{"id":14984985,"url":"https://github.com/kriasoft/web-auth-library","last_synced_at":"2025-10-25T11:32:10.054Z","repository":{"id":38817409,"uuid":"497903073","full_name":"kriasoft/web-auth-library","owner":"kriasoft","description":"Authentication library for the browser environment using Web Crypto API","archived":false,"fork":false,"pushed_at":"2024-08-12T13:03:12.000Z","size":2765,"stargazers_count":100,"open_issues_count":16,"forks_count":9,"subscribers_count":4,"default_branch":"main","last_synced_at":"2024-10-30T00:55:27.036Z","etag":null,"topics":["authentication","authorization","cloudflare","crypto","decryption","encryption","gcp","hmac","jsonwebtoken","jwt","oauth","oauth2","subtlecrypto","token","webcrypto","webcrypto-api","webworkers"],"latest_commit_sha":null,"homepage":"https://developer.mozilla.org/docs/Web/API/Web_Crypto_API","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/kriasoft.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"kriasoft","patreon":"koistya","open_collective":"react-starter-kit"}},"created_at":"2022-05-30T10:57:14.000Z","updated_at":"2024-10-13T11:50:30.000Z","dependencies_parsed_at":"2022-09-26T21:01:55.833Z","dependency_job_id":"957bb576-6c3c-4440-9edc-22bea9b90426","html_url":"https://github.com/kriasoft/web-auth-library","commit_stats":{"total_commits":21,"total_committers":3,"mean_commits":7.0,"dds":0.2857142857142857,"last_synced_commit":"42a722e4cedc09ea2a86f92fe5aed73b19e5de94"},"previous_names":[],"tags_count":9,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kriasoft%2Fweb-auth-library","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kriasoft%2Fweb-auth-library/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kriasoft%2Fweb-auth-library/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kriasoft%2Fweb-auth-library/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/kriasoft","download_url":"https://codeload.github.com/kriasoft/web-auth-library/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":238133812,"owners_count":19421909,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","authorization","cloudflare","crypto","decryption","encryption","gcp","hmac","jsonwebtoken","jwt","oauth","oauth2","subtlecrypto","token","webcrypto","webcrypto-api","webworkers"],"created_at":"2024-09-24T14:10:02.493Z","updated_at":"2025-10-25T11:32:09.628Z","avatar_url":"https://github.com/kriasoft.png","language":"TypeScript","funding_links":["https://github.com/sponsors/kriasoft","https://patreon.com/koistya","https://opencollective.com/react-starter-kit","https://img.shields.io/badge/dynamic/json?color=%23ff424d\u0026label=Patreon\u0026style=flat-square\u0026query=data.attributes.patron_count\u0026suffix=%20patrons\u0026url=https%3A%2F%2Fwww.patreon.com%2Fapi%2Fcampaigns%2F233228","http://patreon.com/koistya"],"categories":[],"sub_categories":[],"readme":"# Web Auth Library\n\n[![NPM Version](https://img.shields.io/npm/v/web-auth-library?style=flat-square)](https://www.npmjs.com/package/web-auth-library)\n[![NPM Downloads](https://img.shields.io/npm/dm/web-auth-library?style=flat-square)](https://www.npmjs.com/package/web-auth-library)\n[![TypeScript](https://img.shields.io/badge/%3C%2F%3E-TypeScript-%230074c1.svg?style=flat-square)](http://www.typescriptlang.org/)\n[![Donate](https://img.shields.io/badge/dynamic/json?color=%23ff424d\u0026label=Patreon\u0026style=flat-square\u0026query=data.attributes.patron_count\u0026suffix=%20patrons\u0026url=https%3A%2F%2Fwww.patreon.com%2Fapi%2Fcampaigns%2F233228)](http://patreon.com/koistya)\n[![Discord](https://img.shields.io/discord/643523529131950086?label=Chat\u0026style=flat-square)](https://discord.gg/bSsv7XM)\n\nAuthentication library for Google Cloud, Firebase, and other cloud providers that uses standard [Web Crypto API](https://developer.mozilla.org/docs/Web/API/Web_Crypto_API) and runs in different environments and runtimes, including but not limited to:\n\n- [Bun](https://bun.sh/)\n- [Browsers](https://developer.mozilla.org/docs/Web/API/Web_Crypto_API)\n- [Cloudflare Workers](https://workers.cloudflare.com/)\n- [Deno](https://deno.land/)\n- [Electron](https://www.electronjs.org/)\n- [Node.js](https://nodejs.org/)\n- [Vercel's Edge Runtime](https://edge-runtime.vercel.app/)\n\nIt has minimum dependencies, small bundle size, and optimized for speed and performance.\n\n## Getting Stated\n\n```bash\n# Install using NPM\n$ npm install web-auth-library --save\n\n# Install using Yarn\n$ yarn add web-auth-library\n```\n\n## Usage Examples\n\n### Verify the user ID Token issued by Google or Firebase\n\n**NOTE**: The `credentials` argument in the examples below is expected to be a serialized JSON string of a [Google Cloud service account key](https://cloud.google.com/iam/docs/creating-managing-service-account-keys), `apiKey` is Google Cloud API Key (Firebase API Key), and `projectId` is a Google Cloud project ID.\n\n```ts\nimport { verifyIdToken } from \"web-auth-library/google\";\n\nconst token = await verifyIdToken({\n  idToken,\n  credentials: env.GOOGLE_CLOUD_CREDENTIALS,\n});\n\n// =\u003e {\n//   iss: 'https://securetoken.google.com/example',\n//   aud: 'example',\n//   auth_time: 1677525930,\n//   user_id: 'temp',\n//   sub: 'temp',\n//   iat: 1677525930,\n//   exp: 1677529530,\n//   firebase: {}\n// }\n```\n\n### Create an access token for accessing [Google Cloud APIs](https://developers.google.com/apis-explorer)\n\n```ts\nimport { getAccessToken } from \"web-auth-library/google\";\n\n// Generate a short lived access token from the service account key credentials\nconst accessToken = await getAccessToken({\n  credentials: env.GOOGLE_CLOUD_CREDENTIALS,\n  scope: \"https://www.googleapis.com/auth/cloud-platform\",\n});\n\n// Make a request to one of the Google's APIs using that token\nconst res = await fetch(\n  \"https://cloudresourcemanager.googleapis.com/v1/projects\",\n  {\n    headers: { Authorization: `Bearer ${accessToken}` },\n  }\n);\n```\n\n## Create a custom ID token using Service Account credentials\n\n```ts\nimport { getIdToken } from \"web-auth-library/google\";\n\nconst idToken = await getIdToken({\n  credentials: env.GOOGLE_CLOUD_CREDENTIALS,\n  audience: \"https://example.com\",\n});\n```\n\n## An alternative way passing credentials\n\nInstead of passing credentials via `options.credentials` argument, you can also let the library pick up credentials from the list of environment variables using standard names such as `GOOGLE_CLOUD_CREDENTIALS`, `GOOGLE_CLOUD_PROJECT`, `FIREBASE_API_KEY`, for example:\n\n```ts\nimport { verifyIdToken } from \"web-auth-library/google\";\n\nconst env = { GOOGLE_CLOUD_CREDENTIALS: \"...\" };\nconst token = await verifyIdToken({ idToken, env });\n```\n\n## Optimize cache renewal background tasks\n\nPass the optional `waitUntil(promise)` function provided by the target runtime to optimize the way authentication tokens are being renewed in background. For example, using Cloudflare Workers and [Hono.js](https://hono.dev/):\n\n```ts\nimport { Hono } from \"hono\";\nimport { verifyIdToken } from \"web-auth-library/google\";\n\nconst app = new Hono();\n\napp.get(\"/\", ({ env, executionCtx, json }) =\u003e {\n  const idToken = await verifyIdToken({\n    idToken: \"...\",\n    waitUntil: executionCtx.waitUntil,\n    env,\n  });\n\n  return json({ ... });\n})\n```\n\n## Backers 💰\n\n\u003ca href=\"https://reactstarter.com/b/1\"\u003e\u003cimg src=\"https://reactstarter.com/b/1.png\" height=\"60\" /\u003e\u003c/a\u003e\u0026nbsp;\u0026nbsp;\u003ca href=\"https://reactstarter.com/b/2\"\u003e\u003cimg src=\"https://reactstarter.com/b/2.png\" height=\"60\" /\u003e\u003c/a\u003e\u0026nbsp;\u0026nbsp;\u003ca href=\"https://reactstarter.com/b/3\"\u003e\u003cimg src=\"https://reactstarter.com/b/3.png\" height=\"60\" /\u003e\u003c/a\u003e\u0026nbsp;\u0026nbsp;\u003ca href=\"https://reactstarter.com/b/4\"\u003e\u003cimg src=\"https://reactstarter.com/b/4.png\" height=\"60\" /\u003e\u003c/a\u003e\u0026nbsp;\u0026nbsp;\u003ca href=\"https://reactstarter.com/b/5\"\u003e\u003cimg src=\"https://reactstarter.com/b/5.png\" height=\"60\" /\u003e\u003c/a\u003e\u0026nbsp;\u0026nbsp;\u003ca href=\"https://reactstarter.com/b/6\"\u003e\u003cimg src=\"https://reactstarter.com/b/6.png\" height=\"60\" /\u003e\u003c/a\u003e\u0026nbsp;\u0026nbsp;\u003ca href=\"https://reactstarter.com/b/7\"\u003e\u003cimg src=\"https://reactstarter.com/b/7.png\" height=\"60\" /\u003e\u003c/a\u003e\u0026nbsp;\u0026nbsp;\u003ca href=\"https://reactstarter.com/b/8\"\u003e\u003cimg src=\"https://reactstarter.com/b/8.png\" height=\"60\" /\u003e\u003c/a\u003e\n\n## Related Projects\n\n- [React Starter Kit](https://github.com/kriasoft/react-starter-kit) — front-end template for React and Relay using Jamstack architecture\n- [GraphQL API and Relay Starter Kit](https://github.com/kriasoft/graphql-starter) — monorepo template, pre-configured with GraphQL API, React, and Relay\n- [Cloudflare Workers Starter Kit](https://github.com/kriasoft/cloudflare-starter-kit) — TypeScript project template for Cloudflare Workers\n\n## How to Contribute\n\nYou're very welcome to [create a PR](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request)\nor send me a message on [Discord](https://discord.gg/bSsv7XM).\n\nIn order to unit test this library locally you will need [Node.js](https://nodejs.org/) v18+ with [corepack enabled](https://nodejs.org/api/corepack.html), a Google Cloud [service account key](https://cloud.google.com/iam/docs/keys-create-delete) ([here](https://console.cloud.google.com/iam-admin/serviceaccounts)) and Firebase API Key ([here](https://console.cloud.google.com/apis/credentials)) that you can save into the [`test/test.override.env`](./test/test.env) file, for example:\n\n```\nGOOGLE_CLOUD_PROJECT=example\nGOOGLE_CLOUD_CREDENTIALS={\"type\":\"service_account\",\"project_id\":\"example\",...}\nFIREBASE_API_KEY=AIzaSyAZEmdfRWvEYgZpwm6EBLkYJf6ySIMF3Hy\n```\n\nThen run unit tests via `yarn test [--watch]`.\n\n## License\n\nCopyright © 2022-present Kriasoft. This source code is licensed under the MIT license found in the\n[LICENSE](https://github.com/kriasoft/web-auth-library/blob/main/LICENSE) file.\n\n---\n\n\u003csup\u003eMade with ♥ by Konstantin Tarkus ([@koistya](https://twitter.com/koistya), [blog](https://medium.com/@koistya))\nand [contributors](https://github.com/kriasoft/web-auth-library/graphs/contributors).\u003c/sup\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkriasoft%2Fweb-auth-library","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkriasoft%2Fweb-auth-library","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkriasoft%2Fweb-auth-library/lists"}