finetune options handling

felixheck · felixheck · commit 443ad1b02fa5 · 2017-08-03T23:40:51.000+02:00
diff --git a/src/index.js b/src/index.js
@@ -25,8 +25,10 @@ let options
  * @returns {Promise} The error-handled promise
  */
 function validateOffline (token) {
+  const { publicKey, verifyOpts = {} } = options
+
   return new Promise((resolve, reject) => {
-    jwt.verify(token, options.publicKey, options.verifyOpts, (err, decoded) => {
+    jwt.verify(token, publicKey, verifyOpts, (err, decoded) => {
       if (err) {
         reject(err)
       }
diff --git a/src/utils.js b/src/utils.js
@@ -11,13 +11,16 @@ const scheme = joi.object({
   realmUrl: joi.string().uri().required(),
   clientId: joi.string().min(1).required(),
   secret: joi.string().min(1),
+  publicKey: joi.string().regex(/^-----BEGIN(?: RSA)? PUBLIC KEY-----[\s\S]*-----END(?: RSA)? PUBLIC KEY-----$/ig, 'PEM'),
+  verifyOpts: joi.object().unknown(true),
   cache: joi.alternatives().try(joi.object({
     segment: joi.string().default('keycloakJwt')
   }), joi.boolean()).default(false),
   userInfo: joi.array().items(joi.string().min(1))
 })
 .xor('secret', 'publicKey')
 .without('secret', 'verifyOpts')
+.forbidden('verifyOpts.ignoreExpiration', 'verifyOpts.ignoreNotBefore')
 .required()
 
 /**
