8.4.0 • Published 3 years ago
@o.mhadhbi/jsonwebtoken v8.4.0
jsonwebtoken
This is a fork of node-jsonwebtoken branch f9ba002 (version: 8.4.0).This version supports jwt signed using ES256K algorithm and ethereum keys or sjcl keys.
Install
$ npm install jsonwebtoken@npm:@o.mhadhbi/jsonwebtoken
To override the original jsonwebtoken package but preserve all names.
Usage
If you are going to use ES256K algorithm, you have to provide an implementation of sign and verify functions.
Note: If you just want to sign and verify jwt using ES256K algorithm and ethereum keys, you can directly use jsontokens.
Example 1 with Ethereum public key:
//import { TokenVerifier } from 'jsontokens';
{
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
secretOrKey: config.ethereumPublicKey`,
jsonWebTokenOptions: {
cryptoManager: {
verify: (jwt: string, ethereumPublicKey: string, algorithm: string) => {
return new TokenVerifier(algorithm, ethereumPublicKey).verify(jwt);
},
},
keyName: 'Ethereum', //must be 'Ethereum'
},
}
Example 2 with sjcl keys:
//sjcl = require('sjcl')
let cryptoManager;
cryptoManager.keys['keyname'] = sjcl.ecc.ecdsa.generateKeys(sjcl.ecc.curves.k256);
cryptoManager.verify = (keyname, hash, signature) => {
if(!cryptoManager.keys['keyname']) {
throw new Error('Key not found');
}
const pair = cryptoManager.keys[keyname];
return pair.pub.verify(sjcl.codec.hex.toBits(hash), sjcl.codec.hex.toBits(signature));
}
Algorithms supported
Array of supported algorithms. The following algorithms are currently supported.
alg Parameter Value | Digital Signature or MAC Algorithm |
---|---|
HS256 | HMAC using SHA-256 hash algorithm |
HS384 | HMAC using SHA-384 hash algorithm |
HS512 | HMAC using SHA-512 hash algorithm |
RS256 | RSASSA-PKCS1-v1_5 using SHA-256 hash algorithm |
RS384 | RSASSA-PKCS1-v1_5 using SHA-384 hash algorithm |
RS512 | RSASSA-PKCS1-v1_5 using SHA-512 hash algorithm |
PS256 | RSASSA-PSS using SHA-256 hash algorithm (only node ^6.12.0 OR >=8.0.0) |
PS384 | RSASSA-PSS using SHA-384 hash algorithm (only node ^6.12.0 OR >=8.0.0) |
PS512 | RSASSA-PSS using SHA-512 hash algorithm (only node ^6.12.0 OR >=8.0.0) |
ES256 | ECDSA using P-256 curve and SHA-256 hash algorithm |
ES256k | ECDSA using SECP256K1 curve (*) |
ES384 | ECDSA using P-384 curve and SHA-384 hash algorithm |
ES512 | ECDSA using P-521 curve and SHA-512 hash algorithm |
none | No digital signature or MAC value included |
8.4.0
3 years ago