json-web-token v3.2.0

json-web-token

JWT encode and decode for Node.js that can use callbacks or by returning an object {error:, value:}

WIKI

JSON Web Token (JWT) is a compact URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JavaScript Object Notation (JSON) object that is used as the payload of a JSON Web Signature (JWS) structure or as the plaintext of a JSON Web Encryption (JWE) structure, enabling the claims to be digitally signed or MACed and/or encrypted.

info & more info

the version 2.*.* should work only for NodeJS >= 4 for NodeJS 0.10 and 0.12 should install the version 1.6.3

API

jwt#encode(key, payload, algorithm, cb)

• key, your secret
• payload, the payload or Claim Names or an object with {payload, header}

ex:

{
   "iss": "my_issurer",
  "aud": "World",
  "iat": 1400062400223,
  "typ": "/online/transactionstatus/v2",
  "request": {
    "myTransactionId": "[myTransactionId]",
    "merchantTransactionId": "[merchantTransactionId]",
    "status": "SUCCESS"
  }
}

attention that exists some reserved claim names (like "iss", "iat", etc..) check in here for more info about JWT Claims.

• algorithm, default to 'sha256', use jwt#getAlgorithms() to get the supported algorithms
• cb, the callback(errname, message, token)

jwt#decode(key, token, cb)

• key, your secret
• token, the JWT token
• cb, the callback(errname, message, decodedPayload, decodedHeader)

Example

var jwt = require('json-web-token');

var payload = {
  "iss": "my_issurer",
  "aud": "World",
  "iat": 1400062400223,
  "typ": "/online/transactionstatus/v2",
  "request": {
    "myTransactionId": "[myTransactionId]",
    "merchantTransactionId": "[merchantTransactionId]",
    "status": "SUCCESS"
  }
};

var secret = 'TOPSECRETTTTT';

// encode
jwt.encode(secret, payload, function (err, token) {
  if (err) {
    console.error(err.name, err.message);
  } else {
    console.log(token);

    // decode
    jwt.decode(secret, token, function (err_, decodedPayload, decodedHeader) {
      if (err) {
        console.error(err.name, err.message);
      } else {
        console.log(decodedPayload, decodedHeader);
      }
    });
  }
});

using the optional reserved headers (alg and typ can't be set using this method)

var settingAddHeaders = {
  payload: {
    "iss": "my_issurer",
    "aud": "World",
    "iat": 1400062400223,
    "typ": "/online/transactionstatus/v2",
    "request": {
      "myTransactionId": "[myTransactionId]",
      "merchantTransactionId": "[merchantTransactionId]",
      "status": "SUCCESS"
    }
  },
  header: {
    kid: 'key ID'
  }
}

jwt.encode(secret, settingAddHeaders, function (err, token) {

})

this projet has been set up with a precommit that forces you to follow a code style, no jshint issues and 100% of code coverage before commit

to run test

npm test

to run jshint

npm run lint

to run code style

npm run style

to run code coverage

npm run coverage

to open the code coverage report

npm run coverage:open

to run benchmarks

npm run bench

to run the source complexity tool

npm run complexity

to open the complexity report

npm run complexity:open