feat!: enforce mandatory token expiration with capped lifetimes #93
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Changes: - Add time constants (ONE_MINUTE_MS, ONE_HOUR_MS, FOUR_WEEKS_MS, DEFAULT_MAX_LIFETIME_MS) - Add `expiresIn()` method to builder for ergonomic expiration setting - Add `maxLifetime()` method to customize maximum token lifetime - Add validation in `sign()` to require expiration and enforce lifetime caps - Fix time unit bug: convert milliseconds to seconds in payload (exp, nbf) - Cap chained token lifetimes by parent's remaining validity - Update NilauthClient to set expiration on internal tokens - Update documentation and all tests to use new expiration API Security improvements: - Prevents tokens from being created without expiration dates - Enforces maximum lifetime of 4 weeks by default - Child tokens cannot outlive their parents - Provides clear error messages when lifetime constraints are violated BREAKING CHANGE: All tokens must now specify an expiration via `expiresAt()` or `expiresIn()`. Tokens without expiration will be rejected during the build process.
Coverage Report
File Coverage
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Changes: - Add `Validator.parse()` that decodes and validates tokens in a single operation - Rename `Codec.decodeBase64Url` to `Codec._unsafeDecodeBase64Url` and log warning on invocation - Update all internal code to use `_unsafeDecodeBase64Url` where only structure inspection is needed - Update documentation and examples - Update tests to use appropriate methods based on context BREAKING CHANGE: `Codec.decodeBase64Url` has been renamed to `Codec._unsafeDecodeBase64Url` and is now marked as internal. The new `Validator.parse()` method should be used instead for all token parsing and validation.
tim-hm
force-pushed
the
feat/require-expiry
branch
from
2be4086 to
2799d0a
Compare
Consolidate Web3 dependencies to viem: - Remove ethers dependency entirely in favor of viem for all Ethereum operations - Update signature validation in did:ethr to use viem's hashMessage and recoverAddress - Update EIP-712 signing to use viem's SignTypedDataParameters and hashTypedData - Migrate all tests from ethers.Wallet to viem's privateKeyToAccount - Update helper functions to work with viem's PrivateKeyAccount type Align tests with public API: - Refactor tests to use Validator.parse instead of internal validateNucSignature - Make validation functions async to support viem's async signature recovery - Update Validator.parse and Validator.validate to return Promises - Update test assertion helpers (assertSuccess, assertFailure) to be async - Add assertValidParse helper function for cleaner test code Decouple test environment from .env files: - Remove dotenv dependency from test setup - Define service URLs as constants derived from docker-compose.yml port mappings - Set process.env values directly from constants for better clarity and maintainability
The bytesToHex function from `@noble/hashes/utils` returns hex strings without the 0x prefix, eg `aaaa...`, but viem's `recoverAddress` expects hex strings with the 0x prefix, eg, `0xaaaa...`.
Tsdown simplifies build processes with a zero-config bundling and better integration with modern tooling. Changes: - Replace `tsup` with `tsdown` - Remove @arethetypeswrong/cli (attw) - no longer needed - Remove attw validation step from CI workflow
tim-hm
force-pushed
the
feat/require-expiry
branch
from
2799d0a to
0e06b51
Compare
tim-hm
force-pushed
the
feat/require-expiry
branch
from
0e06b51 to
7b485ce
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.