kms-jwt
v1.0.2
Published
validate/decrypt/encrypt jwt with keys from aws kms
Downloads
17
Readme
kms-jwt
Use encrypted public and private keys through KMS to validate JWT signatures.
Usage:
var publicJwt = new KmsJwt({
awsConfig: {
region: process.env.AWS_REGION,
accessKeyId : process.env.AWS_ACCESS_KEY,
secretAccessKey: process.env.AWS_SECRET_KEY
},
signingKey: signingKey
});
publicJwt.verify(jwt,function(err,decodedToken){
if (err)
{
// handle invalid or expired token
}
else
{
// utilize decodedToken Payload
}
});
Create a Signing Key:
var tokenSigner = new KmsJwt({
awsConfig: {
region: process.env.AWS_REGION,
accessKeyId : process.env.AWS_ACCESS_KEY,
secretAccessKey: process.env.AWS_SECRET_KEY
},
keyArn: kmsArn
});
tokenSigner.createSigningKey(publicOrPrivateKey,function(err,encryptedBase64EncodedKey){
// store encryptedBase64EncodedKey where ever you want
});