Can't match types definition in @types/passport-jwt@4.0.0

[k725]

Checklist

• [X] I have looked into the Readme and Examples, and have not found a suitable solution or answer.
• [X] I have searched the issues and have not found a suitable solution or answer.
• [X] I have searched the Auth0 Community forums and have not found a suitable solution or answer.
• [X] I agree to the terms within the Auth0 Code of Conduct.

Description

It works on @types/passport-jwt@3.0.13, but the build fails on @types/passport-jwt@4.0.0 due to type changes.

This is caused by changes in the following parts. https://github.com/DefinitelyTyped/DefinitelyTyped/pull/67897/files#diff-b71c8d6ec401ffed807cc36d147e6eda88a0a5eb1a17175172ce9004026d8b79R38-L41

The following patch can be used as a simple change. https://github.com/auth0/node-jwks-rsa/blob/master/index.d.ts#L68-L74

  /** Types from express-jwt@<=6 */
  type secretType = string|Buffer;
- type SecretCallbackLong = (req: Express.Request, header: any, payload: any, done: (err: any, secret?: secretType) => void) => void;
- type SecretCallback = (req: Express.Request, payload: any, done: (err: any, secret?: secretType) => void) => void;
+ type SecretCallbackLong = (req: Request, header: any, payload: any, done: (err: any, secret?: secretType) => void) => void;
+ type SecretCallback = (req: Request, payload: any, done: (err: any, secret?: secretType) => void) => void;

  /** Types from express-jwt@>=7 */
- type GetVerificationKey = (req: Express.Request, token: Jwt | undefined) => Secret | undefined | Promise<Secret | undefined>;
+ type GetVerificationKey = (req: Request, token: Jwt | undefined) => Secret | undefined | Promise<Secret | undefined>;

Reproduction

import { ExtractJwt, type StrategyOptions } from 'passport-jwt';
import { passportJwtSecret } from 'jwks-rsa';

const assertProp: StrategyOptions = {
  jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
  secretOrKeyProvider: passportJwtSecret({
    jwksUri: 'https://example.com/...',
  }),
};
console.log(assertProp);

src/test.ts:6:3 - error TS2322: Type 'SecretCallback' is not assignable to type 'SecretOrKeyProvider'.
  Types of parameters 'req' and 'request' are incompatible.
    Type 'Request' is missing the following properties from type 'Request<ParamsDictionary, any, any, ParsedQs, Record<string, any>>': get, header, accepts, acceptsCharsets, and 100 more.

6   secretOrKeyProvider: passportJwtSecret({
    ~~~~~~~~~~~~~~~~~~~

  ../../node_modules/@types/passport-jwt/index.d.ts:12:5
    12     secretOrKeyProvider?: SecretOrKeyProvider | undefined;
           ~~~~~~~~~~~~~~~~~~~
    The expected type comes from property 'secretOrKeyProvider' which is declared here on type 'StrategyOptions'

Additional context

https://github.com/DefinitelyTyped/DefinitelyTyped/pull/67897

jwks-rsa version

v3.1.0

Node.js version

v20.10.0

[zackdotcomputer]

Looking at the source code for the passport integration, it appears that the req parameter isn't even used. I think that means that it would be safe to type this as unknown in the type definitions and avoid this issue happening again if Passport integrates the proposed PR to change this type again from Request to IncomingMessage.

Edit: see below. I have opened a PR that changes this parameter to unknown typing to remove the mismatch error for users on both the v3 and v4 typedefs for passport.

[k725]

@zackdotcomputer Yes, I think the unknown type is better if it is not used. 👍