An open API service indexing awesome lists of open source software.

https://github.com/stacks-network/jsontokens-js

Library for encoding, decoding, and verifying JSON Web Tokens (JWTs) in node.js
https://github.com/stacks-network/jsontokens-js

Last synced: over 1 year ago
JSON representation

Library for encoding, decoding, and verifying JSON Web Tokens (JWTs) in node.js

Awesome Lists containing this project

README

          

# JSON Tokens JS

[![CircleCI](https://img.shields.io/circleci/project/blockstack/jsontokens-js/master.svg)](https://circleci.com/gh/blockstack/jsontokens-js/tree/master)
[![npm](https://img.shields.io/npm/l/jsontokens.svg)](https://www.npmjs.com/package/jsontokens)
[![npm](https://img.shields.io/npm/v/jsontokens.svg)](https://www.npmjs.com/package/jsontokens)
[![npm](https://img.shields.io/npm/dm/jsontokens.svg)](https://www.npmjs.com/package/jsontokens)
[![Slack](https://img.shields.io/badge/join-slack-e32072.svg?style=flat)](http://slack.blockstack.org/)

node.js library for signing, decoding, and verifying JSON Web Tokens (JWTs) with the ES256K signature scheme (which uses the secp256k elliptic curve). This is currently the only supported signing and verification scheme for this library.

### Installation

```
npm install jsontokens
```

### Signing Tokens

```js
import { TokenSigner } from 'jsontokens'

const rawPrivateKey = '278a5de700e29faae8e40e366ec5012b5ec63d36ec77e8a2417154cc1d25383f'
const tokenPayload = {"iat": 1440713414.85}
const token = new TokenSigner('ES256K', rawPrivateKey).sign(tokenPayload)
```

### Creating Unsecured Tokens

```js
import { createUnsecuredToken } from 'jsontokens'

const unsecuredToken = createUnsecuredToken(tokenPayload)
```

### Decoding Tokens

```js
import { decodeToken } = from 'jsontokens'
const tokenData = decodeToken(token)
```

### Verifying Tokens

The TokenVerifier class will validate that a token is correctly signed. It does not perform checks on the claims in the payload (e.g., the `exp` field)--- checking the expiration field, etc., is left as a requirement for callers.

```js
import { TokenVerifier } from 'jsontokens'
const rawPublicKey = '03fdd57adec3d438ea237fe46b33ee1e016eda6b585c3e27ea66686c2ea5358479'
const verified = new TokenVerifier('ES256K', rawPublicKey).verify(token)
```

### Example Tokens

```text
eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk
```