@fxjs/jws

NOTE: this is one fork version of fib-jws, fib-jws cannot run on fibjs >= 0.26.0, but xilion was addicted to fibos recently so we re-publish another package to make it available.

An implementation of JSON Web Signatures.

Install

$ npm install @fxjs/jws

Usage

jws.ALGORITHMS

Array of supported algorithms. The following algorithms are currently supported.

jws.sign(header, payload, key)

Return a JSON Web Signature for a header and a payload.

Arguments:

• header
• payload
• key

header must be an object with an alg property. header.alg must be one a value found in jws.ALGORITHMS. See above for a table of supported algorithms.

If payload will be coerced into a string using JSON.stringify.

key is a hex encoded string or buffer containing either the secret for HMAC algorithms, or the PEM encoded public key for RSA and ECDSA.

Example

const signature = jws.sign(
  // header
  { alg: 'HS256' },
  // payload
  { id: 12345, name: "Frank" },
  // secret
  '98DE76B1',
);

jws.verify(signature, key, acceptAlgs)

Returnstrue or false for whether a signature matches a secret or key.

signature is a JWS Signature. header.alg must be a value found in jws.ALGORITHMS. See above for a table of supported algorithms. key is a hex encoded string or buffer containing either the secret for HMAC algorithms, or the PEM encoded public key for RSA and ECDSA.

acceptAlgs is a list of what algorithms are accepted.

jws.decode(signature)

Returns the decoded header, decoded payload, and signature parts of the JWS Signature.

Returns an object with three properties, e.g.

{
  header: { alg: 'HS256' },
  payload: { id: 12345, name: "Frank" }
}