@shgysk8zer0/jwk-utils v1.0.20
@shgysk8zer0/jwk-utils
Use JWK and JWTs using the Crypto API
Installation
npm i @shgysk8zer0/jwk-utils
About
This library provides JWK
and JWT support via the crypto
API.
Supported Algorithms
- RS256
- RS384
- RS512
- ES256
- ES384
- ES512
- HS256
- HS384
- HS512
- PS256
- PS384
- PS512
- EdDSA
!Note EdDSA is currently experimental in Node.js and is only suported in Safari. See Browser Compatibility on MDN.
Not Supported
- ES256K
Example
import { generateJWK, createJWT, verifyJWT } from '@shgysk8zer0/jwt-jwk';
// Generate a JWK pair
const { publicKey, privateKey } = await generateJWK();
// JWTs use Unix timestamps - seconds, not ms.
const now = Math.floor(Date.now() / 1000);
// Create a JWT
const token = await createJWT({
iss: 'Some issuer',
sub: 'The Subject',
iat: now,
exp: now + 60,
nbf: now,
jti: crypto.randomUUID(),
scope: 'api',
entitlements: ['db:read'],
}, privateKey);
// Verify the JWT
const verifiedPayload = await verifyJWT(token, publicKey, { entitlements: ['db:read'] });
Limitations
Due to using JWKs and public/private keys, this currently does not support algorithms
not suppported by crypto.subtle
.
!Note Polyfills, especially for
Unit8Array.fromBase64()
&Uint8Array.prototype.toBase64()
are required. They are provided by@shgysk8zer0/polyfills
, which is imported in the main package (@shgysk8zer0/jwk-utils
). However, for compatibility with client-side usage and to avoid conflicts, it is not imported by direct imports.
7 months ago
7 months ago
7 months ago
7 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago