(t, claim)
| 399 | } |
| 400 | |
| 401 | async function replicatedClaimCheck(t, claim) { |
| 402 | { |
| 403 | const jwt = await new EncryptJWT({ [claim]: 'urn:example' }) |
| 404 | .setProtectedHeader({ alg: 'dir', enc: 'A256GCM', [claim]: 'urn:example' }) |
| 405 | .encrypt(t.context.secret) |
| 406 | |
| 407 | await t.notThrowsAsync(jwtDecrypt(jwt, t.context.secret)) |
| 408 | } |
| 409 | { |
| 410 | const jwt = await new EncryptJWT({ [claim]: 'urn:example:mismatched' }) |
| 411 | .setProtectedHeader({ alg: 'dir', enc: 'A256GCM', [claim]: 'urn:example' }) |
| 412 | .encrypt(t.context.secret) |
| 413 | |
| 414 | await t.throwsAsync( |
| 415 | jwtDecrypt(jwt, t.context.secret, { |
| 416 | code: 'ERR_JWT_CLAIM_VALIDATION_FAILED', |
| 417 | message: `replicated "${claim}" claim header parameter mismatch`, |
| 418 | }), |
| 419 | ) |
| 420 | } |
| 421 | } |
| 422 | replicatedClaimCheck.title = (t, claim) => `${claim} header claim must match the payload` |
| 423 | |
| 424 | for (const claim of ['iss', 'sub', 'aud']) { |
nothing calls this directly
no test coverage detected
searching dependent graphs…