@oslojs/jwt

A JavaScript library for parsing and encoding JSON web tokens (JWT) by Oslo. Only signed tokens are supported.

• Runtime-agnostic
• No third-party dependencies
• Fully typed

import { parseJWT, JWSRegisteredHeaders, JWTRegisteredClaims, joseAlgorithmHS256 } from "@oslojs/jwt";

const [header, payload, signature] = parseJWT(jwt);
const headerParameters = new JWSRegisteredHeaders(header);
if (header.algorithm() !== joseAlgorithmHS256) {
	throw new Error("Unsupported algorithm");
}
const claims = new JWTRegisteredClaims(payload);
if (!claims.verifyExpiration()) {
	throw new Error("Expired token");
}
if (claims.hasNotBefore() && !claims.verifyNotBefore()) {
	throw new Error("Invalid token");
}

Installation

npm i @oslojs/jwt