How to use the jsrsasign.KJUR.jws function in jsrsasign
To help you get started, we’ve selected a few jsrsasign examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
damienbod / AspNetCoreIdentityServer4Persistence / ClientOne / angularApp / app / auth / services / oidc.security.validation.ts View on Github 
'no keys found, incorrect Signature, validation failed for id_token'
);
return false;
} else if (amountOfMatchingKeys > 1) {
this.loggerService.logWarning(
'no ID Token kid claim in JOSE header and multiple supplied in jwks_uri'
);
return false;
} else {
for (const key of jwtkeys.keys) {
if (
(key.kty as string) === 'RSA' &&
(key.use as string) === 'sig'
) {
const publickey = KEYUTIL.getKey(key);
isValid = KJUR.jws.JWS.verify(id_token, publickey, [
'RS256'
]);
if (!isValid) {
this.loggerService.logWarning(
'incorrect Signature, validation failed for id_token'
);
}
return isValid;
}
}
}
} else {
// kid in the Jose header of id_token
for (const key of jwtkeys.keys) {
if ((key.kid as string) === (kid as string)) {
const publickey = KEYUTIL.getKey(key);if (key.kty as string === 'RSA' && key.use as string === 'sig') {
const publickey = KEYUTIL.getKey(key);
isValid = KJUR.jws.JWS.verify(id_token, publickey, ['RS256']);
if (!isValid) {
this.oidcSecurityCommon.logWarning('incorrect Signature, validation failed for id_token');
}
return isValid;
}
}
}
} else {
// kid in the Jose header of id_token
for (const key of jwtkeys.keys) {
if (key.kid as string === kid as string) {
const publickey = KEYUTIL.getKey(key);
isValid = KJUR.jws.JWS.verify(id_token, publickey, ['RS256']);
if (!isValid) {
this.oidcSecurityCommon.logWarning('incorrect Signature, validation failed for id_token');
}
return isValid;
}
}
}
return isValid;
}if ((key.kty as string) === 'RSA' && (key.use as string) === 'sig') {
amountOfMatchingKeys = amountOfMatchingKeys + 1;
}
}
if (amountOfMatchingKeys === 0) {
this.loggerService.logWarning('no keys found, incorrect Signature, validation failed for id_token');
return false;
} else if (amountOfMatchingKeys > 1) {
this.loggerService.logWarning('no ID Token kid claim in JOSE header and multiple supplied in jwks_uri');
return false;
} else {
for (const key of jwtkeys.keys) {
if ((key.kty as string) === 'RSA' && (key.use as string) === 'sig') {
const publickey = KEYUTIL.getKey(key);
isValid = KJUR.jws.JWS.verify(id_token, publickey, ['RS256']);
if (!isValid) {
this.loggerService.logWarning('incorrect Signature, validation failed for id_token');
}
return isValid;
}
}
}
} else {
// kid in the Jose header of id_token
for (const key of jwtkeys.keys) {
if ((key.kid as string) === (kid as string)) {
const publickey = KEYUTIL.getKey(key);
isValid = KJUR.jws.JWS.verify(id_token, publickey, ['RS256']);
if (!isValid) {
this.loggerService.logWarning('incorrect Signature, validation failed for id_token');
}var publickey = KEYUTIL.getKey(key);
isValid = KJUR.jws.JWS.verify(id_token, publickey, ['RS256']);
if (!isValid) {
this.loggerService.logWarning('incorrect Signature, validation failed for id_token');
}
return isValid;
}
}
}
}
else {
for (var _d = 0, _e = jwtkeys.keys; _d < _e.length; _d++) {
var key = _e[_d];
if (key.kid === kid) {
var publickey = KEYUTIL.getKey(key);
isValid = KJUR.jws.JWS.verify(id_token, publickey, ['RS256']);
if (!isValid) {
this.loggerService.logWarning('incorrect Signature, validation failed for id_token');
}
return isValid;
}
}
}
return isValid;
};
OidcSecurityValidation.prototype.config_validate_response_type = function (response_type) {jsrsasign
opensource free pure JavaScript cryptographic library supports RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp and CAdES and JSON Web Signature(JWS)/Token(JWT)/Key(JWK)
Package Health Score
74 / 100Popular jsrsasign functions
- jsrsasign.asn1
- jsrsasign.ASN1HEX
- jsrsasign.b64utoutf8
- jsrsasign.BigInteger
- jsrsasign.crypto
- jsrsasign.hextob64u
- jsrsasign.hextorstr
- jsrsasign.jws
- jsrsasign.jws.IntDate
- jsrsasign.jws.JWS
- jsrsasign.KEYUTIL
- jsrsasign.KEYUTIL.getJWKFromKey
- jsrsasign.KEYUTIL.getKey
- jsrsasign.KEYUTIL.getKeyFromPlainPrivatePKCS8PEM
- jsrsasign.KJUR
- jsrsasign.KJUR.crypto
- jsrsasign.KJUR.jws
- jsrsasign.SecureRandom
- jsrsasign.stob64
- jsrsasign.X509