@byu-oit/jwt
v0.0.7
Published
Utilities for verifying and decoding BYU JWTs
Downloads
187
Maintainers
Keywords
Readme
@byu-oit/jwt
Provides helpful functions to retrieve a specified BYU .well-known URL and verify BYU signed JWTs.
Usage
import { ByuJwt } from '@byu-oit/jwt'
const byuJwt = new ByuJwt({ issuer: 'https://api.byu.edu' })
const jwt = byuJwt.verify('[your jwt]')
/** Access the jwt payload information */
const { byuId } = jwt.payload
/** Access the jwt header information */
const { alg } = jwt.header
Note Please refer to the API documentation if you need to see what information is made available in the jwt payload or header.
Options
| property | type | default | description |
|-----------------------|---------|--------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| issuer | string | undefined
| The OAuth Provider host, e.g. https://api.byu.edu
. Either the issuer or the discoveryEndpoint are required but not both. If the discoveryEndpoint is not provided, the issuer will be used to specify the open id configuration. |
| discoveryEndpoint | string | undefined
| Can specify the discoveryEndpoint explicitly if your open id configuration is not located at /.well-known/openid-configuration
. Either the issuer or the discoveryEndpoint are required but not both. |
| key | string | undefined
| A JWK in the form of a PEM Certificate that will be used to verify the JWT. |
| additionalValidations | array | undefined
| An array of additional validation functions that can be run when verify()
is called. Each function should accept a decoded jwt as its parameter, throw an error if the validation fails, and return void if it succeeds. |
There are additional options that can be passed in that are all listed under the fast-jwt VerifierOptions properties. Descriptions of these properties can be found here.