How to use the jws.decode function in jws

To help you get started, we’ve selected a few jws examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github AzureAD / passport-azure-ad / lib / bearerstrategy.js View on Github external
Strategy.prototype.jwtVerify = function jwtVerifyFunc(req, token, metadata, optionsToValidate, done) {
  const self = this;

  const decoded = jws.decode(token);
  let PEMkey = null;

  if (decoded == null) {
    return done(null, false, 'In Strategy.prototype.jwtVerify: Invalid JWT token.');
  }

  log.info('In Strategy.prototype.jwtVerify: token decoded:  ', decoded);

  // When we generate the PEMkey, there are two different types of token signatures
  // we have to validate here. One provides x5t and the other a kid. We need to call 
  // the right one.
  try {
    if (decoded.header.x5t) {
      PEMkey = metadata.generateOidcPEM(decoded.header.x5t);
    } else if (decoded.header.kid) {
      PEMkey = metadata.generateOidcPEM(decoded.header.kid);
github mozilla / openbadges-validator / index.js View on Github external
function unpackJWS (signature, callback) {
  const parts = jws.decode(signature);
  if (!parts)
    return callback(makeError('jws-decode'));
  if (/^hs/i.test(parts.header.alg))
    return callback(makeError('jws-algorithm'));
  const payload = jsonParse(parts.payload);
  if (!payload)
    return callback(makeError('jws-payload-parse'));
  payload.header = parts.header;
  return callback(null, payload);
}
github auth0 / wt-cli / bin / profile.js View on Github external
function printProfile (name, profile, details) {
    console.log('Profile:   '.blue, name.green);
    console.log('URL:       '.blue, profile.url);
    console.log('Container: '.blue, profile.container);
    console.log('Token:     '.blue, profile.token);
    if (details) {
        var json = JSON.parse(Jws.decode(profile.token).payload);
        var keys = Object.keys(json).sort();
        keys.forEach(function (key) {
            var name = 'Token.' + key + ':';
            while (name.length < 11) name += ' ';
            console.log(name.blue, json[key]);
        });
    }
}
github dpricha89 / cloudsu / node_modules / jsonwebtoken / index.js View on Github external
return done(new JsonWebTokenError('secret or public key must be provided'));
  }

  if (!options.algorithms) {
    options.algorithms = ~secretOrPublicKey.toString().indexOf('BEGIN CERTIFICATE') ||
                         ~secretOrPublicKey.toString().indexOf('BEGIN PUBLIC KEY') ?
                          [ 'RS256','RS384','RS512','ES256','ES384','ES512' ] :
                         ~secretOrPublicKey.toString().indexOf('BEGIN RSA PUBLIC KEY') ?
                          [ 'RS256','RS384','RS512' ] :
                          [ 'HS256','HS384','HS512' ];

  }

  var decodedToken;
  try {
    decodedToken = jws.decode(jwtString);
  } catch(err) {
    return done(new JsonWebTokenError('invalid token'));
  }

  if (!decodedToken) {
    return done(new JsonWebTokenError('invalid token'));
  }

  var header = decodedToken.header;

  if (!~options.algorithms.indexOf(header.alg)) {
    return done(new JsonWebTokenError('invalid algorithm'));
  }

  var valid;
github mozilla / openbadges-validator / index.js View on Github external
var version = data.raw.version;
  if (isJson(input)) {
    input = JSON.parse(input);
  }
  if (isObject(input)) {
    if (typeof input.verify !== 'undefined' && input.verify.type !== 'undefined' && input.verify.type !== 'hosted' || type === 'signed') {
      return next(makeError('verify-type-mismatch', 'when `verify.type` is "signed", a JWS signature is expected', { input: input }));
    }
    return callback(input, version, 'hosted');
  }
  else if (typeof input === 'string') {
    if (isSignedBadge(input)) {
      if (type === 'hosted') {
        return next(makeError('verify-type-mismatch', 'when `verify.type` is "hosted", a url or assertion object is required, received JWS signature', { input: input }));
      }
      const decoded = jws.decode(input);
      if (!decoded) {
        return next(makeError('jws-decode', 'Unable to decode JWS signature', { input: input }));
      }
      return callback(jsonParse(decoded.payload), version, 'signed');
    }
    if (isUrl(input)) {
      resources.getUrl({url: input, json: true, required: true}, function (ex, result) {
        if (result.error) {
          result.error.field = 'assertion';
          return next(result.error);
        } else {
          var assertion = result.body;
          if (isJson(assertion)) {
            assertion = JSON.parse(assertion);
          }
          if (!isObject(assertion)) {
github onmyway133 / PushNotifications / node_modules / jsonwebtoken / verify.js View on Github external
options.algorithms = ['none'];
  }

  if (!options.algorithms) {
    options.algorithms = ~secretOrPublicKey.toString().indexOf('BEGIN CERTIFICATE') ||
                         ~secretOrPublicKey.toString().indexOf('BEGIN PUBLIC KEY') ?
                          [ 'RS256','RS384','RS512','ES256','ES384','ES512' ] :
                         ~secretOrPublicKey.toString().indexOf('BEGIN RSA PUBLIC KEY') ?
                          [ 'RS256','RS384','RS512' ] :
                          [ 'HS256','HS384','HS512' ];

  }

  var decodedToken;
  try {
    decodedToken = jws.decode(jwtString);
  } catch(err) {
    return done(err);
  }

  if (!decodedToken) {
    return done(new JsonWebTokenError('invalid token'));
  }

  var header = decodedToken.header;

  if (!~options.algorithms.indexOf(header.alg)) {
    return done(new JsonWebTokenError('invalid algorithm'));
  }

  var valid;
github openstf / stf / lib / util / jwtutil.js View on Github external
module.exports.decode = function(payload, secret) {
  if (!jws.verify(payload, 'HS256', secret)) {
    return null
  }

  var decoded = jws.decode(payload, {
        json: true
      })
    , exp = decoded.header.exp

  if (exp && exp <= Date.now()) {
    return null
  }

  return decoded.payload
}
github dpricha89 / cloudsu / node_modules / jsonwebtoken / index.js View on Github external
JWT.decode = function (jwt, options) {
  options = options || {};
  var decoded = jws.decode(jwt, options);
  if (!decoded) { return null; }
  var payload = decoded.payload;

  //try parse the payload
  if(typeof payload === 'string') {
    try {
      var obj = JSON.parse(payload);
      if(typeof obj === 'object') {
        payload = obj;
      }
    } catch (e) { }
  }

  //return header if `complete` option is enabled.  header includes claims
  //such as `kid` and `alg` used to select the key within a JWKS needed to
  //verify the signature
github hymm / squid-tracks / src / settings.js View on Github external
render() {
    const { token } = this.state;
    const expUnix = token ? JSON.parse(jws.decode(token).payload).exp : 0;
    const tokenExpiration = token
      ? new Date(expUnix * 1000).toString()
      : 'unknown';

    return (
      
        <h4>
          {' '}
          {token.length &gt; 0 ? (
             {</h4>

jws

Implementation of JSON Web Signatures

MIT
Latest version published 5 years ago

Package Health Score

74 / 100
Full package analysis