1.2.0 • Published 6 days ago

@pagopa/io-react-native-jwt v1.2.0

Weekly downloads
-
License
MIT
Repository
github
Last release
6 days ago

⚡️ @pagopa/io-react-native-jwt

A fast implementation of jwt module. Provides much greater performance for decoding, signing and verifying JWTs!

🚀 Use only native functions via the following libraries:

Installation

npm install @pagopa/io-react-native-jwt

Usage

For detailed documentation go here

Decode a JWT

import { decode } from '@pagopa/io-react-native-jwt';

// ...
const jwt = 'eyJ0eXAiOiJlbnRpdHktc3.....';
const result = await decode(jwt);
console.log(result);

Verify JWT

import { verify } from '@pagopa/io-react-native-jwt';

// ...
const pubJwk = {
  crv: 'P-256',
  kty: 'EC',
  x: 'qrJrj.....',
  y: '1H0cW.....',
};
const jwt = 'eyJ0eXAiOiJlbnRpdHktc3.....';
const options = {
  typ: 'jwt',
  requiredClaims: ['iss', 'sub'],
};
const { protectedHeader, payload } = await verify(jwt, pubJwk, options);
console.log(protectedHeader, payload);

Verify JWT with JWKS fetched from remote URL

import { verify, getRemoteJWKSet } from '@pagopa/io-react-native-jwt';

// ...
const wellKnownUrl = 'https://example.com/.well-known/openid-federation';
const jwks = await getRemoteJWKSet(wellKnownUrl);

const jwt = 'eyJ0eXAiOiJlbnRpdHktc3.....';

const { protectedHeader, payload } = await verify(jwt, jwks);
console.log(protectedHeader, payload);

Verify a JWT signature (JWS)

import { isSignatureValid } from '@pagopa/io-react-native-jwt';

// ...
const pubJwk = {
    crv: 'P-256',
    kty: 'EC',
    x: 'qrJrj.....',
    y: '1H0cW.....',
  };
const jwt = "eyJ0eXAiOiJlbnRpdHktc3.....";

const isValid = await isSignatureValid(jwt, pubJwk);

if isValid {
    console.log("Signature of JWT is valid!");
} else {
    console.log("Signature of JWT is NOT valid!");
}

Create and sign a JWT with a JWS

// Define a cryptographic context suitable for the application needs
const crypto: CryptoContext = userDefinedCryptoContext();

// Create jwt
const jwt = new SignJWT(crypto)
  .setPayload({ metadata: 'demo' })
  .setProtectedHeader({ typ: 'JWT' })
  .setAudience('demo')
  .setExpirationTime('1h')
  .setIssuedAt();

// get signed jwt
const signedJwt = jwt.sign();

JWK thumbprint

import { thumbprint } from '@pagopa/io-react-native-jwt';

// ...
const pubJwk = {
  crv: 'P-256',
  kty: 'EC',
  x: 'qrJrj.....',
  y: '1H0cW.....',
};
const thumbprint = await thumbprint(pubJwk);
console.log(thumbprint);

 Signature format

For an ECDSA signature it is required that this is in ASN.1/DER encoded format. The same format supported by Secure Enclave (TEE). Transcoding is done automatically via the following function:

derToJose = async (
  asn1Signature: string,
  alg: string
): Promise<string>

Refs: RFC7515

Example

You can use the sample app to test and understand how to use the library.

cd example

yarn install

# To use iOS
yarn ios

# To use Android
yarn android
react-nativeiosandroid
ababzod
@everything-registry/sub-chunk-701
1.2.0

6 days ago

1.1.0

5 months ago

1.0.0

8 months ago

0.6.4

9 months ago

0.6.3

9 months ago

0.6.2

9 months ago

0.6.1

9 months ago

0.6.0

9 months ago

0.5.0

10 months ago

0.4.1

10 months ago