chore: no more var variables

.eslintrc.json

@@ -8,6 +8,8 @@
     "node": true
   },
   "rules": {
+    "prefer-const": "error",
+    "no-var": "error",
     "comma-style": "error",
     "dot-notation": "error",
     "indent": ["error", 2],

decode.js

@@ -1,15 +1,15 @@
-var jws = require('jws');
+const jws = require('jws');
 
 module.exports = function (jwt, options) {
   options = options || {};
-  var decoded = jws.decode(jwt, options);
+  const decoded = jws.decode(jwt, options);
   if (!decoded) { return null; }
-  var payload = decoded.payload;
+  let payload = decoded.payload;
 
   //try parse the payload
   if(typeof payload === 'string') {
     try {
-      var obj = JSON.parse(payload);
+      const obj = JSON.parse(payload);
       if(obj !== null && typeof obj === 'object') {
         payload = obj;
       }

lib/JsonWebTokenError.js

@@ -1,4 +1,4 @@
-var JsonWebTokenError = function (message, error) {
+const JsonWebTokenError = function (message, error) {
   Error.call(this, message);
   if(Error.captureStackTrace) {
     Error.captureStackTrace(this, this.constructor);

lib/NotBeforeError.js

@@ -1,6 +1,6 @@
-var JsonWebTokenError = require('./JsonWebTokenError');
+const JsonWebTokenError = require('./JsonWebTokenError');
 
-var NotBeforeError = function (message, date) {
+const NotBeforeError = function (message, date) {
   JsonWebTokenError.call(this, message);
   this.name = 'NotBeforeError';
   this.date = date;

lib/TokenExpiredError.js

@@ -1,6 +1,6 @@
-var JsonWebTokenError = require('./JsonWebTokenError');
+const JsonWebTokenError = require('./JsonWebTokenError');
 
-var TokenExpiredError = function (message, expiredAt) {
+const TokenExpiredError = function (message, expiredAt) {
   JsonWebTokenError.call(this, message);
   this.name = 'TokenExpiredError';
   this.expiredAt = expiredAt;

lib/psSupported.js

@@ -1,3 +1,3 @@
-var semver = require('semver');
+const semver = require('semver');
 
 module.exports = semver.satisfies(process.version, '^6.12.0 || >=8.0.0');

lib/timespan.js

@@ -1,10 +1,10 @@
-var ms = require('ms');
+const ms = require('ms');
 
 module.exports = function (time, iat) {
-  var timestamp = iat || Math.floor(Date.now() / 1000);
+  const timestamp = iat || Math.floor(Date.now() / 1000);
 
   if (typeof time === 'string') {
-    var milliseconds = ms(time);
+    const milliseconds = ms(time);
     if (typeof milliseconds === 'undefined') {
       return;
     }

sign.js

@@ -1,20 +1,20 @@
-var timespan = require('./lib/timespan');
-var PS_SUPPORTED = require('./lib/psSupported');
-var jws = require('jws');
-var includes = require('lodash.includes');
-var isBoolean = require('lodash.isboolean');
-var isInteger = require('lodash.isinteger');
-var isNumber = require('lodash.isnumber');
-var isPlainObject = require('lodash.isplainobject');
-var isString = require('lodash.isstring');
-var once = require('lodash.once');
-
-var SUPPORTED_ALGS = ['RS256', 'RS384', 'RS512', 'ES256', 'ES384', 'ES512', 'HS256', 'HS384', 'HS512', 'none'];
+const timespan = require('./lib/timespan');
+const PS_SUPPORTED = require('./lib/psSupported');
+const jws = require('jws');
+const includes = require('lodash.includes');
+const isBoolean = require('lodash.isboolean');
+const isInteger = require('lodash.isinteger');
+const isNumber = require('lodash.isnumber');
+const isPlainObject = require('lodash.isplainobject');
+const isString = require('lodash.isstring');
+const once = require('lodash.once');
+
+const SUPPORTED_ALGS = ['RS256', 'RS384', 'RS512', 'ES256', 'ES384', 'ES512', 'HS256', 'HS384', 'HS512', 'none'];
 if (PS_SUPPORTED) {
   SUPPORTED_ALGS.splice(3, 0, 'PS256', 'PS384', 'PS512');
 }
 
-var sign_options_schema = {
+const sign_options_schema = {
   expiresIn: { isValid: function(value) { return isInteger(value) || (isString(value) && value); }, message: '"expiresIn" should be a number of seconds or string representing a timespan' },
   notBefore: { isValid: function(value) { return isInteger(value) || (isString(value) && value); }, message: '"notBefore" should be a number of seconds or string representing a timespan' },
   audience: { isValid: function(value) { return isString(value) || Array.isArray(value); }, message: '"audience" must be a string or array' },
@@ -29,7 +29,7 @@ var sign_options_schema = {
   mutatePayload: { isValid: isBoolean, message: '"mutatePayload" must be a boolean' }
 };
 
-var registered_claims_schema = {
+const registered_claims_schema = {
   iat: { isValid: isNumber, message: '"iat" should be a number of seconds' },
   exp: { isValid: isNumber, message: '"exp" should be a number of seconds' },
   nbf: { isValid: isNumber, message: '"nbf" should be a number of seconds' }
@@ -41,7 +41,7 @@ function validate(schema, allowUnknown, object, parameterName) {
   }
   Object.keys(object)
     .forEach(function(key) {
-      var validator = schema[key];
+      const validator = schema[key];
       if (!validator) {
         if (!allowUnknown) {
           throw new Error('"' + key + '" is not allowed in "' + parameterName + '"');
@@ -62,14 +62,14 @@ function validatePayload(payload) {
   return validate(registered_claims_schema, true, payload, 'payload');
 }
 
-var options_to_payload = {
+const options_to_payload = {
   'audience': 'aud',
   'issuer': 'iss',
   'subject': 'sub',
   'jwtid': 'jti'
 };
 
-var options_for_objects = [
+const options_for_objects = [
   'expiresIn',
   'notBefore',
   'noTimestamp',
@@ -87,10 +87,10 @@ module.exports = function (payload, secretOrPrivateKey, options, callback) {
     options = options || {};
   }
 
-  var isObjectPayload = typeof payload === 'object' &&
+  const isObjectPayload = typeof payload === 'object' &&
                         !Buffer.isBuffer(payload);
 
-  var header = Object.assign({
+  const header = Object.assign({
     alg: options.algorithm || 'HS256',
     typ: isObjectPayload ? 'JWT' : undefined,
     kid: options.keyid
@@ -120,7 +120,7 @@ module.exports = function (payload, secretOrPrivateKey, options, callback) {
       payload = Object.assign({},payload);
     }
   } else {
-    var invalid_options = options_for_objects.filter(function (opt) {
+    const invalid_options = options_for_objects.filter(function (opt) {
       return typeof options[opt] !== 'undefined';
     });
 
@@ -144,7 +144,7 @@ module.exports = function (payload, secretOrPrivateKey, options, callback) {
     return failure(error);
   }
 
-  var timestamp = payload.iat || Math.floor(Date.now() / 1000);
+  const timestamp = payload.iat || Math.floor(Date.now() / 1000);
 
   if (options.noTimestamp) {
     delete payload.iat;
@@ -177,7 +177,7 @@ module.exports = function (payload, secretOrPrivateKey, options, callback) {
   }
 
   Object.keys(options_to_payload).forEach(function (key) {
-    var claim = options_to_payload[key];
+    const claim = options_to_payload[key];
     if (typeof options[key] !== 'undefined') {
       if (typeof payload[claim] !== 'undefined') {
         return failure(new Error('Bad "options.' + key + '" option. The payload already has an "' + claim + '" property.'));
@@ -186,7 +186,7 @@ module.exports = function (payload, secretOrPrivateKey, options, callback) {
     }
   });
 
-  var encoding = options.encoding || 'utf8';
+  const encoding = options.encoding || 'utf8';
 
   if (typeof callback === 'function') {
     callback = callback && once(callback);

test/async_sign.tests.js

@@ -1,17 +1,17 @@
-var jwt = require('../index');
-var expect = require('chai').expect;
-var jws = require('jws');
-var PS_SUPPORTED = require('../lib/psSupported');
+const jwt = require('../index');
+const expect = require('chai').expect;
+const jws = require('jws');
+const PS_SUPPORTED = require('../lib/psSupported');
 
 describe('signing a token asynchronously', function() {
 
   describe('when signing a token', function() {
-    var secret = 'shhhhhh';
+    const secret = 'shhhhhh';
 
     it('should return the same result as singing synchronously', function(done) {
       jwt.sign({ foo: 'bar' }, secret, { algorithm: 'HS256' }, function (err, asyncToken) {
         if (err) return done(err);
-        var syncToken = jwt.sign({ foo: 'bar' }, secret, { algorithm: 'HS256' });
+        const syncToken = jwt.sign({ foo: 'bar' }, secret, { algorithm: 'HS256' });
         expect(asyncToken).to.be.a('string');
         expect(asyncToken.split('.')).to.have.length(3);
         expect(asyncToken).to.equal(syncToken);
@@ -95,7 +95,7 @@ describe('signing a token asynchronously', function() {
 
     describe('when mutatePayload is not set', function() {
       it('should not apply claims to the original payload object (mutatePayload defaults to false)', function(done) {
-        var originalPayload = { foo: 'bar' };
+        const originalPayload = { foo: 'bar' };
         jwt.sign(originalPayload, 'secret', { notBefore: 60, expiresIn: 600 }, function (err) {
           if (err) { return done(err); }
           expect(originalPayload).to.not.have.property('nbf');
@@ -107,7 +107,7 @@ describe('signing a token asynchronously', function() {
 
     describe('when mutatePayload is set to true', function() {
       it('should apply claims directly to the original payload object', function(done) {
-        var originalPayload = { foo: 'bar' };
+        const originalPayload = { foo: 'bar' };
         jwt.sign(originalPayload, 'secret', { notBefore: 60, expiresIn: 600, mutatePayload: true }, function (err) {
           if (err) { return done(err); }
           expect(originalPayload).to.have.property('nbf').that.is.a('number');

test/buffer.tests.js

@@ -1,10 +1,10 @@
-var jwt = require("../.");
-var assert = require('chai').assert;
+const jwt = require("../.");
+const assert = require('chai').assert;
 
 describe('buffer payload', function () {
   it('should work', function () {
-    var payload = new Buffer('TkJyotZe8NFpgdfnmgINqg==', 'base64');
-    var token = jwt.sign(payload, "signing key");
+    const payload = new Buffer('TkJyotZe8NFpgdfnmgINqg==', 'base64');
+    const token = jwt.sign(payload, "signing key");
     assert.equal(jwt.decode(token), payload.toString());
   });
 });

test/decoding.tests.js

@@ -1,10 +1,10 @@
-var jwt = require('../index');
-var expect = require('chai').expect;
+const jwt = require('../index');
+const expect = require('chai').expect;
 
 describe('decoding', function() {
 
   it('should not crash when decoding a null token', function () {
-    var decoded = jwt.decode("null");
+    const decoded = jwt.decode("null");
     expect(decoded).to.equal(null);
   });
 

test/encoding.tests.js

@@ -1,6 +1,6 @@
-var jwt = require('../index');
-var expect = require('chai').expect;
-var atob = require('atob');
+const jwt = require('../index');
+const expect = require('chai').expect;
+const atob = require('atob');
 
 describe('encoding', function() {
 
@@ -9,27 +9,27 @@ describe('encoding', function() {
   }
 
   it('should properly encode the token (utf8)', function () {
-    var expected = 'José';
-    var token = jwt.sign({ name: expected }, 'shhhhh');
-    var decoded_name = JSON.parse(b64_to_utf8(token.split('.')[1])).name;
+    const expected = 'José';
+    const token = jwt.sign({ name: expected }, 'shhhhh');
+    const decoded_name = JSON.parse(b64_to_utf8(token.split('.')[1])).name;
     expect(decoded_name).to.equal(expected);
   });
 
   it('should properly encode the token (binary)', function () {
-    var expected = 'José';
-    var token = jwt.sign({ name: expected }, 'shhhhh', { encoding: 'binary' });
-    var decoded_name = JSON.parse(atob(token.split('.')[1])).name;
+    const expected = 'José';
+    const token = jwt.sign({ name: expected }, 'shhhhh', { encoding: 'binary' });
+    const decoded_name = JSON.parse(atob(token.split('.')[1])).name;
     expect(decoded_name).to.equal(expected);
   });
 
   it('should return the same result when decoding', function () {
-    var username = '測試';
+    const username = '測試';
 
-    var token = jwt.sign({
+    const token = jwt.sign({
       username: username
     }, 'test');
 
-    var payload = jwt.verify(token, 'test');
+    const payload = jwt.verify(token, 'test');
 
     expect(payload.username).to.equal(username);
   });

test/expires_format.tests.js

@@ -1,5 +1,5 @@
-var jwt = require('../index');
-var expect = require('chai').expect;
+const jwt = require('../index');
+const expect = require('chai').expect;
 
 describe('expires option', function() {
 

test/invalid_exp.tests.js

@@ -1,10 +1,10 @@
-var jwt = require('../index');
-var expect = require('chai').expect;
+const jwt = require('../index');
+const expect = require('chai').expect;
 
 describe('invalid expiration', function() {
 
   it('should fail with string', function (done) {
-    var broken_token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOiIxMjMiLCJmb28iOiJhZGFzIn0.cDa81le-pnwJMcJi3o3PBwB7cTJMiXCkizIhxbXAKRg';
+    const broken_token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOiIxMjMiLCJmb28iOiJhZGFzIn0.cDa81le-pnwJMcJi3o3PBwB7cTJMiXCkizIhxbXAKRg';
 
     jwt.verify(broken_token, '123', function (err) {
       expect(err.name).to.equal('JsonWebTokenError');
@@ -14,7 +14,7 @@ describe('invalid expiration', function() {
   });
 
   it('should fail with 0', function (done) {
-    var broken_token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjAsImZvbyI6ImFkYXMifQ.UKxix5T79WwfqAA0fLZr6UrhU-jMES2unwCOFa4grEA';
+    const broken_token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjAsImZvbyI6ImFkYXMifQ.UKxix5T79WwfqAA0fLZr6UrhU-jMES2unwCOFa4grEA';
 
     jwt.verify(broken_token, '123', function (err) {
       expect(err.name).to.equal('TokenExpiredError');
@@ -24,7 +24,7 @@ describe('invalid expiration', function() {
   });
 
   it('should fail with false', function (done) {
-    var broken_token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOmZhbHNlLCJmb28iOiJhZGFzIn0.iBn33Plwhp-ZFXqppCd8YtED77dwWU0h68QS_nEQL8I';
+    const broken_token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOmZhbHNlLCJmb28iOiJhZGFzIn0.iBn33Plwhp-ZFXqppCd8YtED77dwWU0h68QS_nEQL8I';
 
     jwt.verify(broken_token, '123', function (err) {
       expect(err.name).to.equal('JsonWebTokenError');
@@ -34,7 +34,7 @@ describe('invalid expiration', function() {
   });
 
   it('should fail with true', function (done) {
-    var broken_token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOnRydWUsImZvbyI6ImFkYXMifQ.eOWfZCTM5CNYHAKSdFzzk2tDkPQmRT17yqllO-ItIMM';
+    const broken_token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOnRydWUsImZvbyI6ImFkYXMifQ.eOWfZCTM5CNYHAKSdFzzk2tDkPQmRT17yqllO-ItIMM';
 
     jwt.verify(broken_token, '123', function (err) {
       expect(err.name).to.equal('JsonWebTokenError');
@@ -44,7 +44,7 @@ describe('invalid expiration', function() {
   });
 
   it('should fail with object', function (done) {
-    var broken_token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOnt9LCJmb28iOiJhZGFzIn0.1JjCTsWLJ2DF-CfESjLdLfKutUt3Ji9cC7ESlcoBHSY';
+    const broken_token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOnt9LCJmb28iOiJhZGFzIn0.1JjCTsWLJ2DF-CfESjLdLfKutUt3Ji9cC7ESlcoBHSY';
 
     jwt.verify(broken_token, '123', function (err) {
       expect(err.name).to.equal('JsonWebTokenError');

test/issue_147.tests.js

@@ -1,11 +1,11 @@
-var jwt = require('../index');
-var expect = require('chai').expect;
+const jwt = require('../index');
+const expect = require('chai').expect;
 
 describe('issue 147 - signing with a sealed payload', function() {
 
   it('should put the expiration claim', function () {
-    var token = jwt.sign(Object.seal({foo: 123}), '123', { expiresIn: 10 });
-    var result = jwt.verify(token, '123');
+    const token = jwt.sign(Object.seal({foo: 123}), '123', { expiresIn: 10 });
+    const result = jwt.verify(token, '123');
     expect(result.exp).to.be.closeTo(Math.floor(Date.now() / 1000) + 10, 0.2);
   });
 

test/issue_304.tests.js

@@ -1,5 +1,5 @@
-var jwt = require('../index');
-var expect = require('chai').expect;
+const jwt = require('../index');
+const expect = require('chai').expect;
 
 describe('issue 304 - verifying values other than strings', function() {