Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

jwt-utils

Package Overview
Dependencies
Maintainers
3
Versions
5
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

jwt-utils

JSON Web Tokens (JWT) utils

  • 1.0.5
  • latest
  • npm
  • Socket score

Version published
Weekly downloads
20
decreased by-53.49%
Maintainers
3
Weekly downloads
 
Created
Source

jwt-utils

JSON Web Tokens (JWT) utils.

npm version Build Status Coverage Status

This module is able to parse and generate both encrypted and unencrypted JWT tokens.

  • A hash key (hashKey) is needed to generate a JWT signature.
  • An encryption key (encryptKey) is needed only if you need to deal with encrypted JWT tokens.

This module only allows hexadecimal strings as hash and encryption keys. The encryption key must be a 32-length hexadecimal value (16 bytes) if the encryption algorithm is A128CBC.

The kid (key identifier) goes in the JWT header, and serves as a client identifier, in case you need to use different keys for different clients.

Installation

npm install jwt-utils

Examples

var config = { expiration: 600};
var jwt = require('jwt-utils')(config);

// Encode JWT token
jwt.buildJWT(payload, header, hashKey, function(err, token) {
    if (!err) {
        console.log(token); // something in the format "aaa.bbb.ccc"
    }
});

// Decode JWT token
jwt.readJWT(token, hashKey, function(err, token) {
    if (!err) {
        console.log(token.payload);
        console.log(token.header);
    }
});

// Encrypt JWT token
jwt.buildJWTEncrypted(payload, header, encryptKey, hashKey, function(err, token) {
    if (!err) {
        console.log(token); // something in the format "aaa.bbb.ccc.ddd.eee"
    }
});

// Decrypt JWT token
jwt.readJWTEncrypted(token, encryptKey, hashKey, function(err, token) {
    if (!err) {
        console.log(token.payload);
        console.log(token.header);
    }
});

// Read JWT header
jwt.readJWTHeader(token, function(err, header) {
    if (!err) {
        console.log(header);
    }
});

Configuration

  • expiration: Expiration time in seconds to generate exp field in token (this functionality can be disabled by setting the value to 0).
  • futureTolerance: Tolerance seconds to find out if a jwt comes from the future or not.

Development information

npm test

Errors:

The following file has registered the error of this library: errors.json

License

Copyright 2015 Telefónica Investigación y Desarrollo, S.A.U

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Keywords

FAQs

Package last updated on 30 Jul 2018

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc