MCPcopy
hub / github.com/panva/jose / replicatedClaimCheck

Function replicatedClaimCheck

test/jwt/decrypt.test.ts:401–421  ·  view source on GitHub ↗
(t, claim)

Source from the content-addressed store, hash-verified

399}
400
401async function replicatedClaimCheck(t, claim) {
402 {
403 const jwt = await new EncryptJWT({ [claim]: 'urn:example' })
404 .setProtectedHeader({ alg: 'dir', enc: 'A256GCM', [claim]: 'urn:example' })
405 .encrypt(t.context.secret)
406
407 await t.notThrowsAsync(jwtDecrypt(jwt, t.context.secret))
408 }
409 {
410 const jwt = await new EncryptJWT({ [claim]: 'urn:example:mismatched' })
411 .setProtectedHeader({ alg: 'dir', enc: 'A256GCM', [claim]: 'urn:example' })
412 .encrypt(t.context.secret)
413
414 await t.throwsAsync(
415 jwtDecrypt(jwt, t.context.secret, {
416 code: 'ERR_JWT_CLAIM_VALIDATION_FAILED',
417 message: `replicated "${claim}" claim header parameter mismatch`,
418 }),
419 )
420 }
421}
422replicatedClaimCheck.title = (t, claim) => `${claim} header claim must match the payload`
423
424for (const claim of ['iss', 'sub', 'aud']) {

Callers

nothing calls this directly

Calls 3

jwtDecryptFunction · 0.85
encryptMethod · 0.65
setProtectedHeaderMethod · 0.65

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…