mharj-jwt-util

Json Webtoken Utility to validate OpenID tokens against issuer public ssl keys

Can build public PEM cert from modulus + exponent (i.e. Google)
Caches issuer OpenID configuration 24h
New Token "kid" forces reloading jwks_uri data.

Note: if running NodeJS less than 18.0.0 you need to install and use cross-fetch polyfill

Usage example

// with Bearer header
try {
	const {body, isCached} = await jwtBearerVerify(req.headers.authorization);
} catch (err) {
	console.log(err);
}
// or Just token
try {
	const {body, isCached} = await jwtVerify(process.env.GOOGLE_ID_TOKEN);
} catch (err) {
	console.log(err);
}

// attach logger to see http requests (console and log4js should be working)
setJwtLogger(console);

Enable file caching

await useCache(new FileCertCache({fileName: './certCache.json'}));

// or with Tachyon drive
await useCache(new TachyonCertCache(new FileStorageDriver('FileCertCacheDriver', './certCache.json', certCacheBufferSerializer)));

Enable verified token persist caching (Tachyon drive with encryption)

import {CacheMap, TachyonExpireCache} from 'tachyon-expire-cache';
import {CryptoBufferProcessor, FileStorageDriver} from 'tachyon-drive-node-fs';
import {IPersistSerializer} from 'tachyon-drive';

function cachePayloadSchema<T>(data: z.Schema<T>) {
	return z.object({
		data,
		expires: z.number().optional(),
	});
}
const anyObjectSchema = z.object({}).passthrough(); // or build token payload schema
const bufferSerializer: IPersistSerializer<CacheMap<TokenPayload, RawJwtToken>, Buffer> = {
	serialize: (data: CacheMap<TokenPayload, RawJwtToken>) => Buffer.from(JSON.stringify(Array.from(data))),
	deserialize: (buffer: Buffer) => new Map(JSON.parse(buffer.toString())),
	validator: (data: CacheMap<TokenPayload, RawJwtToken>) => z.map(z.string(), cachePayloadSchema(anyObjectSchema)).safeParse(data).success,
};
const processor = new CryptoBufferProcessor(Buffer.from('some-secret-key'));
const driver = new FileStorageDriver('TokenStorageDriver', './tokenCache.aes', bufferSerializer, processor);
const cache = new TachyonExpireCache<TokenPayload, RawJwtToken>(driver);

await setTokenCache(cache);

Name		Name	Last commit message	Last commit date
Latest commit History 103 Commits
.devcontainer		.devcontainer
.github		.github
.vscode		.vscode
src		src
test		test
.eslintignore		.eslintignore
.eslintrc.json		.eslintrc.json
.gitattributes		.gitattributes
.gitignore		.gitignore
.prettierrc		.prettierrc
LICENSE		LICENSE
README.md		README.md
azure-pipelines.yml		azure-pipelines.yml
package-lock.json		package-lock.json
package.json		package.json
tsconfig.json		tsconfig.json
tsconfig.test.json		tsconfig.test.json
vite.config.mts		vite.config.mts

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

mharj-jwt-util

Json Webtoken Utility to validate OpenID tokens against issuer public ssl keys

Usage example

Enable file caching

Enable verified token persist caching (Tachyon drive with encryption)

About

Releases

Packages

Contributors 2

Languages

License

mharj/mharj-jwt-util

Folders and files

Latest commit

History

Repository files navigation

mharj-jwt-util

Json Webtoken Utility to validate OpenID tokens against issuer public ssl keys

Usage example

Enable file caching

Enable verified token persist caching (Tachyon drive with encryption)

About

Topics

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Contributors 2

Languages

Packages