How to use the njwt.verify function in njwt
To help you get started, we’ve selected a few njwt examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
aws-samples / aws-serverless-subscription-service-node / paywall.js View on Github 
exports.handler = (event, context, callback) => {
const request = event.Records[0].cf.request;
console.log(JSON.stringify(request));
const parsedCookies = parseCookies(request.headers);
if (parsedCookies && parsedCookies['londonsheriff-Token'] && request.uri == "/articles") {
console.log('Cookie present');
const jwtToken = parsedCookies['londonsheriff-Token'];
const b64string = config.web.base64SigningKey;
const verifiedToken = nJwt.verify(jwtToken, b64string);
// TODO: Decide what to do when the passed token is not valid or expired
const userDetails = jwtToken.split('.')[1];
console.log(userDetails);
console.log(Buffer.from(userDetails, 'base64').toString('ascii'));
let userToken = JSON.parse(Buffer.from(userDetails, 'base64').toString('ascii'));
const userName = userToken.sub;
const scope = userToken.scope;
let templateUrl = TEMPLATE_URL;
http.get(templateUrl, (res) => {
var content = '';
res.on('data', (chunk) => { content += chunk; });
res.on('end', () => {function getTokenResource(compactToken, callback) {
nJwt.verify(compactToken, jwtSigningKey, function (err, parsedToken) {
if (err) {
return callback(); // Ignore failure, means token is already invalid
}
var tokenType = parsedToken.header.stt;
var tokenId = parsedToken.body.jti;
loadTokenForUser(tokenId, tokenType, callback);
});
}},function(err, value){
result = [err, value];
decodedAccessToken = nJwt.verify(
result[1].tokenResponse.access_token,
client._dataStore.requestExecutor.options.client.apiKey.secret,
'HS256'
);
var requestedScopes = requestedScope.split(' ');
assert.equal(scopeFactoryArgs[1][0], requestedScopes[0]);
assert.equal(scopeFactoryArgs[1][1], requestedScopes[1]);
done();
});
});builder.build(options, function (err, resultUrl) {
assert.isNull(err);
assert.isOk(resultUrl);
var parsedUrl = url.parse(resultUrl, true);
var secret = application.dataStore.requestExecutor.options.client.apiKey.secret;
assert.isDefined(parsedUrl.query.accessToken);
var jwt = nJwt.verify(parsedUrl.query.accessToken, secret);
assert.equal(jwt.body.cb_uri, options.cb_uri);
assert.equal(jwt.body.onsk, options.onsk);
assert.equal(jwt.body.ash, options.ash);
assert.equal(jwt.body.state, options.state);
done();
});
});},function(err,value){
result = [err,value];
decodedAccessToken = nJwt.verify(result[1].tokenResponse.access_token,
client._dataStore.requestExecutor.options.client.apiKey.secret,'HS256');
done();
});
});Application.prototype._decodeJwt = function _decodeJwt(str,secret){
var jwtObject;
try{
jwtObject = njwt.verify(str, secret);
return jwtObject;
}
catch(e){
return e;
}
};return new Promise((resolve, reject) => {
njwt.verify(token, secretKey, function(err, decodedToken) {
if (err) {
return reject(err)
}
return resolve(decodedToken)
})
})
}};
}
/**
* @name JwtAuthenticationResult#refreshToken
*
* @description
*
* An object that allows you to inspect the body, claims, and header of the
* access token.
*
* @type {Jwt}
*/
if(this.refreshToken){
this.refreshToken = nJwt.verify(this.refreshToken, apiKey.secret);
}
}
