throw(/"algorithm" must be a valid string enum value/); | ||
sign({algorithm: 'RS256'}); | ||
sign({algorithm: 'RS384'}); | ||
sign({algorithm: 'RS512'}); | ||
sign({algorithm: 'ES256'}); | ||
sign({algorithm: 'ES384'}); | ||
sign({algorithm: 'ES512'}); | ||
sign({algorithm: 'HS256'}); | ||
sign({algorithm: 'HS384'}); | ||
sign({algorithm: 'HS512'}); | ||
sign({algorithm: 'none'}); | ||
}); | ||
|
||
it('should validate header', function () { | ||
expect(function () { | ||
sign({ header: 'foo' }); | ||
}).to.throw(/"header" must be an object/); | ||
sign({header: {}}); | ||
}); | ||
|
||
it('should validate encoding', function () { | ||
expect(function () { | ||
sign({ encoding: 10 }); | ||
}).to.throw(/"encoding" must be a string/); | ||
sign({encoding: 'utf8'}); | ||
}); | ||
|
||
it('should validate issuer', function () { | ||
expect(function () { | ||
sign({ issuer: 10 }); | ||
}).to.throw(/"issuer" must be a string/); | ||
sign({issuer: 'foo'}); | ||
}); | ||
|
||
it('should validate subject', function () { | ||
expect(function () { | ||
sign({ subject: 10 }); | ||
}).to.throw(/"subject" must be a string/); | ||
sign({subject: 'foo'}); | ||
}); | ||
|
||
it('should validate noTimestamp', function () { | ||
expect(function () { | ||
sign({ noTimestamp: 10 }); | ||
}).to.throw(/"noTimestamp" must be a boolean/); | ||
sign({noTimestamp: true}); | ||
}); | ||
|
||
it('should validate keyid', function () { | ||
expect(function () { | ||
sign({ keyid: 10 }); | ||
}).to.throw(/"keyid" must be a string/); | ||
sign({keyid: 'foo'}); | ||
}); | ||
|
||
}); | ||
|
||
describe('sign payload registered claims', function() { | ||
|
||
function sign(payload) { | ||
jwt.sign(payload, 'foo123'); | ||
} | ||
|
||
it('should validate iat', function () { | ||
expect(function () { | ||
sign({ iat: '1 monkey' }); | ||
}).to.throw(/"iat" should be a number of seconds/); | ||
sign({ iat: 10.1 }); | ||
}); | ||
|
||
it('should validate exp', function () { | ||
expect(function () { | ||
sign({ exp: '1 monkey' }); | ||
}).to.throw(/"exp" should be a number of seconds/); | ||
sign({ exp: 10.1 }); | ||
}); | ||
|
||
it('should validate nbf', function () { | ||
expect(function () { | ||
sign({ nbf: '1 monkey' }); | ||
}).to.throw(/"nbf" should be a number of seconds/); | ||
sign({ nbf: 10.1 }); | ||
}); | ||
|
||
}); | ||
|
||
}); |