@oslojs/jwt
Advanced tools
Documentation: https://jwt.oslojs.dev
A JavaScript library for parsing and encoding JSON web tokens (JWT) by Oslo. Only signed tokens are supported.
import { parseJWT, JWSRegisteredHeaders, JWTRegisteredClaims, joseAlgorithmHS256 } from "@oslojs/jwt";
const [header, payload, signature] = parseJWT(jwt);
const headerParameters = new JWSRegisteredHeaders(header);
if (header.algorithm() !== joseAlgorithmHS256) {
throw new Error("Unsupported algorithm");
}
const claims = new JWTRegisteredClaims(payload);
if (!claims.verifyExpiration()) {
throw new Error("Expired token");
}
if (claims.hasNotBefore() && !claims.verifyNotBefore()) {
throw new Error("Invalid token");
}
npm i @oslojs/jwt
0.2.0
JWSRegisteredHeaderParameters to JWSRegisteredHeaderscreateJWT(), parseJWT() and createJWTSignatureMessage()decodeJWT()FAQs
Parse and encoding JSON web tokens
The npm package @oslojs/jwt receives a total of 3,436 weekly downloads. As such, @oslojs/jwt popularity was classified as popular.
We found that @oslojs/jwt demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
An advanced npm supply chain attack is leveraging Ethereum smart contracts for decentralized, persistent malware control, evading traditional defenses.
Security News
Research
Attackers are impersonating Sindre Sorhus on npm with a fake 'chalk-node' package containing a malicious backdoor to compromise developers' projects.
Security News
The npm package for the LottieFiles Player web component was hit with a supply chain attack after a software engineer's npmjs credentials were compromised.