davedoesdev
diff --git a/‎.travis.yml
Lines changed: 2 additions & 2 deletions b/‎.travis.yml
Lines changed: 2 additions & 2 deletions
diff --git a/‎Makefile
Lines changed: 1 addition & 1 deletion b/‎Makefile
Lines changed: 1 addition & 1 deletion
diff --git a/‎README.md
Lines changed: 1 addition & 1 deletion b/‎README.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎test/fixtures.js
Lines changed: 29 additions & 40 deletions b/‎test/fixtures.js
Lines changed: 29 additions & 40 deletions
diff --git a/‎test/node_jsjws_interop_vows.py renamed to ‎test/jose_interop_vows.py
Lines changed: 9 additions & 9 deletions b/‎test/node_jsjws_interop_vows.py renamed to ‎test/jose_interop_vows.py
Lines changed: 9 additions & 9 deletions
@@ -6,9 +6,9 @@ python:
   - 3.7
   - 3.8
 node_js:
-  - 12
+  - 13
 before_install:
-  - nvm install 12
+  - nvm install 13
   - node --version
   - make node_deps
 addons:
 
@@ -35,7 +35,7 @@ bench_gfm:
 	for b in ./bench/*_bench.py; do $$b --gfm; done
 
 node_deps:
-	mkdir -p node_modules && npm install --python=python2.7 jsjws sinon
+	mkdir -p node_modules && npm install --python=python2.7 jose sinon
 
 dist: make_dist
 
 
@@ -6,7 +6,7 @@ Module for generating and verifying [JSON Web Tokens](http://self-issued.info/do
 - **Note:** Versions 1.0.0 and later fix [a vulnerability](https://www.timmclean.net/2015/02/25/jwt-alg-none.html) in JSON Web Token verification so please upgrade if you're using this functionality. The API has changed so you will need to update your application. [verify_jwt](http://rawgit.davedoesdev.com/davedoesdev/python-jwt/master/docs/_build/html/index.html#python_jwt.verify_jwt) now requires you to specify which signature algorithms are allowed.
 - Uses [jwcrypto](https://jwcrypto.readthedocs.io) to do the heavy lifting.
 - Supports [__RS256__, __RS384__, __RS512__](http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-14#section-3.3), [__PS256__, __PS384__, __PS512__](http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-14#section-3.5), [__HS256__, __HS384__, __HS512__](http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-14#section-3.2) and [__none__](http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-14#section-3.6) signature algorithms.
-- Unit tests, including tests for interoperability with [node-jsjws](https://github.com/davedoesdev/node-jsjws).
+- Unit tests, including tests for interoperability with [jose](https://github.com/panva/jose).
 - Supports Python 2,7 and 3.6+. **Note:** [generate_jwt](http://rawgit.davedoesdev.com/davedoesdev/python-jwt/master/docs/_build/html/index.html#python_jwt.generate_jwt) returns the token as a Unicode string, even on Python 2.7.
 
 Example:
 
@@ -1,50 +1,39 @@
 /*jslint node: true */
 "use strict";
 
-var sinon = require('sinon'),
-    jsjws = require('jsjws');
-
-function generate(time, header, claims, expires, not_before, key)
-{
-    if (key.indexOf('-----BEGIN') === 0)
-    {
-        key = jsjws.createPrivateKey(key);
-    }
-
-    var clock = sinon.useFakeTimers(time * 1000);
-
-    try
-    {
-        expires = new Date(expires * 1000);
-        not_before = new Date(not_before * 1000);
-
-        process.stdout.write(new jsjws.JWT().generateJWTByKey(header, claims, expires, not_before, key));
-    }
-    finally
-    {
+const crypto = require('crypto');
+const sinon = require('sinon');
+const { JWK, JWT } = require('jose');
+
+function generate(time, header, claims, expires, not_before, key) {
+    const clock = sinon.useFakeTimers(time * 1000);
+    claims.exp = expires;
+    claims.nbf = not_before;
+    try {
+        process.stdout.write(JWT.sign(claims, JWK.asKey(key), {
+            algorithm: header.alg,
+            jti: crypto.randomBytes(16).toString('hex'),
+            kid: false,
+            header: { typ: 'JWT' }
+        }));
+    } finally {
         clock.restore();
     }
 }
 
-function verify(time, sjwt, iat_skew, key, alg)
-{
-    if (key.indexOf('-----BEGIN') === 0)
-    {
-        key = jsjws.createPublicKey(key);
-    }
-
-    var clock = sinon.useFakeTimers(time * 1000), jwt;
-
-    try
-    {
-        jwt = new jsjws.JWT();
-
-        jwt.verifyJWTByKey(sjwt, {iat_skew: iat_skew}, key, [alg]);
-
-        process.stdout.write(JSON.stringify([jwt.getParsedHeader(), jwt.getParsedPayload()]));
-    }
-    finally
-    {
+function verify(time, sjwt, iat_skew, key, alg) {
+    const clock = sinon.useFakeTimers(time * 1000);
+    try {
+        const { header, payload } = JWT.verify(sjwt, JWK.asKey(key), {
+            algorithms: [ alg ],
+            ignoreIat: true,
+            complete: true
+        });
+        if (payload.iat > (Math.floor(Date.now() / 1000) + iat_skew)) {
+            throw new Error('issued in the future');
+        }
+        process.stdout.write(JSON.stringify([header, payload]));
+    } finally {
         clock.restore();
     }
 }
 
@@ -1,4 +1,4 @@
-""" test interop with node-jsjws """
+""" test interop with jose for node """
 
 # pylint: disable=wrong-import-order
 from test.common import pub_keys, priv_keys, algs, pub_key, priv_key
@@ -27,10 +27,10 @@ def spawn(cmd, parse_json):
 
 #pylint: disable=W0621
 def generate(alg):
-    """ return function which can generate token using node-jsjws """
+    """ return function which can generate token using jose """
     key = priv_keys[alg].get('default', priv_key)
     def f(claims, alg, lifetime=None, expires=None, not_before=None):
-        """ generate token using node-jsjws """
+        """ generate token using jose """
         now = datetime.utcnow()
         return spawn(
             "fixtures.generate({now}, {header}, {claims}, {expires}, {not_before}, {key})".format(
@@ -44,10 +44,10 @@ def f(claims, alg, lifetime=None, expires=None, not_before=None):
     return f
 
 def verify(alg):
-    """ return function which can verify token using node-jsjws """
+    """ return function which can verify token using jose """
     key = pub_keys[alg].get('default', pub_key)
     def f(sjwt, iat_skew=timedelta()):
-        """ verify token using node-jsjws """
+        """ verify token using jose """
         r = spawn(
             "fixtures.verify({now}, {sjwt}, {iat_skew}, {key}, {alg})".format(
                 now=timegm(datetime.utcnow().utctimetuple()),
@@ -60,11 +60,11 @@ def f(sjwt, iat_skew=timedelta()):
     return f
 
 for alg in algs:
-    priv_keys[alg]['node_jsjws'] = generate(alg)
-    pub_keys[alg]['node_jsjws'] = verify(alg)
+    priv_keys[alg]['jose'] = generate(alg)
+    pub_keys[alg]['jose'] = verify(alg)
 
 jwt_spec.setup(['HS256', 'HS512', 'RS256', 'RS512', 'PS256', 'PS512'])
 
 for alg in algs:
-    del priv_keys[alg]['node_jsjws']
-    del pub_keys[alg]['node_jsjws']
+    del priv_keys[alg]['jose']
+    del pub_keys[alg]['jose']