From 4878bcc79f88d87f5d8c6be471c4aa755385d45a Mon Sep 17 00:00:00 2001
From: "Robert \"RunAge\" Gajda" <RunAge@users.noreply.github.com>
Date: Wed, 18 Sep 2019 17:13:57 +0000
Subject: [PATCH] Add Buffer type to property 'key' in Secret (#38360)

---
 types/jsonwebtoken/index.d.ts            | 13 ++++++++++---
 types/jsonwebtoken/jsonwebtoken-tests.ts |  5 +++--
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/types/jsonwebtoken/index.d.ts b/types/jsonwebtoken/index.d.ts
index afffe8dc21..81dbbeae80 100644
--- a/types/jsonwebtoken/index.d.ts
+++ b/types/jsonwebtoken/index.d.ts
@@ -5,7 +5,8 @@
 //                 Brice BERNARD <https://github.com/brikou>,
 //                 Veli-Pekka Kestilä <https://github.com/vpk>,
 //                 Daniel Parker <https://github.com/rlgod>,
-//                 Kjell Dießel <https://github.com/kettil>
+//                 Kjell Dießel <https://github.com/kettil>,
+//                 Robert Gajda <https://github.com/RunAge>
 // Definitions: https://github.com/DefinitelyTyped/DefinitelyTyped
 // TypeScript Version: 2.2
 
@@ -82,7 +83,10 @@ export interface DecodeOptions {
     complete?: boolean;
     json?: boolean;
 }
-export type VerifyErrors= JsonWebTokenError | NotBeforeError | TokenExpiredError;
+export type VerifyErrors =
+    | JsonWebTokenError
+    | NotBeforeError
+    | TokenExpiredError;
 export type VerifyCallback = (
     err: VerifyErrors,
     decoded: object | string,
@@ -111,7 +115,10 @@ export type GetPublicKeyOrSecret = (
     callback: SigningKeyCallback
 ) => void;
 
-export type Secret = string | Buffer | { key: string; passphrase: string };
+export type Secret =
+    | string
+    | Buffer
+    | { key: string | Buffer; passphrase: string };
 
 /**
  * Synchronously sign the given payload into a JSON Web Token string
diff --git a/types/jsonwebtoken/jsonwebtoken-tests.ts b/types/jsonwebtoken/jsonwebtoken-tests.ts
index 924f95e2d4..2f66502cb4 100644
--- a/types/jsonwebtoken/jsonwebtoken-tests.ts
+++ b/types/jsonwebtoken/jsonwebtoken-tests.ts
@@ -42,6 +42,7 @@ token = jwt.sign(testObject, cert, { algorithm: "RS256" });
 const privKey: Buffer = fs.readFileSync("encrypted_private.key"); // get private key
 const secret = { key: privKey.toString(), passphrase: "keypwd" };
 token = jwt.sign(testObject, secret, { algorithm: "RS256" }); // the algorithm option is mandatory in this case
+token = jwt.sign(testObject, { key: privKey, passphrase: 'keypwd' }, { algorithm: "RS256" });
 
 // sign asynchronously
 jwt.sign(testObject, cert, { algorithm: "RS256" }, (
@@ -64,9 +65,9 @@ jwt.verify(token, "shhhhh", (err, decoded) => {
 
 // use external time for verifying
 jwt.verify(token, 'shhhhh', { clockTimestamp: 1 }, (err, decoded) => {
-  const result = decoded as TestObject;
+    const result = decoded as TestObject;
 
-  console.log(result.foo); // bar
+    console.log(result.foo); // bar
 });
 
 // invalid token