nest verify options under verify prop

articulate · Feb 19, 2019 · c1f2b7f · c1f2b7f
1 parent 7473b7c
commit c1f2b7f
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 22 deletions.
diff --git a/README.md b/README.md
@@ -40,22 +40,14 @@ const handler = req =>
 
 ## Options
 
-`authentic` accepts a JSON object of options that will be passed to the underlying libraries responsibile for validation.
+`authentic` accepts a JSON object with the following options:
 
-Besides the `issWhitelist` prop, any other options passed will be forwarded to `jwt.verify()` for validation and parsing.  [See the list of available options here.](https://github.com/auth0/node-jsonwebtoken#jwtverifytoken-secretorpublickey-options-callback)
+* `jwks` Object: options to forward to [`node-jwks-rsa`](https://github.com/auth0/node-jwks-rsa) with the following defaults:
 
-Options passed in under the prop `jwks` will be passed to `node-jwks-rsa`.
-We have set defaults for 2 values from `jwks`.
-
-```
-{
-  jwks: {
-    cache: true, // default from authentic
-    rateLimit: true, // default from authentic
-  },
-  issWhitelist: JSON.parse(process.env.ISS_WHITELIST)
-}
-```
-
-Available options to set for `node-jwks-rsa` can be found here. [See the list of available options here.](https://github.com/auth0/node-jwks-rsa)
+| option      | default |
+| ----------- | ------- |
+| `cache`     | `true`  |
+| `rateLimit` | `true`  |
 
+* `verify` Object: options to forward to `jwt.verify` from [`jsonwebtoken`](https://github.com/auth0/node-jsonwebtoken#jwtverifytoken-secretorpublickey-options-callback)
+* `issWhitelist` Array: list of trusted OIDC issuers
diff --git a/index.js b/index.js
@@ -4,7 +4,7 @@ const jwks     = require('jwks-rsa')
 const jwt      = require('jsonwebtoken')
 
 const {
-  applyTo: thrush, compose, composeP, curryN, omit, merge,
+  applyTo: thrush, compose, composeP, curryN, merge,
   mergeDeepRight, partialRight, prop, replace
 } = require('ramda')
 
@@ -39,10 +39,12 @@ const unauthorized = err =>
 const jwksOptsDefaults = { jwks: { cache: true, rateLimit: true } }
 
 const factory = options => {
-  const clients    = {}
-  const opts       = mergeDeepRight(jwksOptsDefaults, options)
-  const verifyOpts = omit([ 'issWhitelist', 'jwks' ], opts)
-  const jwksOpts   = prop('jwks', opts)
+  const clients = {}
+  const opts = mergeDeepRight(jwksOptsDefaults, options)
+  const {
+    verify: verifyOpts = {},
+    jwks: jwksOpts = {}
+  } = opts
 
   const cacheClient = iss => client =>
     clients[iss] = client

diff --git a/test/index.js b/test/index.js
@@ -13,7 +13,7 @@ const lowerBearerToken   = 'bearer ' + token
 const { issuer } = oidc
 
 const authentic = require('..')({
-  ignoreExpiration: true,
+  verify: { ignoreExpiration: true },
   issWhitelist: [ issuer ],
 })