Skip to content
/ keylab Public

Keylab is a Node.js library designed to simplify the creation and validation of JSON Web Tokens, eliminating the need for prior knowledge in cryptography.

License

Notifications You must be signed in to change notification settings

authdog/keylab

Repository files navigation

keylab

codecov npm version code style: prettier bundle size

Keylab is a Node.js library designed to simplify the creation and validation of JSON Web Tokens, eliminating the need for prior knowledge in cryptography.

Install

with yarn

yarn add keylab

with pnpm

pnpm add keylab

with npm

npm install keylab

Get Started

Signin a Token with a Private key

// ES256

import {getKeyPair, signJwtWithPrivateKey, Algs} from "keylab"

const keyPairES256 = await getKeyPair({
    keyFormat: "pem",
    algorithmIdentifier: Algs?.ES256,
    keySize: 4096
});

const signedPayloadEs256 = await signJwtWithPrivateKey(
    {
        aid: "12345",
        sub: "sub:12345",
        iss: "issuer:12345",
        aud: ["aud:12345"],
        scp: ["a", "b:c", "d"].join(" ")
    },
    Algs.ES256,
    keyPairES256.privateKey
);

Verify a token with private key (symetric)

  • HS256
import {verifyHSTokenWithSecretString, Algs} from "keylab"

const isVerified = await verifyHSTokenWithSecretString(
    signedToken,
    SECRET_STRING,
    Algs.HS256
);

Verify a token with a public OpenID endpoint (asymetric)

  • ES512
import {checkTokenValidness} from "keylab"

const signedPayloadEs512 = "ey.....";
const jwksUri = "https://id.authdog.com/oidc/.well-known/jwks.json";

const isValid = await checkTokenValidness(
    signedPayloadEs512,
    {
        jwksUri
    }
);

Changelog

  • 0.1.32: Leverage Adhoc keys
  • 0.1.31: Bump jose dependency, fix fetch in Jest, enable Ed25519, Ed448
  • 0.1.30: Fix support for adhoc jwks
  • 0.1.26: Remove fetchJwksWithUri, remove node-fetch dependency
  • 0.1.20: Improve Cloudflare Workers compatibility for verify
  • 0.1.19: Export getKeyPair
  • 0.1.18: Export pemToJwk
  • 0.1.14: Extract alg to verify token with PEM
  • 0.1.13: Validate tokens signed with PEM
  • 0.1.12:
  • Remove jws from dependencies
  • improve compatibility with Cloudflare Workers
  • 0.1.11: Add support for keyid injection in jwt header (required for Apple OAuth2.0 flow)
  • 0.0.0: JWT signed with a JSON Web Key can be "ad-hoc" validated
  • 0.0.0: verifyRSATokenWithUri has been replaced with verifyRSAToken

Issue Reporting

If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.

References

License

This project is licensed under the MIT license. See the LICENSE file for more info.

About

Keylab is a Node.js library designed to simplify the creation and validation of JSON Web Tokens, eliminating the need for prior knowledge in cryptography.

Topics

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Packages

No packages published

Contributors 3

  •  
  •  
  •