fix: archive repository

This project is not anymore maintained.

.eslintrc.json

@@ -1,6 +1,7 @@
 {
   "extends": ["conventions", "prettier"],
   "plugins": ["prettier", "import", "unicorn"],
+  "parser": "@typescript-eslint/parser",
   "parserOptions": {
     "project": "./tsconfig.json"
   },

.github/ISSUE_TEMPLATE/BUG.md

@@ -1,8 +1,8 @@
 ---
-name: '🐛 Bug Report'
-about: 'Report an unexpected problem or unintended behavior.'
-title: '[Bug]'
-labels: 'bug'
+name: "🐛 Bug Report"
+about: "Report an unexpected problem or unintended behavior."
+title: "[Bug]"
+labels: "bug"
 ---
 
 <!--

.github/ISSUE_TEMPLATE/DOCUMENTATION.md

@@ -1,8 +1,8 @@
 ---
-name: '📜 Documentation'
-about: 'Correct spelling errors, improvements or additions to documentation files (README, CONTRIBUTING...).'
-title: '[Documentation]'
-labels: 'documentation'
+name: "📜 Documentation"
+about: "Correct spelling errors, improvements or additions to documentation files (README, CONTRIBUTING...)."
+title: "[Documentation]"
+labels: "documentation"
 ---
 
 <!-- Please make sure your issue has not already been fixed. -->

.github/ISSUE_TEMPLATE/FEATURE_REQUEST.md

@@ -1,8 +1,8 @@
 ---
-name: '✨ Feature Request'
-about: 'Suggest a new feature idea.'
-title: '[Feature]'
-labels: 'feature request'
+name: "✨ Feature Request"
+about: "Suggest a new feature idea."
+title: "[Feature]"
+labels: "feature request"
 ---
 
 <!-- Please make sure your issue has not already been fixed. -->

.github/ISSUE_TEMPLATE/IMPROVEMENT.md

@@ -1,8 +1,8 @@
 ---
-name: '🔧 Improvement'
-about: 'Improve structure/format/performance/refactor/tests of the code.'
-title: '[Improvement]'
-labels: 'improvement'
+name: "🔧 Improvement"
+about: "Improve structure/format/performance/refactor/tests of the code."
+title: "[Improvement]"
+labels: "improvement"
 ---
 
 <!-- Please make sure your issue has not already been fixed. -->

.github/ISSUE_TEMPLATE/QUESTION.md

@@ -1,8 +1,8 @@
 ---
-name: '🙋 Question'
-about: 'Further information is requested.'
-title: '[Question]'
-labels: 'question'
+name: "🙋 Question"
+about: "Further information is requested."
+title: "[Question]"
+labels: "question"
 ---
 
 ### Question

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,6 +1,6 @@
 <!-- Please first discuss the change you wish to make via issue before making a change. It might avoid a waste of your time. -->
 
-## What changes this PR introduce?
+# What changes this PR introduce?
 
 ## List any relevant issue numbers
 

.github/workflows/build.yml

@@ -1,4 +1,4 @@
-name: 'Build'
+name: "Build"
 
 on:
   push:
@@ -8,18 +8,20 @@ on:
 
 jobs:
   build:
-    runs-on: 'ubuntu-latest'
+    runs-on: "ubuntu-latest"
     steps:
-      - uses: 'actions/checkout@v3.0.0'
+      - uses: "actions/checkout@v4.0.0"
 
-      - name: 'Use Node.js'
-        uses: 'actions/setup-node@v3.1.0'
+      - name: "Setup Node.js"
+        uses: "actions/setup-node@v3.8.1"
         with:
-          node-version: 'lts/*'
-          cache: 'npm'
+          node-version: "20.x"
+          cache: "npm"
 
-      - name: 'Install'
-        run: 'npm install'
+      - name: "Install dependencies"
+        run: "npm clean-install"
 
-      - name: 'Build'
-        run: 'npm run build'
+      - name: "Build"
+        run: "npm run build"
+
+      - run: "npm run build:typescript"

.github/workflows/lint.yml

@@ -1,4 +1,4 @@
-name: 'Lint'
+name: "Lint"
 
 on:
   push:
@@ -8,21 +8,21 @@ on:
 
 jobs:
   lint:
-    runs-on: 'ubuntu-latest'
+    runs-on: "ubuntu-latest"
     steps:
-      - uses: 'actions/checkout@v3.0.0'
+      - uses: "actions/checkout@v4.0.0"
 
-      - name: 'Use Node.js'
-        uses: 'actions/setup-node@v3.1.0'
+      - name: "Setup Node.js"
+        uses: "actions/setup-node@v3.8.1"
         with:
-          node-version: 'lts/*'
-          cache: 'npm'
+          node-version: "20.x"
+          cache: "npm"
 
-      - name: 'Install'
-        run: 'npm install'
+      - name: "Install dependencies"
+        run: "npm clean-install"
 
       - run: 'npm run lint:commit -- --to "${{ github.sha }}"'
-      - run: 'npm run lint:editorconfig'
-      - run: 'npm run lint:markdown'
-      - run: 'npm run lint:typescript'
-      - run: 'npm run lint:prettier'
+      - run: "npm run lint:editorconfig"
+      - run: "npm run lint:markdown"
+      - run: "npm run lint:eslint"
+      - run: "npm run lint:prettier"

.github/workflows/release.yml

@@ -1,4 +1,4 @@
-name: 'Release'
+name: "Release"
 
 on:
   push:
@@ -6,24 +6,34 @@ on:
 
 jobs:
   release:
-    runs-on: 'ubuntu-latest'
+    runs-on: "ubuntu-latest"
+    permissions:
+      contents: "write"
+      issues: "write"
+      pull-requests: "write"
+      id-token: "write"
     steps:
-      - uses: 'actions/checkout@v3.0.0'
+      - uses: "actions/checkout@v4.0.0"
 
-      - name: 'Use Node.js'
-        uses: 'actions/setup-node@v3.1.0'
+      - name: "Setup Node.js"
+        uses: "actions/setup-node@v3.8.1"
         with:
-          node-version: 'lts/*'
-          cache: 'npm'
+          node-version: "20.x"
+          cache: "npm"
 
-      - name: 'Install'
-        run: 'npm install'
+      - name: "Install dependencies"
+        run: "npm clean-install"
 
-      - name: 'Build Package'
-        run: 'npm run build'
+      - name: "Build Package"
+        run: "npm run build"
 
-      - name: 'Release'
-        run: 'npm run release'
+      - run: "npm run build:typescript"
+
+      - name: "Verify the integrity of provenance attestations and registry signatures for installed dependencies"
+        run: "npm audit signatures"
+
+      - name: "Release"
+        run: "npm run release"
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

.github/workflows/test.yml

@@ -1,4 +1,4 @@
-name: 'Test'
+name: "Test"
 
 on:
   push:
@@ -8,24 +8,21 @@ on:
 
 jobs:
   test:
-    runs-on: 'ubuntu-latest'
+    runs-on: "ubuntu-latest"
     steps:
-      - uses: 'actions/checkout@v3.0.0'
+      - uses: "actions/checkout@v4.0.0"
 
-      - name: 'Use Node.js'
-        uses: 'actions/setup-node@v3.1.0'
+      - name: "Setup Node.js"
+        uses: "actions/setup-node@v3.8.1"
         with:
-          node-version: 'lts/*'
-          cache: 'npm'
+          node-version: "20.x"
+          cache: "npm"
 
-      - name: 'Install'
-        run: 'npm install'
+      - name: "Install dependencies"
+        run: "npm clean-install"
 
-      - name: 'Build'
-        run: 'npm run build'
+      - name: "Build"
+        run: "npm run build"
 
-      - name: 'Test'
-        run: 'npm run test'
-
-      - name: 'Upload Coverage'
-        uses: 'codecov/codecov-action@v3.0.0'
+      - name: "Test"
+        run: "npm run test"

.husky/pre-commit

@@ -3,3 +3,4 @@
 
 npm run lint:staged
 npm run build
+npm run build:typescript

.lintstagedrc.json

@@ -2,5 +2,5 @@
   "*": ["editorconfig-checker"],
   "*.{js,jsx,ts,tsx}": ["prettier --write", "eslint --fix"],
   "*.{json,jsonc,yml,yaml}": ["prettier --write"],
-  "*.{md}": ["prettier --write", "markdownlint --dot --fix"]
+  "*.{md,mdx}": ["prettier --write", "markdownlint-cli2 --fix"]
 }

.markdownlint-cli2.jsonc

@@ -0,0 +1,11 @@
+{
+  "config": {
+    "extends": "markdownlint/style/prettier",
+    "relative-links": true,
+    "default": true,
+    "MD033": false
+  },
+  "globs": ["**/*.{md,mdx}"],
+  "ignores": ["**/node_modules"],
+  "customRules": ["markdownlint-rule-relative-links"]
+}

.markdownlint.json

@@ -1,7 +0,0 @@
-{
-  "default": true,
-  "MD013": false,
-  "MD024": false,
-  "MD033": false,
-  "MD041": false
-}

.npmrc

@@ -1 +1,2 @@
 save-exact=true
+provenance=true

.nycrc.json

@@ -1,5 +0,0 @@
-{
-  "reporter": ["text", "cobertura"],
-  "src": "./build",
-  "all": true
-}

.prettierrc.json

@@ -1,6 +1,3 @@
 {
-  "singleQuote": true,
-  "jsxSingleQuote": true,
-  "semi": false,
-  "trailingComma": "none"
+  "semi": false
 }

.swcrc

@@ -1,22 +1,13 @@
 {
+  "sourceMaps": true,
   "jsc": {
     "parser": {
       "syntax": "typescript",
-      "decorators": true,
       "dynamicImport": true
     },
-    "transform": {
-      "legacyDecorator": true,
-      "decoratorMetadata": true
-    },
-    "target": "es2022",
-    "loose": true
+    "target": "esnext"
   },
   "module": {
-    "type": "es6",
-    "strict": false,
-    "strictMode": true,
-    "lazy": false,
-    "noInterop": false
+    "type": "es6"
   }
 }

.taprc

@@ -1,9 +0,0 @@
-ts: false
-jsx: false
-flow: false
-check-coverage: false
-coverage: false
-timeout: 10000
-
-files:
-  - 'build/**/*.test.js'

.vscode/settings.json

@@ -6,5 +6,6 @@
   "editor.formatOnSave": true,
   "editor.codeActionsOnSave": {
     "source.fixAll": true
-  }
+  },
+  "eslint.options": { "ignorePath": ".gitignore" }
 }

CODE_OF_CONDUCT.md

@@ -60,7 +60,7 @@ representative at an online or offline event.
 
 Instances of abusive, harassing, or otherwise unacceptable behavior may be
 reported to the community leaders responsible for enforcement at
-contact@divlo.fr.
+<contact@theoludwig.fr>.
 All complaints will be reviewed and investigated promptly and fairly.
 
 All community leaders are obligated to respect the privacy and security of the

CONTRIBUTING.md

@@ -29,26 +29,4 @@ If you're adding new features to **Thream/socketio-jwt**, please include tests.
 
 ## Commits
 
-The commit message guidelines respect [@commitlint/config-conventional](https://github.com/conventional-changelog/commitlint/tree/master/%40commitlint/config-conventional) and [Semantic Versioning](https://semver.org/) for releases.
-
-### Types
-
-Types define which kind of changes you made to the project.
-
-| Types    | Description                                                                                                  |
-| -------- | ------------------------------------------------------------------------------------------------------------ |
-| feat     | A new feature.                                                                                               |
-| fix      | A bug fix.                                                                                                   |
-| docs     | Documentation only changes.                                                                                  |
-| style    | Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc).      |
-| refactor | A code change that neither fixes a bug nor adds a feature.                                                   |
-| perf     | A code change that improves performance.                                                                     |
-| test     | Adding missing tests or correcting existing tests.                                                           |
-| build    | Changes that affect the build system or external dependencies (example scopes: gulp, broccoli, npm).         |
-| ci       | Changes to our CI configuration files and scripts (example scopes: Travis, Circle, BrowserStack, SauceLabs). |
-| chore    | Other changes that don't modify src or test files.                                                           |
-| revert   | Reverts a previous commit.                                                                                   |
-
-### Scopes
-
-Scopes define what part of the code changed.
+The commit message guidelines adheres to [Conventional Commits](https://www.conventionalcommits.org/) and [Semantic Versioning](https://semver.org/) for releases.

LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) Auth0, Inc. <support@auth0.com> (http://auth0.com) and Thream contributors
+Copyright (c) Auth0, Inc. <support@auth0.com> (<https://auth0.com/>) and Thream contributors
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -4,6 +4,10 @@
   <strong>Authenticate socket.io incoming connections with JWTs.</strong>
 </p>
 
+<p align="center">
+  <strong>⚠️ This project is not maintained anymore, you can still use the code as you wish and fork it to maintain it yourself.</strong>
+</p>
+
 <p align="center">
   <a href="./CONTRIBUTING.md"><img src="https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat" /></a>
   <a href="./LICENSE"><img src="https://img.shields.io/badge/licence-MIT-blue.svg" alt="Licence MIT"/></a>
@@ -12,7 +16,6 @@
   <a href="https://github.com/Thream/socketio-jwt/actions/workflows/build.yml"><img src="https://github.com/Thream/socketio-jwt/actions/workflows/build.yml/badge.svg?branch=develop" /></a>
   <a href="https://github.com/Thream/socketio-jwt/actions/workflows/lint.yml"><img src="https://github.com/Thream/socketio-jwt/actions/workflows/lint.yml/badge.svg?branch=develop" /></a>
   <a href="https://github.com/Thream/socketio-jwt/actions/workflows/test.yml"><img src="https://github.com/Thream/socketio-jwt/actions/workflows/test.yml/badge.svg?branch=develop" /></a>
-  <a href="https://codecov.io/gh/Thream/socketio-jwt"><img src="https://codecov.io/gh/Thream/socketio-jwt/branch/develop/graph/badge.svg" alt="codecov" /></a>
   <br />
   <a href="https://conventionalcommits.org"><img src="https://img.shields.io/badge/Conventional%20Commits-1.0.0-yellow.svg" alt="Conventional Commits" /></a>
   <a href="https://github.com/semantic-release/semantic-release"><img src="https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg" alt="semantic-release" /></a>
@@ -23,13 +26,12 @@
 
 Authenticate socket.io incoming connections with JWTs.
 
-Compatible with `socket.io >= 3.0.0`.
-
-This repository was originally forked from [auth0-socketio-jwt](https://github.com/auth0-community/auth0-socketio-jwt) & it is not intended to take any credit but to improve the code from now on.
+This repository was originally forked from [auth0-socketio-jwt](https://github.com/auth0-community/auth0-socketio-jwt) and it is not intended to take any credit but to improve the code from now on.
 
 ## Prerequisites
 
 - [Node.js](https://nodejs.org/) >= 16.0.0
+- [Socket.IO](https://socket.io/) >= 3.0.0
 
 ## 💾 Install
 
@@ -44,24 +46,24 @@ npm install --save @thream/socketio-jwt
 ### Server side
 
 ```ts
-import { Server } from 'socket.io'
-import { authorize } from '@thream/socketio-jwt'
+import { Server } from "socket.io"
+import { authorize } from "@thream/socketio-jwt"
 
 const io = new Server(9000)
 io.use(
   authorize({
-    secret: 'your secret or public key'
-  })
+    secret: "your secret or public key",
+  }),
 )
 
-io.on('connection', async (socket) => {
+io.on("connection", async (socket) => {
   // jwt payload of the connected client
   console.log(socket.decodedToken)
   const clients = await io.sockets.allSockets()
   if (clients != null) {
     for (const clientId of clients) {
       const client = io.sockets.sockets.get(clientId)
-      client?.emit('messages', { message: 'Success!' })
+      client?.emit("messages", { message: "Success!" })
       // we can access the jwt payload of each connected client
       console.log(client?.decodedToken)
     }
@@ -72,12 +74,12 @@ io.on('connection', async (socket) => {
 ### Server side with `jwks-rsa` (example)
 
 ```ts
-import jwksClient from 'jwks-rsa'
-import { Server } from 'socket.io'
-import { authorize } from '@thream/socketio-jwt'
+import jwksClient from "jwks-rsa"
+import { Server } from "socket.io"
+import { authorize } from "@thream/socketio-jwt"
 
 const client = jwksClient({
-  jwksUri: 'https://sandrino.auth0.com/.well-known/jwks.json'
+  jwksUri: "https://sandrino.auth0.com/.well-known/jwks.json",
 })
 
 const io = new Server(9000)
@@ -86,11 +88,11 @@ io.use(
     secret: async (decodedToken) => {
       const key = await client.getSigningKeyAsync(decodedToken.header.kid)
       return key.getPublicKey()
-    }
-  })
+    },
+  }),
 )
 
-io.on('connection', async (socket) => {
+io.on("connection", async (socket) => {
   // jwt payload of the connected client
   console.log(socket.decodedToken)
   // You can do the same things of the previous example there...
@@ -100,21 +102,21 @@ io.on('connection', async (socket) => {
 ### Server side with `onAuthentication` (example)
 
 ```ts
-import { Server } from 'socket.io'
-import { authorize } from '@thream/socketio-jwt'
+import { Server } from "socket.io"
+import { authorize } from "@thream/socketio-jwt"
 
 const io = new Server(9000)
 io.use(
   authorize({
-    secret: 'your secret or public key',
+    secret: "your secret or public key",
     onAuthentication: async (decodedToken) => {
       // return the object that you want to add to the user property
       // or throw an error if the token is unauthorized
-    }
-  })
+    },
+  }),
 )
 
-io.on('connection', async (socket) => {
+io.on("connection", async (socket) => {
   // jwt payload of the connected client
   console.log(socket.decodedToken)
   // You can do the same things of the previous example there...
@@ -132,23 +134,23 @@ io.on('connection', async (socket) => {
 ### Client side
 
 ```ts
-import { io } from 'socket.io-client'
-import { isUnauthorizedError } from '@thream/socketio-jwt'
+import { io } from "socket.io-client"
+import { isUnauthorizedError } from "@thream/socketio-jwt/build/UnauthorizedError.js"
 
 // Require Bearer Token
-const socket = io('http://localhost:9000', {
-  auth: { token: `Bearer ${yourJWT}` }
+const socket = io("http://localhost:9000", {
+  auth: { token: `Bearer ${yourJWT}` },
 })
 
 // Handling token expiration
-socket.on('connect_error', (error) => {
+socket.on("connect_error", (error) => {
   if (isUnauthorizedError(error)) {
-    console.log('User token has expired')
+    console.log("User token has expired")
   }
 })
 
 // Listening to events
-socket.on('messages', (data) => {
+socket.on("messages", (data) => {
   console.log(data)
 })
 ```

package.json

@@ -8,20 +8,25 @@
   "main": "build/index.js",
   "types": "build/index.d.ts",
   "files": [
-    "build"
+    "build",
+    "!**/*.test.js",
+    "!**/*.test.d.ts",
+    "!**/*.map"
   ],
   "engines": {
-    "node": ">=16.0.0"
+    "node": ">=16.0.0",
+    "npm": ">=9.0.0"
   },
   "publishConfig": {
-    "access": "public"
+    "access": "public",
+    "provenance": true
   },
   "keywords": [
     "socket",
     "socket.io",
     "jwt"
   ],
-  "author": "Divlo <contact@divlo.fr>",
+  "author": "Théo LUDWIG <contact@theoludwig.fr>",
   "repository": {
     "type": "git",
     "url": "https://github.com/Thream/socketio-jwt"
@@ -31,15 +36,16 @@
   },
   "homepage": "https://github.com/Thream/socketio-jwt#readme",
   "scripts": {
-    "build": "rimraf ./build && swc ./src --out-dir ./build && tsc",
+    "build": "rimraf ./build && swc ./src --out-dir ./build",
     "build:dev": "swc ./src --out-dir ./build --watch",
+    "build:typescript": "tsc",
     "lint:commit": "commitlint",
     "lint:editorconfig": "editorconfig-checker",
-    "lint:markdown": "markdownlint \"**/*.md\" --dot --ignore-path \".gitignore\"",
-    "lint:typescript": "eslint \"**/*.{js,jsx,ts,tsx}\" --ignore-path \".gitignore\"",
-    "lint:prettier": "prettier \".\" --check --ignore-path \".gitignore\"",
+    "lint:markdown": "markdownlint-cli2",
+    "lint:eslint": "eslint . --max-warnings 0 --report-unused-disable-directives --ignore-path .gitignore",
+    "lint:prettier": "prettier . --check",
     "lint:staged": "lint-staged",
-    "test": "c8 tap",
+    "test": "cross-env NODE_ENV=test node --enable-source-maps --test build/",
     "release": "semantic-release",
     "postinstall": "husky install",
     "prepublishOnly": "pinst --disable",
@@ -49,39 +55,39 @@
     "socket.io": ">=3.0.0"
   },
   "dependencies": {
-    "jsonwebtoken": "8.5.1"
+    "jsonwebtoken": "9.0.2"
   },
   "devDependencies": {
-    "@commitlint/cli": "16.2.3",
-    "@commitlint/config-conventional": "16.2.1",
-    "@swc/cli": "0.1.57",
-    "@swc/core": "1.2.164",
-    "@types/jsonwebtoken": "8.5.8",
-    "@types/node": "17.0.23",
-    "@types/tap": "15.0.6",
-    "@typescript-eslint/eslint-plugin": "5.18.0",
-    "@typescript-eslint/parser": "5.18.0",
-    "axios": "0.26.1",
-    "c8": "7.11.0",
-    "editorconfig-checker": "4.0.2",
-    "eslint": "8.12.0",
-    "eslint-config-conventions": "2.0.0",
-    "eslint-config-prettier": "8.5.0",
-    "eslint-plugin-import": "2.26.0",
-    "eslint-plugin-prettier": "4.0.0",
-    "eslint-plugin-promise": "6.0.0",
-    "eslint-plugin-unicorn": "42.0.0",
-    "fastify": "3.28.0",
-    "husky": "7.0.4",
-    "lint-staged": "12.3.7",
-    "markdownlint-cli": "0.31.1",
+    "@commitlint/cli": "18.0.0",
+    "@commitlint/config-conventional": "18.0.0",
+    "@swc/cli": "0.1.62",
+    "@swc/core": "1.3.94",
+    "@tsconfig/strictest": "2.0.2",
+    "@types/jsonwebtoken": "9.0.4",
+    "@types/node": "20.8.7",
+    "@typescript-eslint/eslint-plugin": "6.9.0",
+    "@typescript-eslint/parser": "6.9.0",
+    "axios": "1.5.1",
+    "cross-env": "7.0.3",
+    "editorconfig-checker": "5.1.1",
+    "eslint": "8.52.0",
+    "eslint-config-conventions": "12.0.0",
+    "eslint-config-prettier": "9.0.0",
+    "eslint-plugin-import": "2.29.0",
+    "eslint-plugin-prettier": "5.0.1",
+    "eslint-plugin-promise": "6.1.1",
+    "eslint-plugin-unicorn": "48.0.1",
+    "fastify": "4.24.3",
+    "husky": "8.0.3",
+    "lint-staged": "15.0.2",
+    "markdownlint-cli2": "0.10.0",
+    "markdownlint-rule-relative-links": "2.1.0",
     "pinst": "3.0.0",
-    "prettier": "2.6.2",
-    "rimraf": "3.0.2",
-    "semantic-release": "19.0.2",
-    "socket.io": "4.4.1",
-    "socket.io-client": "4.4.1",
-    "tap": "16.0.1",
-    "typescript": "4.6.3"
+    "prettier": "3.0.3",
+    "rimraf": "5.0.5",
+    "semantic-release": "22.0.5",
+    "socket.io": "4.7.2",
+    "socket.io-client": "4.7.2",
+    "typescript": "5.2.2"
   }
 }

src/UnauthorizedError.ts

@@ -1,20 +1,30 @@
 export class UnauthorizedError extends Error {
   public inner: { message: string }
-  public data: { message: string; code: string; type: 'UnauthorizedError' }
+  public data: { message: string; code: string; type: "UnauthorizedError" }
 
   constructor(code: string, error: { message: string }) {
     super(error.message)
-    this.name = 'UnauthorizedError'
+    this.name = "UnauthorizedError"
     this.inner = error
     this.data = {
       message: this.message,
       code,
-      type: 'UnauthorizedError'
+      type: "UnauthorizedError",
     }
     Object.setPrototypeOf(this, UnauthorizedError.prototype)
   }
 }
 
-export const isUnauthorizedError = (error: any): error is UnauthorizedError => {
-  return error.data.type === 'UnauthorizedError'
+export const isUnauthorizedError = (
+  error: unknown,
+): error is UnauthorizedError => {
+  return (
+    typeof error === "object" &&
+    error != null &&
+    "data" in error &&
+    typeof error.data === "object" &&
+    error.data != null &&
+    "type" in error.data &&
+    error.data.type === "UnauthorizedError"
+  )
 }

src/__test__/authorize.test.ts

@@ -1,36 +1,39 @@
-import tap from 'tap'
-import axios from 'axios'
-import { io, Socket } from 'socket.io-client'
+import test from "node:test"
+import assert from "node:assert/strict"
 
-import { isUnauthorizedError } from '../UnauthorizedError.js'
+import axios from "axios"
+import type { Socket } from "socket.io-client"
+import { io } from "socket.io-client"
+
+import { isUnauthorizedError } from "../UnauthorizedError.js"
+import type { Profile } from "./fixture/index.js"
 import {
   API_URL,
   fixtureStart,
   fixtureStop,
   getSocket,
   basicProfile,
-  Profile
-} from './fixture/index.js'
+} from "./fixture/index.js"
 
 export const api = axios.create({
   baseURL: API_URL,
   headers: {
-    'Content-Type': 'application/json'
-  }
+    "Content-Type": "application/json",
+  },
 })
 
 const secretCallback = async (): Promise<string> => {
-  return 'somesecret'
+  return "somesecret"
 }
 
-await tap.test('authorize', async (t) => {
-  await t.test('with secret as string in options', async (t) => {
-    let token = ''
+await test("authorize", async (t) => {
+  await t.test("with secret as string in options", async (t) => {
+    let token = ""
     let socket: Socket | null = null
 
     t.beforeEach(async () => {
       await fixtureStart()
-      const response = await api.post('/login', {})
+      const response = await api.post("/login", {})
       token = response.data.token
     })
 
@@ -39,82 +42,87 @@ await tap.test('authorize', async (t) => {
       await fixtureStop()
     })
 
-    await t.test('should emit error with no token provided', (t) => {
-      t.plan(4)
+    await t.test("should emit error with no token provided", () => {
       socket = io(API_URL)
-      socket.on('connect_error', async (error) => {
-        t.equal(isUnauthorizedError(error), true)
+      socket.on("connect_error", async (error) => {
+        assert.strictEqual(isUnauthorizedError(error), true)
         if (isUnauthorizedError(error)) {
-          t.equal(error.data.message, 'no token provided')
-          t.equal(error.data.code, 'credentials_required')
+          assert.strictEqual(error.data.message, "no token provided")
+          assert.strictEqual(error.data.code, "credentials_required")
+          assert.ok(true)
+        } else {
+          assert.fail("should be unauthorized error")
         }
-        t.pass()
       })
-      socket.on('connect', async () => {
-        t.fail()
+      socket.on("connect", async () => {
+        assert.fail("should not connect")
       })
     })
 
-    await t.test('should emit error with bad token format', (t) => {
-      t.plan(4)
+    await t.test("should emit error with bad token format", () => {
       socket = io(API_URL, {
-        auth: { token: 'testing' }
+        auth: { token: "testing" },
       })
-      socket.on('connect_error', async (error) => {
-        t.equal(isUnauthorizedError(error), true)
+      socket.on("connect_error", async (error) => {
+        assert.strictEqual(isUnauthorizedError(error), true)
         if (isUnauthorizedError(error)) {
-          t.equal(error.data.message, 'Format is Authorization: Bearer [token]')
-          t.equal(error.data.code, 'credentials_bad_format')
-        }
-        t.pass()
-      })
-      socket.on('connect', async () => {
-        t.fail()
-      })
-    })
-
-    await t.test('should emit error with unauthorized handshake', (t) => {
-      t.plan(4)
-      socket = io(API_URL, {
-        auth: { token: 'Bearer testing' }
-      })
-      socket.on('connect_error', async (error) => {
-        t.equal(isUnauthorizedError(error), true)
-        if (isUnauthorizedError(error)) {
-          t.equal(
+          assert.strictEqual(
             error.data.message,
-            'Unauthorized: Token is missing or invalid Bearer'
+            "Format is Authorization: Bearer [token]",
           )
-          t.equal(error.data.code, 'invalid_token')
+          assert.strictEqual(error.data.code, "credentials_bad_format")
+          assert.ok(true)
+        } else {
+          assert.fail("should be unauthorized error")
         }
-        t.pass()
       })
-      socket.on('connect', async () => {
-        t.fail()
+      socket.on("connect", async () => {
+        assert.fail("should not connect")
       })
     })
 
-    await t.test('should connect the user', (t) => {
-      t.plan(1)
+    await t.test("should emit error with unauthorized handshake", () => {
       socket = io(API_URL, {
-        auth: { token: `Bearer ${token}` }
+        auth: { token: "Bearer testing" },
       })
-      socket.on('connect', async () => {
-        t.pass()
+      socket.on("connect_error", async (error) => {
+        assert.strictEqual(isUnauthorizedError(error), true)
+        if (isUnauthorizedError(error)) {
+          assert.strictEqual(
+            error.data.message,
+            "Unauthorized: Token is missing or invalid Bearer",
+          )
+          assert.strictEqual(error.data.code, "invalid_token")
+          assert.ok(true)
+        } else {
+          assert.fail("should be unauthorized error")
+        }
       })
-      socket.on('connect_error', async (error) => {
-        t.fail(error.message)
+      socket.on("connect", async () => {
+        assert.fail("should not connect")
+      })
+    })
+
+    await t.test("should connect the user", () => {
+      socket = io(API_URL, {
+        auth: { token: `Bearer ${token}` },
+      })
+      socket.on("connect", async () => {
+        assert.ok(true)
+      })
+      socket.on("connect_error", async (error) => {
+        assert.fail(error.message)
       })
     })
   })
 
-  await t.test('with secret as callback in options', async (t) => {
-    let token = ''
+  await t.test("with secret as callback in options", async (t) => {
+    let token = ""
     let socket: Socket | null = null
 
     t.beforeEach(async () => {
       await fixtureStart({ secret: secretCallback })
-      const response = await api.post('/login', {})
+      const response = await api.post("/login", {})
       token = response.data.token
     })
 
@@ -123,78 +131,83 @@ await tap.test('authorize', async (t) => {
       await fixtureStop()
     })
 
-    await t.test('should emit error with no token provided', (t) => {
-      t.plan(4)
+    await t.test("should emit error with no token provided", () => {
       socket = io(API_URL)
-      socket.on('connect_error', async (error) => {
-        t.equal(isUnauthorizedError(error), true)
+      socket.on("connect_error", async (error) => {
+        assert.strictEqual(isUnauthorizedError(error), true)
         if (isUnauthorizedError(error)) {
-          t.equal(error.data.message, 'no token provided')
-          t.equal(error.data.code, 'credentials_required')
+          assert.strictEqual(error.data.message, "no token provided")
+          assert.strictEqual(error.data.code, "credentials_required")
+          assert.ok(true)
+        } else {
+          assert.fail("should be unauthorized error")
         }
-        t.pass()
       })
-      socket.on('connect', async () => {
-        t.fail()
+      socket.on("connect", async () => {
+        assert.fail("should not connect")
       })
     })
 
-    await t.test('should emit error with bad token format', (t) => {
-      t.plan(4)
+    await t.test("should emit error with bad token format", () => {
       socket = io(API_URL, {
-        auth: { token: 'testing' }
+        auth: { token: "testing" },
       })
-      socket.on('connect_error', async (error) => {
-        t.equal(isUnauthorizedError(error), true)
+      socket.on("connect_error", async (error) => {
+        assert.strictEqual(isUnauthorizedError(error), true)
         if (isUnauthorizedError(error)) {
-          t.equal(error.data.message, 'Format is Authorization: Bearer [token]')
-          t.equal(error.data.code, 'credentials_bad_format')
-        }
-        t.pass()
-      })
-      socket.on('connect', async () => {
-        t.fail()
-      })
-    })
-
-    await t.test('should emit error with unauthorized handshake', (t) => {
-      t.plan(4)
-      socket = io(API_URL, {
-        auth: { token: 'Bearer testing' }
-      })
-      socket.on('connect_error', async (error) => {
-        t.equal(isUnauthorizedError(error), true)
-        if (isUnauthorizedError(error)) {
-          t.equal(
+          assert.strictEqual(
             error.data.message,
-            'Unauthorized: Token is missing or invalid Bearer'
+            "Format is Authorization: Bearer [token]",
           )
-          t.equal(error.data.code, 'invalid_token')
+          assert.strictEqual(error.data.code, "credentials_bad_format")
+          assert.ok(true)
+        } else {
+          assert.fail("should be unauthorized error")
         }
-        t.pass()
       })
-      socket.on('connect', async () => {
-        t.fail()
+      socket.on("connect", async () => {
+        assert.fail("should not connect")
       })
     })
 
-    await t.test('should connect the user', (t) => {
-      t.plan(1)
+    await t.test("should emit error with unauthorized handshake", () => {
       socket = io(API_URL, {
-        auth: { token: `Bearer ${token}` }
+        auth: { token: "Bearer testing" },
       })
-      socket.on('connect', async () => {
-        t.pass()
+      socket.on("connect_error", async (error) => {
+        assert.strictEqual(isUnauthorizedError(error), true)
+        if (isUnauthorizedError(error)) {
+          assert.strictEqual(
+            error.data.message,
+            "Unauthorized: Token is missing or invalid Bearer",
+          )
+          assert.strictEqual(error.data.code, "invalid_token")
+          assert.ok(true)
+        } else {
+          assert.fail("should be unauthorized error")
+        }
       })
-      socket.on('connect_error', async (error) => {
-        t.fail(error.message)
+      socket.on("connect", async () => {
+        assert.fail("should not connect")
+      })
+    })
+
+    await t.test("should connect the user", () => {
+      socket = io(API_URL, {
+        auth: { token: `Bearer ${token}` },
+      })
+      socket.on("connect", async () => {
+        assert.ok(true)
+      })
+      socket.on("connect_error", async (error) => {
+        assert.fail(error.message)
       })
     })
   })
 
-  await t.test('with onAuthentication callback in options', async (t) => {
-    let token = ''
-    let wrongToken = ''
+  await t.test("with onAuthentication callback in options", async (t) => {
+    let token = ""
+    let wrongToken = ""
     let socket: Socket | null = null
 
     t.beforeEach(async () => {
@@ -202,16 +215,16 @@ await tap.test('authorize', async (t) => {
         secret: secretCallback,
         onAuthentication: (decodedToken: Profile) => {
           if (!decodedToken.checkField) {
-            throw new Error('Check Field validation failed')
+            throw new Error("Check Field validation failed")
           }
           return {
-            email: decodedToken.email
+            email: decodedToken.email,
           }
-        }
+        },
       })
-      const response = await api.post('/login', {})
+      const response = await api.post("/login", {})
       token = response.data.token
-      const responseWrong = await api.post('/login-wrong', {})
+      const responseWrong = await api.post("/login-wrong", {})
       wrongToken = responseWrong.data.token
     })
 
@@ -220,104 +233,107 @@ await tap.test('authorize', async (t) => {
       await fixtureStop()
     })
 
-    await t.test('should emit error with no token provided', (t) => {
-      t.plan(4)
+    await t.test("should emit error with no token provided", () => {
       socket = io(API_URL)
-      socket.on('connect_error', async (error) => {
-        t.equal(isUnauthorizedError(error), true)
+      socket.on("connect_error", async (error) => {
+        assert.strictEqual(isUnauthorizedError(error), true)
         if (isUnauthorizedError(error)) {
-          t.equal(error.data.message, 'no token provided')
-          t.equal(error.data.code, 'credentials_required')
+          assert.strictEqual(error.data.message, "no token provided")
+          assert.strictEqual(error.data.code, "credentials_required")
+          assert.ok(true)
+        } else {
+          assert.fail("should be unauthorized error")
         }
-        t.pass()
       })
-      socket.on('connect', async () => {
-        t.fail()
+      socket.on("connect", async () => {
+        assert.fail("should not connect")
       })
     })
 
-    await t.test('should emit error with bad token format', (t) => {
-      t.plan(4)
+    await t.test("should emit error with bad token format", () => {
       socket = io(API_URL, {
-        auth: { token: 'testing' }
+        auth: { token: "testing" },
       })
-      socket.on('connect_error', async (error) => {
-        t.equal(isUnauthorizedError(error), true)
+      socket.on("connect_error", async (error) => {
+        assert.strictEqual(isUnauthorizedError(error), true)
         if (isUnauthorizedError(error)) {
-          t.equal(error.data.message, 'Format is Authorization: Bearer [token]')
-          t.equal(error.data.code, 'credentials_bad_format')
-        }
-        t.pass()
-      })
-      socket.on('connect', async () => {
-        t.fail()
-      })
-    })
-
-    await t.test('should emit error with unauthorized handshake', (t) => {
-      t.plan(4)
-      socket = io(API_URL, {
-        auth: { token: 'Bearer testing' }
-      })
-      socket.on('connect_error', async (error) => {
-        t.equal(isUnauthorizedError(error), true)
-        if (isUnauthorizedError(error)) {
-          t.equal(
+          assert.strictEqual(
             error.data.message,
-            'Unauthorized: Token is missing or invalid Bearer'
+            "Format is Authorization: Bearer [token]",
           )
-          t.equal(error.data.code, 'invalid_token')
+          assert.strictEqual(error.data.code, "credentials_bad_format")
+          assert.ok(true)
+        } else {
+          assert.fail("should be unauthorized error")
         }
-        t.pass()
       })
-      socket.on('connect', async () => {
-        t.fail()
+      socket.on("connect", async () => {
+        assert.fail("should not connect")
       })
     })
 
-    await t.test('should connect the user', (t) => {
-      t.plan(1)
+    await t.test("should emit error with unauthorized handshake", () => {
       socket = io(API_URL, {
-        auth: { token: `Bearer ${token}` }
+        auth: { token: "Bearer testing" },
       })
-      socket.on('connect', async () => {
-        t.pass()
+      socket.on("connect_error", async (error) => {
+        assert.strictEqual(isUnauthorizedError(error), true)
+        if (isUnauthorizedError(error)) {
+          assert.strictEqual(
+            error.data.message,
+            "Unauthorized: Token is missing or invalid Bearer",
+          )
+          assert.strictEqual(error.data.code, "invalid_token")
+          assert.ok(true)
+        } else {
+          assert.fail("should be unauthorized error")
+        }
       })
-      socket.on('connect_error', async (error) => {
-        t.fail(error.message)
+      socket.on("connect", async () => {
+        assert.fail("should not connect")
       })
     })
 
-    await t.test('should contains user properties', (t) => {
-      t.plan(2)
+    await t.test("should connect the user", () => {
+      socket = io(API_URL, {
+        auth: { token: `Bearer ${token}` },
+      })
+      socket.on("connect", async () => {
+        assert.ok(true)
+      })
+      socket.on("connect_error", async (error) => {
+        assert.fail(error.message)
+      })
+    })
+
+    await t.test("should contains user properties", () => {
       const socketServer = getSocket()
-      socketServer?.on('connection', (client: any) => {
-        t.equal(client.user.email, basicProfile.email)
-        t.pass()
+      socketServer?.on("connection", (client: any) => {
+        assert.strictEqual(client.user.email, basicProfile.email)
+        assert.ok(true)
       })
       socket = io(API_URL, {
-        auth: { token: `Bearer ${token}` }
+        auth: { token: `Bearer ${token}` },
       })
-      socket.on('connect_error', async (error) => {
-        t.fail(error.message)
+      socket.on("connect_error", async (error) => {
+        assert.fail(error.message)
       })
     })
 
-    await t.test('should emit error when user validation fails', (t) => {
-      t.plan(2)
+    await t.test("should emit error when user validation fails", () => {
       socket = io(API_URL, {
-        auth: { token: `Bearer ${wrongToken}` }
+        auth: { token: `Bearer ${wrongToken}` },
       })
-      socket.on('connect_error', async (error) => {
+      socket.on("connect_error", async (error) => {
         try {
-          t.equal(error.message, 'Check Field validation failed')
-          t.pass()
+          assert.strictEqual(error.message, "Check Field validation failed")
+          assert.ok(true)
         } catch {
-          t.fail()
+          assert.fail(error.message)
         }
       })
-      socket.on('connect', async () => {
-        t.fail()
+      socket.on("connect", async () => {
+        assert.fail("should not connect")
       })
     })
   })

src/__test__/fixture/index.ts

@@ -1,14 +1,16 @@
-import jwt from 'jsonwebtoken'
-import { Server as SocketIoServer } from 'socket.io'
-import fastify, { FastifyInstance } from 'fastify'
+import jwt from "jsonwebtoken"
+import { Server as SocketIoServer } from "socket.io"
+import type { FastifyInstance } from "fastify"
+import fastify from "fastify"
 
-import { authorize, AuthorizeOptions } from '../../index.js'
+import type { AuthorizeOptions } from "../../index.js"
+import { authorize } from "../../index.js"
 
 interface FastifyIo {
   instance: SocketIoServer
 }
 
-declare module 'fastify' {
+declare module "fastify" {
   export interface FastifyInstance {
     io: FastifyIo
   }
@@ -26,48 +28,50 @@ export interface Profile extends BasicProfile {
 export const PORT = 9000
 export const API_URL = `http://localhost:${PORT}`
 export const basicProfile: BasicProfile = {
-  email: 'john@doe.com',
-  id: 123
+  email: "john@doe.com",
+  id: 123,
 }
 
 let application: FastifyInstance | null = null
 
 export const fixtureStart = async (
-  options: AuthorizeOptions = { secret: 'super secret' }
+  options: AuthorizeOptions = { secret: "super secret" },
 ): Promise<void> => {
   const profile: Profile = { ...basicProfile, checkField: true }
-  let keySecret = ''
-  if (typeof options.secret === 'string') {
+  let keySecret = ""
+  if (typeof options.secret === "string") {
     keySecret = options.secret
   } else {
     keySecret = await options.secret({
-      header: { alg: 'HS256' },
-      payload: profile
+      header: { alg: "HS256" },
+      payload: profile,
     })
   }
   application = fastify()
-  application.post('/login', async (_request, reply) => {
+  application.post("/login", async (_request, reply) => {
     const token = jwt.sign(profile, keySecret, {
-      expiresIn: 60 * 60 * 5
+      expiresIn: 60 * 60 * 5,
     })
     reply.statusCode = 201
     return { token }
   })
-  application.post('/login-wrong', async (_request, reply) => {
+  application.post("/login-wrong", async (_request, reply) => {
     profile.checkField = false
     const token = jwt.sign(profile, keySecret, {
-      expiresIn: 60 * 60 * 5
+      expiresIn: 60 * 60 * 5,
     })
     reply.statusCode = 201
     return { token }
   })
   const instance = new SocketIoServer(application.server)
   instance.use(authorize(options))
-  application.decorate('io', { instance })
-  application.addHook('onClose', (fastify) => {
+  application.decorate("io", { instance })
+  application.addHook("onClose", (fastify) => {
     fastify.io.instance.close()
   })
-  await application.listen(PORT)
+  await application.listen({
+    port: PORT,
+  })
 }
 
 export const fixtureStop = async (): Promise<void> => {

src/authorize.ts

@@ -1,9 +1,10 @@
-import jwt, { Algorithm } from 'jsonwebtoken'
-import { Socket } from 'socket.io'
+import type { Algorithm } from "jsonwebtoken"
+import jwt from "jsonwebtoken"
+import type { Socket } from "socket.io"
 
-import { UnauthorizedError } from './UnauthorizedError.js'
+import { UnauthorizedError } from "./UnauthorizedError.js"
 
-declare module 'socket.io' {
+declare module "socket.io" {
   interface Socket extends ExtendedSocket {}
 }
 
@@ -15,7 +16,7 @@ interface ExtendedSocket {
 
 type SocketIOMiddleware = (
   socket: Socket,
-  next: (error?: UnauthorizedError) => void
+  next: (error?: UnauthorizedError) => void,
 ) => void
 
 interface CompleteDecodedToken {
@@ -27,7 +28,7 @@ interface CompleteDecodedToken {
 }
 
 type SecretCallback = (
-  decodedToken: CompleteDecodedToken
+  decodedToken: CompleteDecodedToken,
 ) => Promise<string> | string
 
 export interface AuthorizeOptions {
@@ -37,32 +38,32 @@ export interface AuthorizeOptions {
 }
 
 export const authorize = (options: AuthorizeOptions): SocketIOMiddleware => {
-  const { secret, algorithms = ['HS256'], onAuthentication } = options
+  const { secret, algorithms = ["HS256"], onAuthentication } = options
   return async (socket, next) => {
     let encodedToken: string | null = null
     const { token } = socket.handshake.auth
     if (token != null) {
-      const tokenSplitted = token.split(' ')
-      if (tokenSplitted.length !== 2 || tokenSplitted[0] !== 'Bearer') {
+      const tokenSplitted = token.split(" ")
+      if (tokenSplitted.length !== 2 || tokenSplitted[0] !== "Bearer") {
         return next(
-          new UnauthorizedError('credentials_bad_format', {
-            message: 'Format is Authorization: Bearer [token]'
-          })
+          new UnauthorizedError("credentials_bad_format", {
+            message: "Format is Authorization: Bearer [token]",
+          }),
         )
       }
       encodedToken = tokenSplitted[1]
     }
     if (encodedToken == null) {
       return next(
-        new UnauthorizedError('credentials_required', {
-          message: 'no token provided'
-        })
+        new UnauthorizedError("credentials_required", {
+          message: "no token provided",
+        }),
       )
     }
     socket.encodedToken = encodedToken
     let keySecret: string | null = null
-    let decodedToken: any
-    if (typeof secret === 'string') {
+    let decodedToken: any = null
+    if (typeof secret === "string") {
       keySecret = secret
     } else {
       const completeDecodedToken = jwt.decode(encodedToken, { complete: true })
@@ -72,9 +73,9 @@ export const authorize = (options: AuthorizeOptions): SocketIOMiddleware => {
       decodedToken = jwt.verify(encodedToken, keySecret, { algorithms })
     } catch {
       return next(
-        new UnauthorizedError('invalid_token', {
-          message: 'Unauthorized: Token is missing or invalid Bearer'
-        })
+        new UnauthorizedError("invalid_token", {
+          message: "Unauthorized: Token is missing or invalid Bearer",
+        }),
       )
     }
     socket.decodedToken = decodedToken

src/index.ts

@@ -1,2 +1,2 @@
-export * from './authorize.js'
-export * from './UnauthorizedError.js'
+export * from "./authorize.js"
+export * from "./UnauthorizedError.js"

tsconfig.json

@@ -1,15 +1,13 @@
 {
+  "extends": "@tsconfig/strictest/tsconfig.json",
   "compilerOptions": {
     "target": "ESNext",
-    "module": "ESNext",
     "lib": ["ESNext"],
-    "moduleResolution": "node",
+    "module": "NodeNext",
+    "moduleResolution": "NodeNext",
     "outDir": "./build",
     "rootDir": "./src",
     "emitDeclarationOnly": true,
-    "declaration": true,
-    "strict": true,
-    "skipLibCheck": true,
-    "esModuleInterop": true
+    "declaration": true
   }
 }