@escodel/turnkey v1.0.5
turnkey🗝
Turnkey is the base library for generating keys using the node-jose library. It allows you to import an existing keystore, or create one, and export local public and private keys using the RS256 hashing algorithm.
The goal of turnkey is to incorporate it into the implementation of your choice, such as using it client-side with axios. You can see more at turnkey-axios and the information below about extending turnkey.
Ultimately, this library provides a foundation for tokenized, encrypted communication between entities.
Install
npm install @escodel/turnkeyExample
Make Keys
await turnkey.makeKeys()Extending turnkey
To extend turnkey for your own implementation, you will need to do a few things.
First, import or require @escodel/turnkey, along with your communication method of choice. For example, turnkey-axios uses axios.
Next, import or require { JWK, JWS, JWE } from node-jose. To set a default configuration for your implementation, create a turnkey.config.js file in the root.
To create keys, use the example above for making the keys then store/persist them as you see fit.
To conduct a key exchange with the server, create a keyExchange method on the turnkey object. Ensure your keys have been created, then process the response from the server. You should be receiving the server's public key in exchange for your public key.
To tokenize your data of choice, write a createToken method on the turnkey object. There you can choose what your payload will look like. Here are the required properties for your payload, which you can append to your payload object:
- nbf: not before
- exp: expiration
- iat: issued at
- iss: issuer
- aud: audience
When the payload is created, sign it using JWS.createSign with your local private key.
To encrypt your token before sending it over the wire, add an encrypt method to the turnkey object. Pass in your token, set any options you want for node-jose encryption, then use the JWE.createEncrypt method.