{"id":19621315,"url":"https://github.com/commenthol/veloze-jwt","last_synced_at":"2025-04-23T21:22:02.239Z","repository":{"id":171098699,"uuid":"647132574","full_name":"commenthol/veloze-jwt","owner":"commenthol","description":"JWT Token Validation","archived":false,"fork":false,"pushed_at":"2024-11-16T12:50:33.000Z","size":32,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-11T05:17:45.329Z","etag":null,"topics":["jwt","jwt-token","validation","veloze"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/commenthol.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"code_of_conduct.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-05-30T06:09:22.000Z","updated_at":"2024-11-16T12:50:36.000Z","dependencies_parsed_at":null,"dependency_job_id":"89b148c1-c3ca-4962-ba33-9dc92d17ade3","html_url":"https://github.com/commenthol/veloze-jwt","commit_stats":null,"previous_names":["commenthol/veloze-jwt"],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/commenthol%2Fveloze-jwt","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/commenthol%2Fveloze-jwt/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/commenthol%2Fveloze-jwt/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/commenthol%2Fveloze-jwt/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/commenthol","download_url":"https://codeload.github.com/commenthol/veloze-jwt/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250515326,"owners_count":21443371,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["jwt","jwt-token","validation","veloze"],"created_at":"2024-11-11T11:22:20.045Z","updated_at":"2025-04-23T21:22:02.234Z","avatar_url":"https://github.com/commenthol.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![npm-badge][npm-badge]][npm]\n[![actions-badge][actions-badge]][actions]\n![types-badge][types-badge]\n\n# @veloze/jwt\n\nMiddleware to verify JSON-Web-Tokens (JWT) sent in Bearer Authorization Header.\n\nIf public-keys are required to verify JWTs the JWKS URI can be detected by\nissuer using `.well-known/openid-configuration` URLs.\n\nSupports multiple issuers with the `jwks()` method.\n\nWorks also with [express][] using `jwtAuthExpress()`.\n\n# usage\n\nInstallation\n\n```\nnpm i @veloze/jwt\n```\n\nIn your code:\n\n```js\nimport { Server } from 'veloze'\nimport { jwtAuth } from '@veloze/jwt'\n\nconst server = new Server()\nconst issuer = 'https://my.oau.th'\n// for HS256, HS384, HS512 token provide secret\nconst protect = jwtAuth({ issuer, secret: 's€cr3t' })\nserver.get('/', protect, (req, res) =\u003e res.end())\nserver.listen(443)\n\n// ----\nawait fetch('https://server', { \n  headers: {\n    authorization: 'Bearer \u003cTOKEN\u003e' // H256 Token with issuer https://my.oau.th\n  }\n})\n```\n\nFor OIDC servers with .well-known/openid-configuration \n\n```js\nimport { jwtAuth, jwks } from '@veloze/jwt'\n\nconst issuer = 'https://my.oau.th'\nconst issuer2 = 'https://oauth.other'\n\n// supports multiple issuers\nconst secret = jwks([issuer, issuer2])\nconst protect = jwtAuth({ secret })\n```\n\n# API\n\n## jwtAuth\n\n```ts\nimport { \n  JWTHeaderParameters,\n  JWTPayload,\n  JWTVerifyOptions, \n  KeyLike \n} from 'jose'\n\ninterface DecodedJWT {\n  header: JWTHeaderParameters,\n  payload: JWTPayload,\n  signature: string\n}\n\ntype GetKeyLikeFn = (decodedToken: DecodedJWT, req: Request) =\u003e Promise\u003cKeyLike\u003e;\n\ninterface JwtOptions extends JWTVerifyOptions {\n  /**\n   * for HS256...HS512 provide secret as Buffer or string\n   * for asymmetric JWT provide publicKey as secret\n   */\n  secret: string|Buffer|KeyLike|GetKeyLikeFn\n  /**\n   * if verification is successful then payload of decoded token is added to \n   * request using this property e.g. default is `req.auth`\n   * @default 'auth'\n   */\n  requestProperty: string\n}\n\nfunction jwtAuth (options: JwtOptions): \n  Promise\u003c(req: Request, res: Response): void\u003e\n\nfunction jwtAuthExpress (options: JwtOptions): \n  (req: Request, res: Response, next: Function): void\n```\n\n## jwks\n\n```ts\ntype JwksOptions = {\n  /**\n   * allows to set custom fetch function\n   */\n  fetcher?: typeof fetch | undefined;\n  /**\n   * expiry in ms, JWKS uris are cached until this expiry timeout\n   */\n  expiresIn?: number | undefined;\n  /**\n   * jwksUri by issuer (for PS, RS, ES alg JWTs)\n   * allows to overwrite the default jwks_uri which usually is looked-up from \n   * .well-known/openid-configuration\n   */\n  jwksByIssuer?: Record\u003cstring, string\u003e | undefined;\n  /**\n   * secret by issuer (for HS JWTs) \n   */\n  secretsByIssuer?: Record\u003cstring, string | Uint8Array\u003e | undefined;\n};\n\n/**\n * issuers: provide a list of different issuers which shall be supported\n */\nfunction jwks(issuers: string[], options: JwksOptions): GetKeyLikeFn;\n```\n\n# license\n\nMIT licensed\n\n[npm-badge]: https://badgen.net/npm/v/@veloze/jwt\n[npm]: https://www.npmjs.com/package/@veloze/jwt\n[types-badge]:https://badgen.net/npm/types/@veloze/jwt\n[actions-badge]: https://github.com/commenthol/veloze-jwt/workflows/CI/badge.svg?branch=main\u0026event=push\n[actions]: https://github.com/commenthol/veloze-jwt/actions/workflows/ci.yml?query=branch%3Amain\n\n[express]: https://expressjs.com\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcommenthol%2Fveloze-jwt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcommenthol%2Fveloze-jwt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcommenthol%2Fveloze-jwt/lists"}