{"id":13555183,"url":"https://github.com/xtuple/oauth2orize-jwt-bearer","last_synced_at":"2025-04-03T08:30:30.460Z","repository":{"id":7582943,"uuid":"8938413","full_name":"xtuple/oauth2orize-jwt-bearer","owner":"xtuple","description":"This repository contains the source code for the JSON Web Token (JWT) bearer token exchange middleware for OAuth2orize.","archived":false,"fork":false,"pushed_at":"2023-11-06T18:41:09.000Z","size":10,"stargazers_count":81,"open_issues_count":6,"forks_count":24,"subscribers_count":7,"default_branch":"master","last_synced_at":"2024-04-25T23:04:42.606Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/xtuple.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2013-03-21T20:52:04.000Z","updated_at":"2023-08-21T20:29:55.000Z","dependencies_parsed_at":"2024-01-24T12:14:25.711Z","dependency_job_id":null,"html_url":"https://github.com/xtuple/oauth2orize-jwt-bearer","commit_stats":{"total_commits":7,"total_committers":4,"mean_commits":1.75,"dds":0.4285714285714286,"last_synced_commit":"5ba421fd9eeb5d74f038e4781c158dac01898161"},"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xtuple%2Foauth2orize-jwt-bearer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xtuple%2Foauth2orize-jwt-bearer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xtuple%2Foauth2orize-jwt-bearer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xtuple%2Foauth2orize-jwt-bearer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/xtuple","download_url":"https://codeload.github.com/xtuple/oauth2orize-jwt-bearer/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246965374,"owners_count":20861853,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T12:03:04.257Z","updated_at":"2025-04-03T08:30:29.869Z","avatar_url":"https://github.com/xtuple.png","language":"JavaScript","funding_links":[],"categories":["JavaScript","others"],"sub_categories":[],"readme":"oauth2orize-jwt-bearer\n======================\n\nJSON Web Token (JWT) Bearer Token Exchange Middleware for [OAuth2orize](https://github.com/jaredhanson/oauth2orize).\n\nThis module exchanges a JWT for an access token after authenticated, as [defined](http://tools.ietf.org/html/draft-jones-oauth-jwt-bearer-01#section-2.1) by the JSON Web Token (JWT) Bearer Token Profiles for OAuth 2.0 draft.  This module is modeled off of Google's OAuth 2.0 [Server to Server Applications](https://developers.google.com/accounts/docs/OAuth2ServiceAccount).  This module can be used with the [passport-oauth2-jwt-bearer](https://github.com/xtuple/passport-oauth2-jwt-bearer) module to create a JWT OAuth 2.0 exchange scenario server.\n\n## Install\n\n    $ npm install oauth2orize-jwt-bearer\n\n## Usage\n\n#### Register Exchange Middleware\n\nThis exchange middleware is used to by clients to request an access token by using a JSON Web Token (JWT) generated by the client and verified by a Public Key stored on the OAuth 2.0 server.  The exchange requires a verify callback, which accepts the client, JWT data and signature, then calls done providing a access token. \n\n##### Key Generation Tips\ngenerate private key\nopenssl genrsa -out private.pem 1024 \n\nabstract public key\nopenssl rsa -in private.pem -out public.pem -outform PEM -pubout \n\nsign the data\nsigning data: echo -n \"data-to-sign\" | openssl dgst -RSA-SHA256 -sign private.pem \u003e signed \n\nconvert the signed file (binary) into base64 to be sent.\nbase64 signed\n\n```javascript\nvar jwtBearer = require('oauth2orize-jwt-bearer').Exchange;\n\nserver.exchange('urn:ietf:params:oauth:grant-type:jwt-bearer', jwtBearer(function(client, data, signature, done) {\n var crypto = require('crypto')\n   , fs = require('fs') //load file system so you can grab the public key to read.\n   , pub = fs.readFileSync('/path/to/public.pem').toString() //load PEM format public key as string, should be clients public key\n   , verifier = crypto.createVerify(\"RSA-SHA256\");\n\n //verifier.update takes in a string of the data that is encrypted in the signature  \n verifier.update(JSON.stringify(data));\n\n if (verifier.verify(pub, signature, 'base64')) {\n   //base64url decode data \n   var b64string = data;\n   var buf = new Buffer(b64string, 'base64').toString('ascii');\n \n   // TODO - verify client_id, scope and expiration are valid from the buf variable above\n\n   AccessToken.create(client, scope, function(err, accessToken) {\n     if (err) { return done(err); }\n     done(null, accessToken);\n   });\n }\n}));\n```\n\n## Tests\n\n    $ npm install --dev\n    $ make test\n\n## Credits\n\n  - [bendiy](http://github.com/bendiy)\n\n## License\n\n[The MIT License](http://opensource.org/licenses/MIT)\n\nCopyright (c) 2012-2013 xTuple \u003c[http://www.xtuple.com/](http://www.xtuple.com/)\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxtuple%2Foauth2orize-jwt-bearer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fxtuple%2Foauth2orize-jwt-bearer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxtuple%2Foauth2orize-jwt-bearer/lists"}