@oslojs/jwt
A JavaScript library for parsing and encoding JSON web tokens (JWT) by Oslo. Only signed tokens are supported.
- Runtime-agnostic
- No third-party dependencies
- Fully typed
import { parseJWT, JWSRegisteredHeaders, JWTRegisteredClaims, joseAlgorithmHS256 } from "@oslojs/jwt";
const [header, payload, signature] = parseJWT(jwt);
const headerParameters = new JWSRegisteredHeaders(header);
if (header.algorithm() !== joseAlgorithmHS256) {
throw new Error("Unsupported algorithm");
}
const claims = new JWTRegisteredClaims(payload);
if (!claims.verifyExpiration()) {
throw new Error("Expired token");
}
if (claims.hasNotBefore() && !claims.verifyNotBefore()) {
throw new Error("Invalid token");
}
Installation
npm i @oslojs/jwt