@gcoredev/as-jwt v1.0.2

as-jwt

AssemblyScript package that provides simple jws handling for jwt tokens.

Installation:

npm install @gcoredev/as-jwt

Usage:

import { jwtVerify, JwtValidation } from "@gcoredev/as-jwt/assembly";

const token = "<base64-header>.<base64-payload>.<signed-secret>";
const secret = "my-long-private-key-that-is-hard-to-guess";

const result: JwtValidation = jwtVerify(token, secret);

if (result === JwtValidation.Ok) {
  // Jwt is valid.
} else {
  // Jwt validation failed
}

API

jwtVerify()

jwtVerify(token, secret): JwtValidation

Validates token signature has been signed with a valid secret.

Also validates that claims contain an exp date and that the token is not expired.

compactVerify()

compactVerify(token, secret): JwtValidation

Validates token signature has been signed with a valid secret.

Does NOT validate any claims in the payload.

Internal Libraries:

Under the hood this package is powered by:

• as-hmac-sha2
• as-base64
• as-sha256