NeaByteLab
diff --git a/‎eslint.config.js‎
Lines changed: 15 additions & 0 deletions b/‎eslint.config.js‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎src/algorithms/AES128GCM.ts‎
Lines changed: 12 additions & 8 deletions b/‎src/algorithms/AES128GCM.ts‎
Lines changed: 12 additions & 8 deletions
diff --git a/‎src/algorithms/AES256GCM.ts‎
Lines changed: 12 additions & 8 deletions b/‎src/algorithms/AES256GCM.ts‎
Lines changed: 12 additions & 8 deletions
diff --git a/‎src/algorithms/ChaCha20.ts‎
Lines changed: 12 additions & 8 deletions b/‎src/algorithms/ChaCha20.ts‎
Lines changed: 12 additions & 8 deletions
diff --git a/‎src/algorithms/index.ts‎
Lines changed: 2 additions & 2 deletions b/‎src/algorithms/index.ts‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/index.ts‎
Lines changed: 26 additions & 26 deletions b/‎src/index.ts‎
Lines changed: 26 additions & 26 deletions
@@ -142,6 +142,21 @@ export default [
       '@typescript-eslint/restrict-template-expressions': 'error',
       '@typescript-eslint/strict-boolean-expressions': 'error',
 
+      // Explicit type definitions
+      '@typescript-eslint/typedef': [
+        'error',
+        {
+          'arrowParameter': true,
+          'variableDeclaration': true,
+          'variableDeclarationIgnoreFunction': false,
+          'memberVariableDeclaration': true,
+          'objectDestructuring': true,
+          'parameter': true,
+          'propertyDeclaration': true,
+          'arrayDestructuring': true
+        }
+      ],
+
       // Naming conventions
       '@typescript-eslint/naming-convention': [
         'error',
 
@@ -1,4 +1,4 @@
-import { createCipheriv, createDecipheriv } from 'node:crypto'
+import { createCipheriv, createDecipheriv, type CipherGCM, type DecipherGCM } from 'node:crypto'
 import { ErrorHandler } from '@utils/index'
 import type { TokenEncrypted, EncryptionAlgo, IEncryptionAlgo } from '@interfaces/index'
 
@@ -8,7 +8,7 @@ import type { TokenEncrypted, EncryptionAlgo, IEncryptionAlgo } from '@interface
  */
 export default class AES128GCM implements IEncryptionAlgo {
   /** Algorithm name constant */
-  private readonly algorithm = 'aes-128-gcm'
+  private readonly algorithm: string = 'aes-128-gcm'
 
   /**
    * Encrypts data using AES-128-GCM
@@ -19,11 +19,11 @@ export default class AES128GCM implements IEncryptionAlgo {
    * @returns Object containing encrypted data, IV, and authentication tag
    */
   encrypt(data: string, key: Buffer, iv: Buffer, version: string): TokenEncrypted {
-    const cipher = createCipheriv(this.algorithm, key, iv)
+    const cipher: CipherGCM = createCipheriv(this.algorithm, key, iv) as CipherGCM
     cipher.setAAD(Buffer.from(`secure-jwt-${version}`, 'utf8'))
-    let encrypted = cipher.update(data, 'utf8', 'hex')
+    let encrypted: string = cipher.update(data, 'utf8', 'hex')
     encrypted += cipher.final('hex')
-    const tag = cipher.getAuthTag()
+    const tag: Buffer = cipher.getAuthTag()
     ErrorHandler.validateAuthTag(tag)
     return {
       encrypted,
@@ -40,10 +40,14 @@ export default class AES128GCM implements IEncryptionAlgo {
    * @returns Decrypted string data
    */
   decrypt(tokenEncrypted: TokenEncrypted, key: Buffer, version: string): string {
-    const decipher = createDecipheriv(this.algorithm, key, Buffer.from(tokenEncrypted.iv, 'hex'))
+    const decipher: DecipherGCM = createDecipheriv(
+      this.algorithm,
+      key,
+      Buffer.from(tokenEncrypted.iv, 'hex')
+    ) as DecipherGCM
     decipher.setAAD(Buffer.from(`secure-jwt-${version}`, 'utf8'))
     decipher.setAuthTag(Buffer.from(tokenEncrypted.tag, 'hex'))
-    let decrypted = decipher.update(tokenEncrypted.encrypted, 'hex', 'utf8')
+    let decrypted: string = decipher.update(tokenEncrypted.encrypted, 'hex', 'utf8')
     decrypted += decipher.final('utf8')
     return decrypted
   }
@@ -69,6 +73,6 @@ export default class AES128GCM implements IEncryptionAlgo {
    * @returns Algorithm name string
    */
   getAlgoName(): EncryptionAlgo {
-    return this.algorithm
+    return this.algorithm as EncryptionAlgo
   }
 }
@@ -1,4 +1,4 @@
-import { createCipheriv, createDecipheriv } from 'node:crypto'
+import { createCipheriv, createDecipheriv, type CipherGCM, type DecipherGCM } from 'node:crypto'
 import { ErrorHandler } from '@utils/index'
 import type { TokenEncrypted, EncryptionAlgo, IEncryptionAlgo } from '@interfaces/index'
 
@@ -8,7 +8,7 @@ import type { TokenEncrypted, EncryptionAlgo, IEncryptionAlgo } from '@interface
  */
 export default class AES256GCM implements IEncryptionAlgo {
   /** Algorithm name constant */
-  private readonly algorithm = 'aes-256-gcm'
+  private readonly algorithm: string = 'aes-256-gcm'
 
   /**
    * Encrypts data using AES-256-GCM
@@ -19,11 +19,11 @@ export default class AES256GCM implements IEncryptionAlgo {
    * @returns Object containing encrypted data, IV, and authentication tag
    */
   encrypt(data: string, key: Buffer, iv: Buffer, version: string): TokenEncrypted {
-    const cipher = createCipheriv(this.algorithm, key, iv)
+    const cipher: CipherGCM = createCipheriv(this.algorithm, key, iv) as CipherGCM
     cipher.setAAD(Buffer.from(`secure-jwt-${version}`, 'utf8'))
-    let encrypted = cipher.update(data, 'utf8', 'hex')
+    let encrypted: string = cipher.update(data, 'utf8', 'hex')
     encrypted += cipher.final('hex')
-    const tag = cipher.getAuthTag()
+    const tag: Buffer = cipher.getAuthTag()
     ErrorHandler.validateAuthTag(tag)
     return {
       encrypted,
@@ -40,10 +40,14 @@ export default class AES256GCM implements IEncryptionAlgo {
    * @returns Decrypted string data
    */
   decrypt(tokenEncrypted: TokenEncrypted, key: Buffer, version: string): string {
-    const decipher = createDecipheriv(this.algorithm, key, Buffer.from(tokenEncrypted.iv, 'hex'))
+    const decipher: DecipherGCM = createDecipheriv(
+      this.algorithm,
+      key,
+      Buffer.from(tokenEncrypted.iv, 'hex')
+    ) as DecipherGCM
     decipher.setAAD(Buffer.from(`secure-jwt-${version}`, 'utf8'))
     decipher.setAuthTag(Buffer.from(tokenEncrypted.tag, 'hex'))
-    let decrypted = decipher.update(tokenEncrypted.encrypted, 'hex', 'utf8')
+    let decrypted: string = decipher.update(tokenEncrypted.encrypted, 'hex', 'utf8')
     decrypted += decipher.final('utf8')
     return decrypted
   }
@@ -69,6 +73,6 @@ export default class AES256GCM implements IEncryptionAlgo {
    * @returns Algorithm name string
    */
   getAlgoName(): EncryptionAlgo {
-    return this.algorithm
+    return this.algorithm as EncryptionAlgo
   }
 }
@@ -1,4 +1,4 @@
-import { createCipheriv, createDecipheriv } from 'node:crypto'
+import { createCipheriv, createDecipheriv, type CipherGCM, type DecipherGCM } from 'node:crypto'
 import { ErrorHandler } from '@utils/index'
 import type { TokenEncrypted, EncryptionAlgo, IEncryptionAlgo } from '@interfaces/index'
 
@@ -8,7 +8,7 @@ import type { TokenEncrypted, EncryptionAlgo, IEncryptionAlgo } from '@interface
  */
 export default class ChaCha20 implements IEncryptionAlgo {
   /** Algorithm name constant */
-  private readonly algorithm = 'chacha20-poly1305'
+  private readonly algorithm: string = 'chacha20-poly1305'
 
   /**
    * Encrypts data using ChaCha20-Poly1305
@@ -19,11 +19,11 @@ export default class ChaCha20 implements IEncryptionAlgo {
    * @returns Object containing encrypted data, IV, and authentication tag
    */
   encrypt(data: string, key: Buffer, iv: Buffer, version: string): TokenEncrypted {
-    const cipher = createCipheriv(this.algorithm, key, iv)
+    const cipher: CipherGCM = createCipheriv(this.algorithm, key, iv) as CipherGCM
     cipher.setAAD(Buffer.from(`secure-jwt-${version}`, 'utf8'), { plaintextLength: data.length })
-    let encrypted = cipher.update(data, 'utf8', 'hex')
+    let encrypted: string = cipher.update(data, 'utf8', 'hex')
     encrypted += cipher.final('hex')
-    const tag = cipher.getAuthTag()
+    const tag: Buffer = cipher.getAuthTag()
     ErrorHandler.validateAuthTag(tag)
     return {
       encrypted,
@@ -40,12 +40,16 @@ export default class ChaCha20 implements IEncryptionAlgo {
    * @returns Decrypted string data
    */
   decrypt(tokenEncrypted: TokenEncrypted, key: Buffer, version: string): string {
-    const decipher = createDecipheriv(this.algorithm, key, Buffer.from(tokenEncrypted.iv, 'hex'))
+    const decipher: DecipherGCM = createDecipheriv(
+      this.algorithm,
+      key,
+      Buffer.from(tokenEncrypted.iv, 'hex')
+    ) as DecipherGCM
     decipher.setAAD(Buffer.from(`secure-jwt-${version}`, 'utf8'), {
       plaintextLength: tokenEncrypted.encrypted.length / 2
     })
     decipher.setAuthTag(Buffer.from(tokenEncrypted.tag, 'hex'))
-    let decrypted = decipher.update(tokenEncrypted.encrypted, 'hex', 'utf8')
+    let decrypted: string = decipher.update(tokenEncrypted.encrypted, 'hex', 'utf8')
     decrypted += decipher.final('utf8')
     return decrypted
   }
@@ -71,6 +75,6 @@ export default class ChaCha20 implements IEncryptionAlgo {
    * @returns Algorithm name string
    */
   getAlgoName(): EncryptionAlgo {
-    return this.algorithm
+    return this.algorithm as EncryptionAlgo
   }
 }
@@ -25,7 +25,7 @@ export default class Algorithms {
    * @returns Buffer containing derived key
    */
   static getDerivedKeyBasic(secret: string): Buffer {
-    const salt = this.getRandomBytes(32)
+    const salt: Buffer = this.getRandomBytes(32)
     return Buffer.concat([salt, Buffer.from(secret, 'utf8')])
   }
 
@@ -36,7 +36,7 @@ export default class Algorithms {
    * @returns Buffer containing derived key
    */
   static getDerivedKeyPBKDF2(secret: string, iterations: number = 50000): Buffer {
-    const salt = this.getRandomBytes(32)
+    const salt: Buffer = this.getRandomBytes(32)
     return pbkdf2Sync(secret, salt, iterations, 32, 'sha256')
   }
 
 
@@ -92,10 +92,10 @@ export default class SecureJWT {
    */
   private encrypt(data: string): TokenEncrypted {
     ErrorHandler.validateEncryptionData(data)
-    const keyLength = this.#algorithm.getKeyLength()
-    const key = this.#secret.subarray(0, keyLength)
+    const keyLength: number = this.#algorithm.getKeyLength()
+    const key: Buffer = this.#secret.subarray(0, keyLength)
     ErrorHandler.validateKeyLength(key)
-    const iv = Algorithms.getRandomBytes(this.#algorithm.getIVLength())
+    const iv: Buffer = Algorithms.getRandomBytes(this.#algorithm.getIVLength())
     return this.#algorithm.encrypt(data, key, iv, this.#version)
   }
 
@@ -107,8 +107,8 @@ export default class SecureJWT {
   private decrypt(tokenEncrypted: TokenEncrypted): string {
     try {
       ErrorHandler.validateTokenEncrypted(tokenEncrypted)
-      const keyLength = this.#algorithm.getKeyLength()
-      const key = this.#secret.subarray(0, keyLength)
+      const keyLength: number = this.#algorithm.getKeyLength()
+      const key: Buffer = this.#secret.subarray(0, keyLength)
       ErrorHandler.validateKeyLength(key)
       ErrorHandler.validateIVFormat(tokenEncrypted.iv)
       ErrorHandler.validateTagFormat(tokenEncrypted.tag)
@@ -131,18 +131,18 @@ export default class SecureJWT {
   sign(data: unknown): string {
     try {
       ErrorHandler.validateData(data)
-      const now = Math.floor(Date.now() / 1000)
-      const exp = now + (this.#expireInMs < 1000 ? 1 : Math.ceil(this.#expireInMs / 1000))
+      const now: number = Math.floor(Date.now() / 1000)
+      const exp: number = now + (this.#expireInMs < 1000 ? 1 : Math.ceil(this.#expireInMs / 1000))
       ErrorHandler.validateExpiration(exp, now + 365 * 24 * 60 * 60)
       const payload: PayloadData = {
         data,
         exp,
         iat: now,
         version: this.#version
       }
-      const payloadString = JSON.stringify(payload)
+      const payloadString: string = JSON.stringify(payload)
       ErrorHandler.validatePayloadSize(payloadString)
-      const tokenEncrypted = this.encrypt(payloadString)
+      const tokenEncrypted: TokenEncrypted = this.encrypt(payloadString)
       const tokenData: TokenData = {
         encrypted: tokenEncrypted.encrypted,
         iv: tokenEncrypted.iv,
@@ -151,7 +151,7 @@ export default class SecureJWT {
         iat: now,
         version: this.#version
       }
-      const tokenString = JSON.stringify(tokenData)
+      const tokenString: string = JSON.stringify(tokenData)
       return Buffer.from(tokenString).toString('base64')
     } catch (error) {
       if (
@@ -174,19 +174,19 @@ export default class SecureJWT {
    */
   verify(token: string): boolean {
     try {
-      const cachedResult = this.#verifyCache.get(token)
+      const cachedResult: boolean | undefined = this.#verifyCache.get(token)
       if (cachedResult !== undefined) {
         return cachedResult
       }
-      const tokenData = this.validateAndParseToken(token)
+      const tokenData: TokenData = this.validateAndParseToken(token)
       const tokenEncrypted: TokenEncrypted = {
         encrypted: tokenData.encrypted,
         iv: tokenData.iv,
         tag: tokenData.tag
       }
-      const decryptedPayload = this.decrypt(tokenEncrypted)
-      const payload = ErrorHandler.validateJSONParse<PayloadData>(
-        decryptedPayload,
+      const payloadDecrypted: string = this.decrypt(tokenEncrypted)
+      const payload: PayloadData = ErrorHandler.validateJSONParse<PayloadData>(
+        payloadDecrypted,
         getErrorMessage('INVALID_PAYLOAD_STRUCTURE')
       )
       if (!isValidPayloadData(payload)) {
@@ -213,15 +213,15 @@ export default class SecureJWT {
    * @throws {VersionMismatchError} When token version is incompatible
    */
   verifyStrict(token: string): void {
-    const tokenData = this.validateAndParseToken(token)
+    const tokenData: TokenData = this.validateAndParseToken(token)
     const tokenEncrypted: TokenEncrypted = {
       encrypted: tokenData.encrypted,
       iv: tokenData.iv,
       tag: tokenData.tag
     }
-    const decryptedPayload = this.decrypt(tokenEncrypted)
-    const payload = ErrorHandler.validateJSONParse<PayloadData>(
-      decryptedPayload,
+    const payloadDecrypted: string = this.decrypt(tokenEncrypted)
+    const payload: PayloadData = ErrorHandler.validateJSONParse<PayloadData>(
+      payloadDecrypted,
       getErrorMessage('INVALID_PAYLOAD_STRUCTURE')
     )
     if (!isValidPayloadData(payload)) {
@@ -243,19 +243,19 @@ export default class SecureJWT {
    */
   decode(token: string): unknown {
     try {
-      const cachedResult = this.#payloadCache.get(token)
+      const cachedResult: unknown = this.#payloadCache.get(token)
       if (cachedResult !== undefined) {
         return cachedResult
       }
-      const tokenData = this.validateAndParseToken(token)
+      const tokenData: TokenData = this.validateAndParseToken(token)
       const tokenEncrypted: TokenEncrypted = {
         encrypted: tokenData.encrypted,
         iv: tokenData.iv,
         tag: tokenData.tag
       }
-      const decryptedPayload = this.decrypt(tokenEncrypted)
-      const payload = ErrorHandler.validateJSONParse<PayloadData>(
-        decryptedPayload,
+      const payloadDecrypted: string = this.decrypt(tokenEncrypted)
+      const payload: PayloadData = ErrorHandler.validateJSONParse<PayloadData>(
+        payloadDecrypted,
         getErrorMessage('INVALID_PAYLOAD_STRUCTURE')
       )
       if (!isValidPayloadData(payload)) {
@@ -293,11 +293,11 @@ export default class SecureJWT {
   private validateAndParseToken(token: string): TokenData {
     ErrorHandler.validateToken(token)
     ErrorHandler.validateTokenIntegrity(token)
-    const decoded = ErrorHandler.validateBase64Decode(
+    const decoded: string = ErrorHandler.validateBase64Decode(
       token,
       getErrorMessage('INVALID_TOKEN_FORMAT')
     )
-    const tokenData = ErrorHandler.validateJSONParse<TokenData>(
+    const tokenData: TokenData = ErrorHandler.validateJSONParse<TokenData>(
       decoded,
       getErrorMessage('INVALID_TOKEN_STRUCTURE')
     )