oidc-token-hash
oidc-token-hash validates (and generates) ID Token _hash
claims such as at_hash
or c_hash
.
Usage
Validating
const oidcTokenHash = require('oidc-token-hash');
const at_hash = 'x7vk7f6BvQj0jQHYFIk4ag';
const access_token = 'YmJiZTAwYmYtMzgyOC00NzhkLTkyOTItNjJjNDM3MGYzOWIy9sFhvH8K_x8UIHj1osisS57f5DduL-ar_qw5jl3lthwpMjm283aVMQXDmoqqqydDSqJfbhptzw8rUVwkuQbolw';
oidcTokenHash(at_hash, access_token, 'RS256');
oidcTokenHash(at_hash, 'foobar', 'RS256');
oidcTokenHash.valid('foobar', access_token, 'RS256');
Generating
oidcTokenHash.generate(access_token, 'RS256');
oidcTokenHash.generate(access_token, 'HS384');
oidcTokenHash.generate(access_token, 'ES512');
Changelog
- 3.0.1 -
base64url
comeback - 3.0.0 - drop lts/4 support, replace base64url dependency
- 2.0.0 - rather then assuming the alg based on the hash length
#valid()
now requires a third
argument with the JOSE header alg
value, resulting in strict validation - 1.0.0 - initial release