Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

cognito-jwt-lite

Package Overview
Dependencies
Maintainers
1
Versions
5
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

cognito-jwt-lite - npm Package Compare versions

Comparing version 1.0.0 to 1.0.1

4

package.json
{
"name": "cognito-jwt-lite",
"version": "1.0.0",
"version": "1.0.1",
"description": "Lightweight AWS Cognito JWT verifier",
"main": "lib/index.js",
"main": "lib/src/index.js",
"scripts": {

@@ -7,0 +7,0 @@ "prettier": "npx prettier --write '{src,test}/**/*.{ts,tsx,json,yml}'",

23

README.md
# cognito-jwt-lite
![npm bundle size](https://img.shields.io/bundlephobia/minzip/cognito-jwt-lite)
[![npm](https://img.shields.io/npm/v/cognito-jwt-lite)](https://www.npmjs.com/package/cognito-jwt-lite)
[![npm bundle size](https://img.shields.io/bundlephobia/minzip/cognito-jwt-lite)](https://bundlephobia.com/package/cognito-jwt-lite)
![npm](https://img.shields.io/npm/dm/cognito-jwt-lite)
![Snyk Vulnerabilities for GitHub Repo](https://img.shields.io/snyk/vulnerabilities/github/MarioArnt/cognito-jwt-lite)
[![semantic-release](https://img.shields.io/badge/semantic--release-enabled?logo=semantic-release)](https://github.com/semantic-release/semantic-release)
![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/MarioArnt/cognito-jwt-lite/publish.yml)
![Snyk Vulnerabilities for GitHub Repo](https://img.shields.io/snyk/vulnerabilities/github/MarioArnt/cognito-jwt-lite)
[![Coverage](https://sonarcloud.io/api/project_badges/measure?project=MarioArnt_cognito-jwt-lite&metric=coverage)](https://sonarcloud.io/dashboard?id=MarioArnt_cognito-jwt-lite)

@@ -25,2 +28,4 @@ [![Duplicated Lines (%)](https://sonarcloud.io/api/project_badges/measure?project=MarioArnt_cognito-jwt-lite&metric=duplicated_lines_density)](https://sonarcloud.io/dashboard?id=MarioArnt_cognito-jwt-lite)

> Need lightweight lib to verify Azure AD tokens ? [Check this out](https://github.com/MarioArnt/azure-ad-jwt-lite)
## Getting started

@@ -37,3 +42,3 @@

const decoded = await verifyAzureToken(token, {
const decoded = await verify(token, {
issuer: `https://cognito-idp.${process.env.AWS_COGNITO_POOL_REGION}.amazonaws.com/${process.env.AWS_COGNITO_POOL_ID}`,

@@ -48,3 +53,3 @@ });

const decoded = await verifyAzureToken(token, {
const decoded = await verify(token, {
audience: process.env.JWT_AUD,

@@ -60,5 +65,5 @@ issuer: `https://cognito-idp.${process.env.AWS_COGNITO_POOL_REGION}.amazonaws.com/${process.env.AWS_COGNITO_POOL_ID}`,

```typescript
import { verifyAzureToken } from 'cognito-jwt-lite';
import { verify } from 'cognito-jwt-lite';
const decoded = await verifyAzureToken(token, {
const decoded = await verify(token, {
maxRetries: 5,

@@ -77,5 +82,5 @@ audience: process.env.JWT_AUD,

* `TokenNotDecoded`: the token cannot be decoded. This usually means the token is ill-formed.
* `MissingKeyID`: no `kid` (Microsoft Key ID) field is present in JWT header.
* `ErrorFetchingKeys`: API call to fetch Microsoft public keys failed.
* `NotMatchingKey`: no matching key is found in Microsoft response.
* `MissingKeyID`: no `kid` (Key ID) field is present in JWT header.
* `ErrorFetchingKeys`: API call to fetch Cognito public keys failed.
* `NotMatchingKey`: no matching key is found in Cognito response.
* `JsonWebTokenError`: token cannot be verified, the human-readable reason is provided (expired, audience mismatch etc...)
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc