How to use the jws.decode function in jws
To help you get started, we’ve selected a few jws examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
AzureAD / passport-azure-ad / lib / bearerstrategy.js View on Github 
Strategy.prototype.jwtVerify = function jwtVerifyFunc(req, token, metadata, optionsToValidate, done) {
const self = this;
const decoded = jws.decode(token);
let PEMkey = null;
if (decoded == null) {
return done(null, false, 'In Strategy.prototype.jwtVerify: Invalid JWT token.');
}
log.info('In Strategy.prototype.jwtVerify: token decoded: ', decoded);
// When we generate the PEMkey, there are two different types of token signatures
// we have to validate here. One provides x5t and the other a kid. We need to call
// the right one.
try {
if (decoded.header.x5t) {
PEMkey = metadata.generateOidcPEM(decoded.header.x5t);
} else if (decoded.header.kid) {
PEMkey = metadata.generateOidcPEM(decoded.header.kid);function unpackJWS (signature, callback) {
const parts = jws.decode(signature);
if (!parts)
return callback(makeError('jws-decode'));
if (/^hs/i.test(parts.header.alg))
return callback(makeError('jws-algorithm'));
const payload = jsonParse(parts.payload);
if (!payload)
return callback(makeError('jws-payload-parse'));
payload.header = parts.header;
return callback(null, payload);
}function printProfile (name, profile, details) {
console.log('Profile: '.blue, name.green);
console.log('URL: '.blue, profile.url);
console.log('Container: '.blue, profile.container);
console.log('Token: '.blue, profile.token);
if (details) {
var json = JSON.parse(Jws.decode(profile.token).payload);
var keys = Object.keys(json).sort();
keys.forEach(function (key) {
var name = 'Token.' + key + ':';
while (name.length < 11) name += ' ';
console.log(name.blue, json[key]);
});
}
}return done(new JsonWebTokenError('secret or public key must be provided'));
}
if (!options.algorithms) {
options.algorithms = ~secretOrPublicKey.toString().indexOf('BEGIN CERTIFICATE') ||
~secretOrPublicKey.toString().indexOf('BEGIN PUBLIC KEY') ?
[ 'RS256','RS384','RS512','ES256','ES384','ES512' ] :
~secretOrPublicKey.toString().indexOf('BEGIN RSA PUBLIC KEY') ?
[ 'RS256','RS384','RS512' ] :
[ 'HS256','HS384','HS512' ];
}
var decodedToken;
try {
decodedToken = jws.decode(jwtString);
} catch(err) {
return done(new JsonWebTokenError('invalid token'));
}
if (!decodedToken) {
return done(new JsonWebTokenError('invalid token'));
}
var header = decodedToken.header;
if (!~options.algorithms.indexOf(header.alg)) {
return done(new JsonWebTokenError('invalid algorithm'));
}
var valid;var version = data.raw.version;
if (isJson(input)) {
input = JSON.parse(input);
}
if (isObject(input)) {
if (typeof input.verify !== 'undefined' && input.verify.type !== 'undefined' && input.verify.type !== 'hosted' || type === 'signed') {
return next(makeError('verify-type-mismatch', 'when `verify.type` is "signed", a JWS signature is expected', { input: input }));
}
return callback(input, version, 'hosted');
}
else if (typeof input === 'string') {
if (isSignedBadge(input)) {
if (type === 'hosted') {
return next(makeError('verify-type-mismatch', 'when `verify.type` is "hosted", a url or assertion object is required, received JWS signature', { input: input }));
}
const decoded = jws.decode(input);
if (!decoded) {
return next(makeError('jws-decode', 'Unable to decode JWS signature', { input: input }));
}
return callback(jsonParse(decoded.payload), version, 'signed');
}
if (isUrl(input)) {
resources.getUrl({url: input, json: true, required: true}, function (ex, result) {
if (result.error) {
result.error.field = 'assertion';
return next(result.error);
} else {
var assertion = result.body;
if (isJson(assertion)) {
assertion = JSON.parse(assertion);
}
if (!isObject(assertion)) {options.algorithms = ['none'];
}
if (!options.algorithms) {
options.algorithms = ~secretOrPublicKey.toString().indexOf('BEGIN CERTIFICATE') ||
~secretOrPublicKey.toString().indexOf('BEGIN PUBLIC KEY') ?
[ 'RS256','RS384','RS512','ES256','ES384','ES512' ] :
~secretOrPublicKey.toString().indexOf('BEGIN RSA PUBLIC KEY') ?
[ 'RS256','RS384','RS512' ] :
[ 'HS256','HS384','HS512' ];
}
var decodedToken;
try {
decodedToken = jws.decode(jwtString);
} catch(err) {
return done(err);
}
if (!decodedToken) {
return done(new JsonWebTokenError('invalid token'));
}
var header = decodedToken.header;
if (!~options.algorithms.indexOf(header.alg)) {
return done(new JsonWebTokenError('invalid algorithm'));
}
var valid;module.exports.decode = function(payload, secret) {
if (!jws.verify(payload, 'HS256', secret)) {
return null
}
var decoded = jws.decode(payload, {
json: true
})
, exp = decoded.header.exp
if (exp && exp <= Date.now()) {
return null
}
return decoded.payload
}JWT.decode = function (jwt, options) {
options = options || {};
var decoded = jws.decode(jwt, options);
if (!decoded) { return null; }
var payload = decoded.payload;
//try parse the payload
if(typeof payload === 'string') {
try {
var obj = JSON.parse(payload);
if(typeof obj === 'object') {
payload = obj;
}
} catch (e) { }
}
//return header if `complete` option is enabled. header includes claims
//such as `kid` and `alg` used to select the key within a JWKS needed to
//verify the signaturerender() {
const { token } = this.state;
const expUnix = token ? JSON.parse(jws.decode(token).payload).exp : 0;
const tokenExpiration = token
? new Date(expUnix * 1000).toString()
: 'unknown';
return (
<h4>
{' '}
{token.length > 0 ? (
{</h4>
