Skip to content

Latest commit

 

History

History
289 lines (181 loc) · 8.28 KB

jwt_unsecured.UnsecuredJWT.md

File metadata and controls

289 lines (181 loc) · 8.28 KB
Raw

Class: UnsecuredJWT

💗 Help the project

Support from the community to continue maintaining and improving this module is welcome. If you find the module useful, please consider supporting the project by becoming a sponsor.

The UnsecuredJWT class is a utility for dealing with { "alg": "none" } Unsecured JWTs.

Example

Encoding

const unsecuredJwt = new jose.UnsecuredJWT({ 'urn:example:claim': true })
  .setIssuedAt()
  .setIssuer('urn:example:issuer')
  .setAudience('urn:example:audience')
  .setExpirationTime('2h')
  .encode()

console.log(unsecuredJwt)

Example

Decoding

const payload = jose.UnsecuredJWT.decode(jwt, {
  issuer: 'urn:example:issuer',
  audience: 'urn:example:audience',
})

console.log(payload)

Table of contents

Constructors

Methods

Constructors

constructor

new UnsecuredJWT(payload?): UnsecuredJWT

Parameters

Name Type Description
payload JWTPayload The JWT Claims Set object. Defaults to an empty object.

Returns

UnsecuredJWT

Methods

decode

Static decode<PayloadType>(jwt, options?): UnsecuredResult<PayloadType>

Decodes an unsecured JWT.

Type parameters

Name Type
PayloadType JWTPayload

Parameters

Name Type Description
jwt string Unsecured JWT to decode the payload of.
options? JWTClaimVerificationOptions JWT Claims Set validation options.

Returns

UnsecuredResult<PayloadType>

encode

encode(): string

Encodes the Unsecured JWT.

Returns

string

setAudience

setAudience(audience): UnsecuredJWT

Set the "aud" (Audience) Claim.

Parameters

Name Type Description
audience string | string[] "aud" (Audience) Claim value to set on the JWT Claims Set.

Returns

UnsecuredJWT

setExpirationTime

setExpirationTime(input): UnsecuredJWT

Set the "exp" (Expiration Time) Claim.

  • If a number is passed as an argument it is used as the claim directly.
  • If a Date instance is passed as an argument it is converted to unix timestamp and used as the claim.
  • If a string is passed as an argument it is resolved to a time span, and then added to the current unix timestamp and used as the claim.

Format used for time span should be a number followed by a unit, such as "5 minutes" or "1 day".

Valid units are: "sec", "secs", "second", "seconds", "s", "minute", "minutes", "min", "mins", "m", "hour", "hours", "hr", "hrs", "h", "day", "days", "d", "week", "weeks", "w", "year", "years", "yr", "yrs", and "y". It is not possible to specify months. 365.25 days is used as an alias for a year.

If the string is suffixed with "ago", or prefixed with a "-", the resulting time span gets subtracted from the current unix timestamp. A "from now" suffix can also be used for readability when adding to the current unix timestamp.

Parameters

Name Type Description
input string | number | Date "exp" (Expiration Time) Claim value to set on the JWT Claims Set.

Returns

UnsecuredJWT

setIssuedAt

setIssuedAt(input?): UnsecuredJWT

Set the "iat" (Issued At) Claim.

  • If no argument is used the current unix timestamp is used as the claim.
  • If a number is passed as an argument it is used as the claim directly.
  • If a Date instance is passed as an argument it is converted to unix timestamp and used as the claim.
  • If a string is passed as an argument it is resolved to a time span, and then added to the current unix timestamp and used as the claim.

Format used for time span should be a number followed by a unit, such as "5 minutes" or "1 day".

Valid units are: "sec", "secs", "second", "seconds", "s", "minute", "minutes", "min", "mins", "m", "hour", "hours", "hr", "hrs", "h", "day", "days", "d", "week", "weeks", "w", "year", "years", "yr", "yrs", and "y". It is not possible to specify months. 365.25 days is used as an alias for a year.

If the string is suffixed with "ago", or prefixed with a "-", the resulting time span gets subtracted from the current unix timestamp. A "from now" suffix can also be used for readability when adding to the current unix timestamp.

Parameters

Name Type Description
input? string | number | Date "iat" (Expiration Time) Claim value to set on the JWT Claims Set.

Returns

UnsecuredJWT

setIssuer

setIssuer(issuer): UnsecuredJWT

Set the "iss" (Issuer) Claim.

Parameters

Name Type Description
issuer string "Issuer" Claim value to set on the JWT Claims Set.

Returns

UnsecuredJWT

setJti

setJti(jwtId): UnsecuredJWT

Set the "jti" (JWT ID) Claim.

Parameters

Name Type Description
jwtId string "jti" (JWT ID) Claim value to set on the JWT Claims Set.

Returns

UnsecuredJWT

setNotBefore

setNotBefore(input): UnsecuredJWT

Set the "nbf" (Not Before) Claim.

  • If a number is passed as an argument it is used as the claim directly.
  • If a Date instance is passed as an argument it is converted to unix timestamp and used as the claim.
  • If a string is passed as an argument it is resolved to a time span, and then added to the current unix timestamp and used as the claim.

Format used for time span should be a number followed by a unit, such as "5 minutes" or "1 day".

Valid units are: "sec", "secs", "second", "seconds", "s", "minute", "minutes", "min", "mins", "m", "hour", "hours", "hr", "hrs", "h", "day", "days", "d", "week", "weeks", "w", "year", "years", "yr", "yrs", and "y". It is not possible to specify months. 365.25 days is used as an alias for a year.

If the string is suffixed with "ago", or prefixed with a "-", the resulting time span gets subtracted from the current unix timestamp. A "from now" suffix can also be used for readability when adding to the current unix timestamp.

Parameters

Name Type Description
input string | number | Date "nbf" (Not Before) Claim value to set on the JWT Claims Set.

Returns

UnsecuredJWT

setSubject

setSubject(subject): UnsecuredJWT

Set the "sub" (Subject) Claim.

Parameters

Name Type Description
subject string "sub" (Subject) Claim value to set on the JWT Claims Set.

Returns

UnsecuredJWT