JWT-KMS
Sign and validate JWT tokens using keys stored in the AWS Key Management Service (KMS).
Feature Todo List:
Symmetric encryption (both parties have IAM access to KMS key)- Asymmetic encryption (only 1 party has IAM access to KMS key)
Requirements
- node.js 6+
Installation
npm install jwt-kms
Usage
const JWTKMS = ; var jwtkms = aws: region: "us-east-1" accessKeyId : processenvAWS_ACCESS_KEY // Optional if set in environment secretAccessKey: processenvAWS_SECRET_KEY // Optional if set in environment ; // Create a JWT token using a KMS key identified by a key_arnjwtkms; // Create a JWT token using a KMS key identified by a key_arnjwtkms; // Verify that you have a valid JWT keyjwtkms; // Validate that you have a JWT key but **DOESN'T CHECK FOR AUTHENTICITY**jwtkms;// true jwtkms;// false jwtkms;// false // This is why you need to use jwtkms.verify to check a tokenjwtkms;// true
Testing
npm install mocha -g # if you don't have it installed already npm test
Credit
- Created by Jonathan Keebler
- Inspired by kms-jwt