1- import crypto from "crypto"
21import { EncryptJWT , jwtDecrypt } from "jose"
2+ import hkdf from '@panva/hkdf'
33import { v4 as uuid } from "uuid"
44import { NextApiRequest } from "next"
55import type { JWT , JWTDecodeParams , JWTEncodeParams , JWTOptions } from "./types"
@@ -21,7 +21,7 @@ export async function encode({
2121 . setProtectedHeader ( { alg : "dir" , enc : "A256GCM" } )
2222 . setIssuedAt ( )
2323 . setExpirationTime ( now ( ) + maxAge )
24- . setJti ( crypto . randomUUID ? crypto . randomUUID ( ) : uuid ( ) )
24+ . setJti ( uuid ( ) )
2525 . encrypt ( encryptionSecret )
2626}
2727
@@ -99,33 +99,12 @@ export async function getToken<R extends boolean = false>(
9999 }
100100}
101101
102- /** Do the better hkdf of Node.js one added in `v15.0.0` and Third Party one */
103- async function hkdf ( secret , { byteLength, encryptionInfo, digest = "sha256" } ) {
104- if ( crypto . hkdf ) {
105- return await new Promise ( ( resolve , reject ) => {
106- crypto . hkdf (
107- digest ,
108- secret ,
109- Buffer . alloc ( 0 ) ,
110- encryptionInfo ,
111- byteLength ,
112- ( err , derivedKey ) => {
113- if ( err ) reject ( err )
114- else resolve ( Buffer . from ( derivedKey ) )
115- }
116- )
117- } )
118- }
119- // eslint-disable-next-line @typescript-eslint/no-var-requires
120- return require ( "futoin-hkdf" ) ( secret , byteLength , {
121- info : encryptionInfo ,
122- hash : digest ,
123- } )
124- }
125-
126102async function getDerivedEncryptionKey ( secret ) {
127- return await hkdf ( secret , {
128- byteLength : 32 ,
129- encryptionInfo : "NextAuth.js Generated Encryption Key" ,
130- } )
103+ return await hkdf (
104+ 'sha256' ,
105+ secret ,
106+ "" ,
107+ "NextAuth.js Generated Encryption Key" ,
108+ 32
109+ )
131110}
0 commit comments