reduce code size

Author: splitice

lib/psSupported.js

@@ -1,5 +1,5 @@
 const allowedAlgorithmsForKeys = {
-  'rsa': ['RS256', 'PS256', 'RS384', 'PS384', 'RS512', 'PS512'],
+  'rsa': ['RS256', 'PS256', 'RS384'],
 };
 
 module.exports = function(algorithm, key) {

lib/validateAsymmetricKey.js

@@ -14,46 +14,50 @@ function validAlgorithm(alg) {
   return SUPPORTED_ALGS.includes(alg)
 }
 
+const TimespanScheme = { isValid: function(value) { return isInteger(value) || (isString(value) && value); }, message: 'should be a number of seconds or string representing a timespan' }
+const StringScheme = { isValid: isString, message: 'must be a string' }
+const BooleanScheme = { isValid: isBoolean, message: 'must be a boolean' }
+
 const sign_options_schema = {
-  expiresIn: { isValid: function(value) { return isInteger(value) || (isString(value) && value); }, message: '"expiresIn" should be a number of seconds or string representing a timespan' },
-  notBefore: { isValid: function(value) { return isInteger(value) || (isString(value) && value); }, message: '"notBefore" should be a number of seconds or string representing a timespan' },
-  audience: { isValid: function(value) { return isString(value) || Array.isArray(value); }, message: '"audience" must be a string or array' },
-  algorithm: { isValid: validAlgorithm, message: '"algorithm" must be a valid string enum value' },
-  header: { isValid: isPlainObject, message: '"header" must be an object' },
-  encoding: { isValid: isString, message: '"encoding" must be a string' },
-  issuer: { isValid: isString, message: '"issuer" must be a string' },
-  subject: { isValid: isString, message: '"subject" must be a string' },
-  jwtid: { isValid: isString, message: '"jwtid" must be a string' },
-  noTimestamp: { isValid: isBoolean, message: '"noTimestamp" must be a boolean' },
-  keyid: { isValid: isString, message: '"keyid" must be a string' },
-  mutatePayload: { isValid: isBoolean, message: '"mutatePayload" must be a boolean' },
-  allowInsecureKeySizes: { isValid: isBoolean, message: '"allowInsecureKeySizes" must be a boolean'},
-  allowInvalidAsymmetricKeyTypes: { isValid: isBoolean, message: '"allowInvalidAsymmetricKeyTypes" must be a boolean'}
+  expiresIn: TimespanScheme,
+  notBefore: TimespanScheme,
+  audience: { isValid: function(value) { return isString(value) || Array.isArray(value); }, message: 'must be a string or array' },
+  algorithm: { isValid: validAlgorithm, message: 'must be a valid string enum value' },
+  header: { isValid: isPlainObject, message: 'must be an object' },
+  encoding: StringScheme,
+  issuer: StringScheme,
+  subject: StringScheme,
+  jwtid: StringScheme,
+  noTimestamp: BooleanScheme,
+  keyid: StringScheme,
+  mutatePayload: BooleanScheme,
+  allowInsecureKeySizes: BooleanScheme,
+  allowInvalidAsymmetricKeyTypes: BooleanScheme
 };
 
+const SecondClaim = { isValid: isNumber, message: 'should be a number of seconds' }
 const registered_claims_schema = {
-  iat: { isValid: isNumber, message: '"iat" should be a number of seconds' },
-  exp: { isValid: isNumber, message: '"exp" should be a number of seconds' },
-  nbf: { isValid: isNumber, message: '"nbf" should be a number of seconds' }
+  iat: SecondClaim,
+  exp: SecondClaim,
+  nbf: SecondClaim
 };
 
 function validate(schema, allowUnknown, object, parameterName) {
   if (!isPlainObject(object)) {
     throw new Error('Expected "' + parameterName + '" to be a plain object.');
   }
-  Object.keys(object)
-    .forEach(function(key) {
-      const validator = schema[key];
-      if (!validator) {
-        if (!allowUnknown) {
-          throw new Error('"' + key + '" is not allowed in "' + parameterName + '"');
-        }
-        return;
-      }
-      if (!validator.isValid(object[key])) {
-        throw new Error(validator.message);
+  for(const key in object) {
+    const validator = schema[key];
+    if (!validator) {
+      if (!allowUnknown) {
+        throw new Error('"' + key + '" is not allowed in "' + parameterName + '"');
       }
-    });
+      return;
+    }
+    if (!validator.isValid(object[key])) {
+      throw new Error('"' + key + '" ' + validator.message);
+    }
+  }
 }
 
 function validateOptions(options) {
@@ -224,7 +228,7 @@ module.exports = function (payload, secretOrPrivateKey, options, callback) {
 
   const encoding = options.encoding || 'utf8';
 
-  let signature = jws.sign({header: header, payload: payload, secret: secretOrPrivateKey, encoding: encoding});
+  let signature = jws.sign({header, payload, secret: secretOrPrivateKey, encoding});
   // TODO: Remove in favor of the modulus length check before signing once node 15+ is the minimum supported version
   if(!options.allowInsecureKeySizes && /^(?:RS|PS)/.test(header.alg) && signature.length < 256) {
     throw new Error(`secretOrPrivateKey has a minimum key size of 2048 bits for ${header.alg}`)

sign.js

@@ -4,19 +4,10 @@ const TokenExpiredError = require('./lib/TokenExpiredError');
 const decode = require('./decode');
 const timespan = require('./lib/timespan');
 const validateAsymmetricKey = require('./lib/validateAsymmetricKey');
-const PS_SUPPORTED = true;
 const jws = require('jws');
 const {KeyObject, createSecretKey, createPublicKey} = require("crypto");
 
-const PUB_KEY_ALGS = ['RS256', 'RS384', 'RS512'];
-const EC_KEY_ALGS = ['ES256', 'ES384', 'ES512'];
 const RSA_KEY_ALGS = ['RS256', 'RS384', 'RS512'];
-const HS_ALGS = ['HS256', 'HS384', 'HS512'];
-
-if (PS_SUPPORTED) {
-  PUB_KEY_ALGS.splice(PUB_KEY_ALGS.length, 0, 'PS256', 'PS384', 'PS512');
-  RSA_KEY_ALGS.splice(RSA_KEY_ALGS.length, 0, 'PS256', 'PS384', 'PS512');
-}
 
 module.exports = function (jwtString, secretOrPublicKey, options, callback) {
   if ((typeof options === 'function') && !callback) {