		@@ -22,6 +22,17 @@ /*
		HS384: 'sha384',
		HS512: 'sha512'
		HS512: 'sha512',
		RS256: 'RSA-SHA256'
		};

		/**
		* Map algorithm to hmac or sign type, to determine which crypto function to use
		*/
		var typeMap = {
		HS256: 'hmac',
		HS384: 'hmac',
		HS512: 'hmac',
		RS256: 'sign'
		};


		/**
		@@ -36,3 +47,3 @@ * expose object
		*/
		jwt.version = '0.1.0';
		jwt.version = '0.2.0';

		@@ -66,3 +77,4 @@ /**
		var signingMethod = algorithmMap[header.alg];
		if (!signingMethod) {
		var signingType = typeMap[header.alg];
		if (!signingMethod \|\| !signingType) {
		throw new Error('Algorithm not supported');
		@@ -73,3 +85,3 @@ }
		var signingInput = [headerSeg, payloadSeg].join('.');
		if (signatureSeg !== sign(signingInput, key, signingMethod)) {
		if (!verify(signingInput, key, signingMethod, signingType, signatureSeg)) {
		throw new Error('Signature verification failed');
		@@ -104,3 +116,4 @@ }
		var signingMethod = algorithmMap[algorithm];
		if (!signingMethod) {
		var signingType = typeMap[algorithm];
		if (!signingMethod \|\| !signingType) {
		throw new Error('Algorithm not supported');
		@@ -116,3 +129,3 @@ }
		segments.push(base64urlEncode(JSON.stringify(payload)));
		segments.push(sign(segments.join('.'), key, signingMethod));
		segments.push(sign(segments.join('.'), key, signingMethod, signingType));

		@@ -127,4 +140,28 @@ return segments.join('.');

		function sign(input, key, method) {
		var base64str = crypto.createHmac(method, key).update(input).digest('base64');
		function verify(input, key, method, type, signature) {
		if(type === "hmac") {
		return (signature === sign(input, key, method, type));
		}
		else if(type == "sign") {
		return crypto.createVerify(method)
		.update(input)
		.verify(key, base64urlUnescape(signature), 'base64');
		}
		else {
		throw new Error('Algorithm type not recognized');
		}
		}

		function sign(input, key, method, type) {
		var base64str;
		if(type === "hmac") {
		base64str = crypto.createHmac(method, key).update(input).digest('base64');
		}
		else if(type == "sign") {
		base64str = crypto.createSign(method).update(input).sign(key, 'base64');
		}
		else {
		throw new Error('Algorithm type not recognized');
		}

		return base64urlEscape(base64str);
		@@ -131,0 +168,0 @@ }

package.json

		{
		"name": "jwt-simple",
		"description": "JWT(JSON Web Token) encode and decode module",
		"version": "0.1.0",
		"version": "0.2.0",
		"author": "Kazuhito Hokamura <k.hokamura@gmail.com>",
		@@ -6,0 +6,0 @@ "repository": {

README.md

		@@ -23,1 +23,10 @@ # node-jwt-simple
		console.log(decoded); //=> { foo: 'bar' }

		### Algorithms

		By default the algorithm to encode is `HS256`.

		The supported algorithms for encoding and decoding are `HS256`, `HS384`, `HS512` and `RS256`.

		// encode using HS512
		jwt.encode(playload, secret, 'HS512')

test/basic.js

		var jwt = require('../index');
		var expect = require('expect.js');
		var fs = require('fs');

		@@ -45,2 +46,13 @@ describe('method and property', function() {
		});

		it('RS256', function() {
		var obj = { foo: 'bar' };
		var pem = fs.readFileSync(__dirname + '/test.pem').toString('ascii');
		var cert = fs.readFileSync(__dirname + '/test.crt').toString('ascii');
		var alg = 'RS256';
		var token = jwt.encode(obj, pem, alg);
		var obj2 = jwt.decode(token, cert);
		expect(obj2).to.eql(obj);
		expect(jwt.decode.bind(null, token, 'invalid_key')).to.throwException();
		});
		});

History.md→History.md

jwt-simple - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics