json-web-token

JSON Web Token (JWT) is a compact token format intended for space constrained environments such as HTTP Authorization headers and URI query parameters.

Downloads in past

Stats

StarsIssuesVersionUpdatedCreatedSize
json-web-token
3403.2.04 years ago10 years agoMinified + gzip package size for json-web-token in KB

Readme

json-web-token
JWT encode and decode for Node.js that can use callbacks or by returning an object {error:, value:}
WIKI
JSON Web Token (JWT) is a compact URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JavaScript Object Notation (JSON) object that is used as the payload of a JSON Web Signature (JWS) structure or as the plaintext of a JSON Web Encryption (JWE) structure, enabling the claims to be digitally signed or MACed and/or encrypted.
info & more info

Build StatusCode Coverage 100%ISC License
the version 2.*.* should work only for NodeJS >= 4 for NodeJS 0.10 and 0.12 should install the version 1.6.3

API

jwt#encode(key, payload, algorithm, cb)
  • key, your secret
  • payload, the payload or Claim Names or an object with {payload, header}

ex:
{
   "iss": "my_issurer",
  "aud": "World",
  "iat": 1400062400223,
  "typ": "/online/transactionstatus/v2",
  "request": {
    "myTransactionId": "[myTransactionId]",
    "merchantTransactionId": "[merchantTransactionId]",
    "status": "SUCCESS"
  }
}

attention that exists some reserved claim names (like "iss", "iat", etc..) check in here for more info about JWT Claims.
  • algorithm, default to 'sha256', use jwt#getAlgorithms() to get the supported algorithms
  • cb, the callback(errname, message, token)
jwt#decode(key, token, cb)

Example

var jwt = require('json-web-token');

var payload = {
  "iss": "my_issurer",
  "aud": "World",
  "iat": 1400062400223,
  "typ": "/online/transactionstatus/v2",
  "request": {
    "myTransactionId": "[myTransactionId]",
    "merchantTransactionId": "[merchantTransactionId]",
    "status": "SUCCESS"
  }
};

var secret = 'TOPSECRETTTTT';

// encode
jwt.encode(secret, payload, function (err, token) {
  if (err) {
    console.error(err.name, err.message);
  } else {
    console.log(token);

    // decode
    jwt.decode(secret, token, function (err_, decodedPayload, decodedHeader) {
      if (err) {
        console.error(err.name, err.message);
      } else {
        console.log(decodedPayload, decodedHeader);
      }
    });
  }
});

using the optional reserved headers
(alg and typ can't be set using this method)
var settingAddHeaders = {
  payload: {
    "iss": "my_issurer",
    "aud": "World",
    "iat": 1400062400223,
    "typ": "/online/transactionstatus/v2",
    "request": {
      "myTransactionId": "[myTransactionId]",
      "merchantTransactionId": "[merchantTransactionId]",
      "status": "SUCCESS"
    }
  },
  header: {
    kid: 'key ID'
  }
}

jwt.encode(secret, settingAddHeaders, function (err, token) {

})

this projet has been set up with a precommit that forces you to follow a code style, no jshint issues and 100% of code coverage before commit

to run test
npm test

to run jshint
npm run lint

to run code style
npm run style

to run code coverage
npm run coverage

to open the code coverage report
npm run coverage:open

to run benchmarks
npm run bench

to run the source complexity tool
npm run complexity

to open the complexity report
npm run complexity:open