Refactored Token Service to use async/await

refs https://github.com/TryGhost/Team/issues/657 - Removes the use of "plans" from token service - method wasn't used - Updates to use async/await so the code is clearer - Install types for the node-jose module - Install types for the jsonwebtoken module
2025-02-10 23:36:14 -05:00 · 2021-05-20 15:17:12 +01:00 · 2021-05-20 15:17:12 +01:00 · 1b628a1637
commit 1b628a1637
parent 10b40dfd16
2 changed files with 23 additions and 30 deletions
--- a/ghost/members-api/lib/services/token/index.js
+++ b/ghost/members-api/lib/services/token/index.js
@ -14,21 +14,9 @@ module.exports = class TokenService {
        this._issuer = issuer;
    }

-    encodeAPIToken({sub, aud = this._issuer, plans, exp}) {
-        return this._keyStoreReady.then(jwk => jwt.sign({
-            sub,
-            plans,
-            kid: jwk.kid
-        }, this._privateKey, {
-            algorithm: 'RS512',
-            audience: aud,
-            expiresIn: exp,
-            issuer: this._issuer
-        }));
-    }
-
-    encodeIdentityToken({sub}) {
-        return this._keyStoreReady.then(jwk => jwt.sign({
+    async encodeIdentityToken({sub}) {
+        const jwk = await this._keyStoreReady;
+        return jwt.sign({
            sub,
            kid: jwk.kid
        }, this._privateKey, {
@ -36,20 +24,23 @@ module.exports = class TokenService {
            audience: this._issuer,
            expiresIn: '10m',
            issuer: this._issuer
-        }));
-    }
-
-    decodeToken(token) {
-        return this._keyStoreReady.then(jwk => jwt.verify(token, this._publicKey, {
-            algorithm: 'RS512',
-            kid: jwk.kid,
-            issuer: this._issuer
-        })).then(() => jwt.decode(token));
-    }
-
-    getPublicKeys() {
-        return this._keyStoreReady.then(() => {
-            this._keyStore.toJSON();
        });
    }
-};
+
+    /**
+     * @param {string} token
+     */
+    async decodeToken(token) {
+        await this._keyStoreReady;
+
+        return jwt.verify(token, this._publicKey, {
+            algorithms: ['RS512'],
+            issuer: this._issuer
+        });
+    }
+
+    async getPublicKeys() {
+        await this._keyStoreReady;
+        return this._keyStore.toJSON();
+    }
+};
--- a/ghost/members-api/package.json
+++ b/ghost/members-api/package.json
@ -17,6 +17,7 @@
    "gateway"
  ],
  "devDependencies": {
+    "@types/node-jose": "^1.1.6",
    "jsdom": "15.2.1",
    "mocha": "6.2.3",
    "nock": "12.0.3",
@ -26,6 +27,7 @@
  "dependencies": {
    "@tryghost/errors": "^0.2.9",
    "@tryghost/magic-link": "^1.0.2",
+    "@types/jsonwebtoken": "^8.5.1",
    "bluebird": "^3.5.4",
    "body-parser": "^1.19.0",
    "cookies": "^0.8.0",