v1.2.1: better trusted issuer normalization

keyfetch-test.js

@@ -41,6 +41,8 @@ keypairs.generate().then(function (pair) {
       , keyfetch.jwt.verify(jwt, { jwks: [pair.public] })
       , keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['https://example.com/'] })
       , keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['https://example.com'] })
+      , keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['example.com'] })
+      , keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['example.com/'] })
       , keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['*'] })
       , keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['http://example.com'] })
           .then(e("bad scheme")).catch(throwIfNotExpected)

keyfetch.js

@@ -386,7 +386,8 @@ function ecdsaAsn1SigToJwtSig(header, b64sig) {
 function isTrustedIssuer(issuer) {
   return function (trusted) {
     if ('*' === trusted) { return true; }
-    // TODO normalize and account for '*'
+    // TODO account for '*.example.com'
+    trusted = (/^http(s?):\/\//.test(trusted) ? trusted : ('https://' + trusted));
     return issuer.replace(/\/$/, '') === trusted.replace(/\/$/, '') && trusted;
   };
 }

package.json

@@ -1,6 +1,6 @@
 {
   "name": "keyfetch",
-  "version": "1.2.0",
+  "version": "1.2.1",
   "description": "Lightweight support for fetching JWKs.",
   "homepage": "https://git.coolaj86.com/coolaj86/keyfetch.js",
   "main": "keyfetch.js",