Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

json-web-token

Package Overview
Dependencies
Maintainers
1
Versions
18
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

json-web-token

JSON Web Token (JWT) is a compact token format intended for space constrained environments such as HTTP Authorization headers and URI query parameters.

  • 3.2.0
  • latest
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
6.8K
increased by42.18%
Maintainers
1
Weekly downloads
 
Created
Source

json-web-token

JWT encode and decode for Node.js that can use callbacks or by returning an object {error:, value:}

WIKI

JSON Web Token (JWT) is a compact URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JavaScript Object Notation (JSON) object that is used as the payload of a JSON Web Signature (JWS) structure or as the plaintext of a JSON Web Encryption (JWE) structure, enabling the claims to be digitally signed or MACed and/or encrypted.

info & more info

Build StatusCode Coverage 100%ISC License

the version 2.*.* should work only for NodeJS >= 4 for NodeJS 0.10 and 0.12 should install the version 1.6.3

API

jwt#encode(key, payload, [algorithm], cb)
  • key, your secret
  • payload, the payload or Claim Names or an object with {payload, header}

ex:

{
   "iss": "my_issurer",
  "aud": "World",
  "iat": 1400062400223,
  "typ": "/online/transactionstatus/v2",
  "request": {
    "myTransactionId": "[myTransactionId]",
    "merchantTransactionId": "[merchantTransactionId]",
    "status": "SUCCESS"
  }
}

attention that exists some reserved claim names (like "iss", "iat", etc..) check in here for more info about JWT Claims.

  • algorithm, default to 'sha256', use jwt#getAlgorithms() to get the supported algorithms
  • cb, the callback(err[name, message], token)
jwt#decode(key, token, cb)
  • key, your secret
  • token, the JWT token
  • cb, the callback(err[name, message], decodedPayload[, decodedHeader])
Example
var jwt = require('json-web-token');

var payload = {
  "iss": "my_issurer",
  "aud": "World",
  "iat": 1400062400223,
  "typ": "/online/transactionstatus/v2",
  "request": {
    "myTransactionId": "[myTransactionId]",
    "merchantTransactionId": "[merchantTransactionId]",
    "status": "SUCCESS"
  }
};

var secret = 'TOPSECRETTTTT';

// encode
jwt.encode(secret, payload, function (err, token) {
  if (err) {
    console.error(err.name, err.message);
  } else {
    console.log(token);

    // decode
    jwt.decode(secret, token, function (err_, decodedPayload, decodedHeader) {
      if (err) {
        console.error(err.name, err.message);
      } else {
        console.log(decodedPayload, decodedHeader);
      }
    });
  }
});

using the optional reserved headers (alg and typ can't be set using this method)

var settingAddHeaders = {
  payload: {
    "iss": "my_issurer",
    "aud": "World",
    "iat": 1400062400223,
    "typ": "/online/transactionstatus/v2",
    "request": {
      "myTransactionId": "[myTransactionId]",
      "merchantTransactionId": "[merchantTransactionId]",
      "status": "SUCCESS"
    }
  },
  header: {
    kid: 'key ID'
  }
}

jwt.encode(secret, settingAddHeaders, function (err, token) {

})


this projet has been set up with a precommit that forces you to follow a code style, no jshint issues and 100% of code coverage before commit

to run test

npm test

to run jshint

npm run lint

to run code style

npm run style

to run code coverage

npm run coverage

to open the code coverage report

npm run coverage:open

to run benchmarks

npm run bench

to run the source complexity tool

npm run complexity

to open the complexity report

npm run complexity:open

Keywords

FAQs

Package last updated on 30 Sep 2019

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc