@shgysk8zer0/jwk-utils NPM

@shgysk8zer0/jwk-utils

Use JWK and JWTs using the Crypto API

node-current npm bundle size gzipped

Installation

npm i @shgysk8zer0/jwk-utils

About

This library provides JWK and JWT support via the crypto API.

Supported Algorithms

RS256
RS384
RS512
ES256
ES384
ES512
HS256
HS384
HS512
PS256
PS384
PS512
EdDSA

!Note EdDSA is currently experimental in Node.js and is only suported in Safari. See Browser Compatibility on MDN.

Not Supported

ES256K

Example

import { generateJWK, createJWT, verifyJWT } from '@shgysk8zer0/jwt-jwk';

// Generate a JWK pair
const { publicKey, privateKey } = await generateJWK();

// JWTs use Unix timestamps - seconds, not ms.
const now = Math.floor(Date.now() / 1000);
// Create a JWT
const token = await createJWT({
  iss: 'Some issuer',
  sub: 'The Subject',
  iat: now,
  exp: now + 60,
  nbf: now,
  jti: crypto.randomUUID(),
  scope: 'api',
  entitlements: ['db:read'],
}, privateKey);

// Verify the JWT
const verifiedPayload = await verifyJWT(token, publicKey, { entitlements: ['db:read'] });

Limitations

Due to using JWKs and public/private keys, this currently does not support algorithms not suppported by crypto.subtle.

!Note Polyfills, especially for Unit8Array.fromBase64() & Uint8Array.prototype.toBase64() are required. They are provided by @shgysk8zer0/polyfills, which is imported in the main package (@shgysk8zer0/jwk-utils). However, for compatibility with client-side usage and to avoid conflicts, it is not imported by direct imports.