Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Add JWT string validator #3893

Merged

Conversation

Mokshit06
Copy link
Contributor

@Mokshit06 Mokshit06 commented Dec 9, 2024

This PR retroactively implements the jwt string format in Zod v3. Resolves #2946. Link to Devin run: https://preview.devin.ai/sessions/51826709fcd3457abc4be25e587c790c

Supports the following API:

z.string().jwt() // checks for jwt format
z.string().jwt({ alg?: string }) // with optional algorithm

Implements:

  • A three-part JWT structure (header.payload.signature), with base64 encoding of all parts and header containing required 'typ' and 'alg' fields.
  • Optional algorithm validation when specified
  • Implement in both main and Deno versions
  • Add comprehensive test coverage

- Add z.string().jwt() validator for checking JWT format
- Add optional algorithm validation with z.string().jwt({ alg: string })
- Implement in both main and Deno versions
- Add comprehensive test coverage
- Use atob() for browser compatibility
Copy link

netlify bot commented Dec 9, 2024

Deploy Preview for guileless-rolypoly-866f8a ready!

Built without sensitive environment variables

Name Link
🔨 Latest commit 70eaa22
🔍 Latest deploy log https://app.netlify.com/sites/guileless-rolypoly-866f8a/deploys/6757c00ee6837d000810ba46
😎 Deploy Preview https://deploy-preview-3893--guileless-rolypoly-866f8a.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@colinhacks colinhacks merged commit b68c05f into colinhacks:main Dec 10, 2024
4 checks passed
alexandresoro pushed a commit to alexandresoro/ouca that referenced this pull request Dec 22, 2024
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [zod](https://zod.dev) ([source](https://github.com/colinhacks/zod)) | dependencies | minor | [`3.23.8` -> `3.24.1`](https://renovatebot.com/diffs/npm/zod/3.23.8/3.24.1) |

---

### Release Notes

<details>
<summary>colinhacks/zod (zod)</summary>

### [`v3.24.1`](https://github.com/colinhacks/zod/releases/tag/v3.24.1)

[Compare Source](colinhacks/zod@v3.24.0...v3.24.1)

##### Commits:

-   [`0c6cbbd`](colinhacks/zod@0c6cbbd) Undeprecate .nonempty()
-   [`4e219d6`](colinhacks/zod@4e219d6) Bump min TS version to 5.0
-   [`65adeea`](colinhacks/zod@65adeea) v3.24.1

### [`v3.24.0`](https://github.com/colinhacks/zod/releases/tag/v3.24.0)

[Compare Source](colinhacks/zod@v3.23.8...v3.24.0)

##### Implement `@standard-schema/spec`

This is the first version of Zod to implement the [Standard Schema](https://github.com/standard-schema/standard-schema) spec. This is a new community effort among several validation library authors to implement a common interface, with the goal of simplifying the process of integrating schema validators with the rest of the ecosystem. Read more about the project and goals [here](https://github.com/standard-schema/standard-schema).

##### `z.string().jwt()`

Thanks to [@&#8203;Mokshit06](https://github.com/Mokshit06) and [@&#8203;Cognition-Labs](https://github.com/Cognition-Labs) for this contribution!

To verify that a string is a valid 3-part JWT.

    z.string().jwt();

> ⚠️ This does not *verify* your JWT cryptographically! It merely ensures its in the proper format. Use a library like [`jsonwebtoken`](https://github.com/auth0/node-jsonwebtoken) to verify the JWT signature, parse the token, and read the claims.

To constrain the JWT to a specific algorithm:

```ts
z.string().jwt({ alg: "RS256" });
```

##### `z.string().base64url()`

Thank you to [@&#8203;marvinruder](https://github.com/marvinruder)!

To complement the JWT validation, Zod 3.24 implements a standalone `.base64url()` string validation API. (The three elements of JWTs are base64url-encoded JSON strings.)

```ts
z.string().base64url()
```

This functionality is available along the standard `z.string().base64()` validator added in Zod 3.23.

##### `z.string().cidr()`

Thanks to [@&#8203;wataryooou](https://github.com/wataryooou) for their work on this!

A validator for [CIDR notation](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) for specifying IP address ranges, e.g. `192.24.12.0/22`.

```ts
z.string().cidr()
```

To specify an IP version:

```ts
z.string().cidr({ version: "v4" })
z.string().cidr({ version: "v6" })
```

***

View the full diff from 3.23.8: colinhacks/zod@v3.23.8...v3.24.0

-   [`294f54f`](colinhacks/zod@294f54f) Update README_ZH.md about Discriminated unions ([#&#8203;3493](colinhacks/zod#3493))
-   [`1247caf`](colinhacks/zod@1247caf) Add Kubb as X-to-Zod community tool ([#&#8203;3508](colinhacks/zod#3508))
-   [`62b7842`](colinhacks/zod@62b7842) Update default branch
-   [`c6bc80d`](colinhacks/zod@c6bc80d) Fix issue [#&#8203;3582](colinhacks/zod#3582) : ULID should be case insensitive ([#&#8203;3593](colinhacks/zod#3593))
-   [`a5b9dc3`](colinhacks/zod@a5b9dc3) docs: add zod-schema-faker to ecosystem ([#&#8203;3605](colinhacks/zod#3605))
-   [`9818d0e`](colinhacks/zod@9818d0e) Add zod-sockets ([#&#8203;3609](colinhacks/zod#3609))
-   [`7173d0b`](colinhacks/zod@7173d0b) Add drizzle-zod library to X to Zod README.md section ([#&#8203;3648](colinhacks/zod#3648))
-   [`c5a4edc`](colinhacks/zod@c5a4edc) Add 'schemql' in Powered by Zod ([#&#8203;3800](colinhacks/zod#3800))
-   [`85916b3`](colinhacks/zod@85916b3) docs: add zod-form-renderer to form integration docs ([#&#8203;3697](colinhacks/zod#3697))
-   [`51f1dc3`](colinhacks/zod@51f1dc3) docs: add unplugin-environment in powered by zod ([#&#8203;3778](colinhacks/zod#3778))
-   [`8e74db3`](colinhacks/zod@8e74db3) fix: ipv6 regex validation ([#&#8203;3513](colinhacks/zod#3513))
-   [`1f4f0da`](colinhacks/zod@1f4f0da) refactor: rename ip version types ([#&#8203;3755](colinhacks/zod#3755))
-   [`f487d74`](colinhacks/zod@f487d74) Remove faulty ip test case
-   [`48f1c47`](colinhacks/zod@48f1c47) docs: Remove invalid semicolon in ERROR_HANDLING.md ([#&#8203;3857](colinhacks/zod#3857))
-   [`1d0a4b9`](colinhacks/zod@1d0a4b9) fix: bigint coerce crash ([#&#8203;3822](colinhacks/zod#3822))
-   [`14dceaa`](colinhacks/zod@14dceaa) Add API library ([#&#8203;3814](colinhacks/zod#3814))
-   [`f82f817`](colinhacks/zod@f82f817) feat: z.string.cidr() - support CIDR notation ([#&#8203;3820](colinhacks/zod#3820))
-   [`71a0c33`](colinhacks/zod@71a0c33) docs: add info on unqualified local datetime strings ([#&#8203;3760](colinhacks/zod#3760))
-   [`b85686a`](colinhacks/zod@b85686a) Add support for `base64url` strings ([#&#8203;3712](colinhacks/zod#3712))
-   [`6407bed`](colinhacks/zod@6407bed) Allow creation of discriminated unions with a readonly array of options ([#&#8203;3535](colinhacks/zod#3535))
-   [`3755146`](colinhacks/zod@3755146) Remove createParams cascade from .array() ([#&#8203;3530](colinhacks/zod#3530))
-   [`963386d`](colinhacks/zod@963386d) Fix lint
-   [`69a1798`](colinhacks/zod@69a1798) Implement Standard Schema spec ([#&#8203;3850](colinhacks/zod#3850))
-   [`c1dd537`](colinhacks/zod@c1dd537) Adds `frrm` package to documentation ([#&#8203;3818](colinhacks/zod#3818))
-   [`b68c05f`](colinhacks/zod@b68c05f) feat: Add JWT string validator ([#&#8203;3893](colinhacks/zod#3893))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS44Mi4wIiwidXBkYXRlZEluVmVyIjoiMzkuODIuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiZGVwZW5kZW5jaWVzIl19-->

Reviewed-on: https://git.tristess.app/alexandresoro/ouca/pulls/406
Reviewed-by: Alexandre Soro <code@soro.dev>
Co-authored-by: renovate <renovate@git.tristess.app>
Co-committed-by: renovate <renovate@git.tristess.app>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Add support for jwt
2 participants