Security News
NIST Misses 2024 Deadline to Clear NVD Backlog
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
@arianee/arianee-access-token
Advanced tools
The ArianeeAccessToken class is a module that allows you to create and manage Arianee Access Tokens (AAT). This class requires the Core class from the @arianee/core module
The ArianeeAccessToken class is a module that allows you to create and manage Arianee Access Tokens (AAT). This class requires the Core class from the @arianee/core module
You need to instantiate the class with a Core instance
const core = core.fromPrivateKey('0x...');
const arianeeAccessToken = new ArianeeAccessToken(core);
You can pass initial values by setting the initialValues
property in the constructor params. Possible initial values are:
walletAccessToken
: the wallet scoped AAT to use at initialization (if invalid or expired, a new one will be generated when needed). Note that under the hood it calls the setItem
method of the storage object optionally passed in the constructor, if you are using a custom storage, this would override the previously stored value.const instance = new ArianeeAccessToken(core, {
initialValues: {
walletAccessToken: 'eyJ0eXAiO...',
},
});
You can use the following methods:
getValidWalletAccessToken(payloadOverride: PayloadOverride = {}, params?: { timeBeforeExp?: number; prefix?: string; }): Promise<string>
This method generates a wallet scoped Arianee Access Token (AAT) and stores it in memory. On subsequent calls, if the stored AAT is still valid, it will return it. Otherwise if it has expired or the expiration is in less than timeBeforeExp
seconds, it will regenerate a new one and return it.
You can use the prefix
parameter to add a string before the arianee access token payload in the message to be signed.
createWalletAccessToken(payloadOverride: PayloadOverride = {}, prefix?: string): Promise<string>
This method generates an Arianee Access Token (AAT) for the wallet scope. It returns a Promise
that resolves to the AAT as a string
.
It takes two optional parameters, a payloadOverride
parameter to override the default payload and a prefix
parameter to add a string before the arianee access token payload in the message to be signed.
createCertificateArianeeAccessToken(certificateId: number, network: string): Promise<string>
This method generates an Arianee Access Token (AAT) for the certificate scope. It takes two parameters: certificateId
, which is the ID of the certificate, and network
, which is the name of the Arianee network. It returns a Promise
that resolves to the AAT as a string
.
createActionArianeeAccessTokenLink(url: string, certificateId: number, network: string): Promise<string>
This method creates a link with an Arianee Access Token (AAT) attached to it. It takes three parameters: url
, which is the URL to attach the AAT to, certificateId
, which is the ID of the certificate, and network
, which is the name of the Arianee network. It returns a Promise
that resolves to the link with the AAT as a string
.
If you only need to decode existing arianee access token, you don't need to instanciate the class.
You can use the following static methods. These methods will automatically detect if the arianee access token is prefixed and handle it. In order for this to work seamlessly, the arianee access tokens must be signed with one of these two signature algorithms (alg prop in header): secp256k1
or ETH
.
static isArianeeAccessTokenValid(arianeeAccessToken: string): boolean
This static method checks if an Arianee Access Token (AAT) is valid. It takes an arianeeAccessToken
parameter as a string
and returns a boolean
indicating whether the AAT is valid or not.
static decodeJwt(arianeeAccessToken: string): {header: JwtHeaderInterface, payload: ArianeeAccessTokenPayload, signature: string}
This static method decodes an Arianee Access Token (AAT). It takes an arianeeAccessToken
parameter as a string
and returns an object with the decoded AAT, containing the header, payload, and signature.
You can pass a storage
object (that implements the Web Storage API
) to the constructor under the params.storage
key.
This storage will be used for caching the generated arianee access token. Make sure that you do not pass an unsafe / public storage as it may expose the generated arianee access token.
FAQs
The ArianeeAccessToken class is a module that allows you to create and manage Arianee Access Tokens (AAT). This class requires the Core class from the @arianee/core module
The npm package @arianee/arianee-access-token receives a total of 224 weekly downloads. As such, @arianee/arianee-access-token popularity was classified as not popular.
We found that @arianee/arianee-access-token demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.