Skip to content

Feature/migrate to typescript#53

Open
DanOnCall wants to merge 17 commits intoauth0:masterfrom
DanOnCall:feature/migrate-to-typescript
Open

Feature/migrate to typescript#53
DanOnCall wants to merge 17 commits intoauth0:masterfrom
DanOnCall:feature/migrate-to-typescript

Conversation

@DanOnCall
Copy link
Copy Markdown

@DanOnCall DanOnCall commented Apr 28, 2025
edited
Loading

Please see the Changelog.md file for an outline of the changes this PR introduces. In summary:

  • Migrate to TypeScript.
  • Add support for Express v5.x.x.
  • Improve testing.
  • Align API with express-jwt.
  • Bump version to 3.0.0.

Testing Done

The existing test suite was migrated to TypeScript and expanded to validate all new and existing functionality. All tests pass successfully.

The testing strategy includes:

  • Full API Coverage: Validated all public functions and configuration options, including checkAllScopes, customUserKey, customScopeKey, and failWithError.
  • Authorization Logic: Confirmed correct handling of "any" vs. "all" scope checks, for both string-based and array-based scope claims in the JWT.
  • Robust Error Handling: Ensured that all documented error scenarios—such as insufficient scope, malformed JWT payloads, or invalid scope formats—produce the correct 403 error response or call next(err) as expected.
  • Express Compatibility: The full test suite was executed against both Express v4 and Express v5 to guarantee compatibility.
  • Static Type-Checking: The entire project, including tests, now passes strict TypeScript validation, ensuring the new type definitions are accurate and effective.

This ensures the v3.0.0 release is robust, type-safe, and backward-compatible with supported Express versions.

DanOnCall added 15 commits April 27, 2025 20:12
@DanOnCall
Migrate package to TypeScript and improve testing
900f4ba
@DanOnCall
upgrade husky
3564fa4
@DanOnCall
Upgrade dependencies in package-lock.json to latest versions
2a1c6a2 
Updated multiple packages to their latest versions, including `express`, `body-parser`, `cookie`, and others. Added new dependencies like `call-bind-apply-helpers` and `dunder-proto` for compatibility and functionality improvements. Ensured licenses and integrity hashes are up-to-date.
@DanOnCall
Remove .nyc_output from .gitignore
ce439d9
@DanOnCall
Update README
48ab220
@DanOnCall
Update README
0dc7f51
@DanOnCall
Add support for Express v5
6252721
@DanOnCall
Bump version to 3.0.0
5e74c19
@DanOnCall
Update Changelog
e9f21e1
@DanOnCall
Align payload key name on req with express-jwt key name
d32ff65
@DanOnCall
Improve code documentation
1df1990
@DanOnCall
Improve testing and error handling
1f099e5
@DanOnCall
Add missing husky npm script
9686c29
@DanOnCall
Update README
7067060
@DanOnCall
update changelog
494e37f
@gyaneshgouraw-okta
Copy link
Copy Markdown

gyaneshgouraw-okta commented Apr 30, 2025

Hey @DanOnCall can you also update the PR description with required testing you have done to validate the changes made.

gyaneshgouraw-okta
gyaneshgouraw-okta reviewed Apr 30, 2025
View reviewed changes
Comment thread Changelog.md

### BREAKING CHANGES

- **Export Method:** The library now uses a named export (`export const jwtAuthz`) instead of `module.exports`. CommonJS consumers must update their `require` statements from `const jwtAuthz = require('express-jwt-authz');` to `const { jwtAuthz } = require('express-jwt-authz');`. ES Module imports (`import { jwtAuthz } from ...`) remain unchanged.
Copy link
Copy Markdown

@gyaneshgouraw-okta gyaneshgouraw-okta Apr 30, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @DanOnCall
Can you also add a migration guide from v2 to v3 to follow up this changelog.
That would assist developers in quickly grasping the changes required to to move to v3.

Copy link
Copy Markdown
Author

@DanOnCall DanOnCall Jun 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've added such document. Thanks for pointing this out. 🙏

Comment thread package.json Outdated
@@ -41,7 +55,6 @@
"node": ">=6"
Copy link
Copy Markdown

@gyaneshgouraw-okta gyaneshgouraw-okta Apr 30, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@DanOnCall have we verified if this supported node version with new major version still holds true ?

Copy link
Copy Markdown
Author

@DanOnCall DanOnCall Jun 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great catch! Thank you. I bumped the supported min version to 14 and documented the reasoning in the changelog.

@johnmcase johnmcase mentioned this pull request Jun 6, 2025
Open
4 tasks
@DanOnCall
Copy link
Copy Markdown
Author

DanOnCall commented Jun 8, 2025

Hey @DanOnCall can you also update the PR description with required testing you have done to validate the changes made.

All done! Thanks for your review 🙏

@richardmatsu
Copy link
Copy Markdown

richardmatsu commented Oct 31, 2025

Any chance this gets merged and new version supporting Express v5 gets published?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gyaneshgouraw-okta gyaneshgouraw-okta Awaiting requested review from gyaneshgouraw-okta

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@DanOnCall @gyaneshgouraw-okta @richardmatsu