JSON Tokens JS
node.js library for signing, decoding, and verifying JSON Web Tokens (JWTs) with the ES256K signature scheme (which uses the secp256k elliptic curve). This is currently the only supported signing and verification scheme for this library.
Installation
npm install jsontokens
Signing Tokens
import { TokenSigner } from 'jsontokens'
const rawPrivateKey = '278a5de700e29faae8e40e366ec5012b5ec63d36ec77e8a2417154cc1d25383f'
const tokenPayload = {"iat": 1440713414.85}
const token = new TokenSigner('ES256K', rawPrivateKey).sign(tokenPayload)
Creating Unsecured Tokens
import { createUnsecuredToken } from 'jsontokens'
const unsecuredToken = createUnsecuredToken(tokenPayload)
Decoding Tokens
import { decodeToken } = from 'jsontokens'
const tokenData = decodeToken(token)
Verifying Tokens
The TokenVerifier class will validate that a token is correctly signed. It does not perform checks on the claims in the payload (e.g., the exp
field)--- checking the expiration field, etc., is left as a requirement for callers.
import { TokenVerifier } from 'jsontokens'
const rawPublicKey = '03fdd57adec3d438ea237fe46b33ee1e016eda6b585c3e27ea66686c2ea5358479'
const verified = new TokenVerifier('ES256K', rawPublicKey).verify(token)
Example Tokens
eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk