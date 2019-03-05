openbase logo
openbase logo
CategoriesLeaderboard
jk

jwt-kms

by Jonathan Keebler
1.1.1 (see all)

Sign and validate JWT tokens using keys stored in the AWS Key Management Service (KMS).

npm
GitHub
CDN

Overview

DocumentationTutorialsReviewsMaintenanceDependenciesVersionsAlternatives
Showing:

Popularity

Downloads/wk

1.3K

GitHub Stars

21

Maintenance

Last Commit

3yrs ago

Contributors

0

Package

Dependencies

2

License

MIT

Type Definitions

DefinitelyTyped

Tree-Shakeable

No?

Categories

Reviews

Be the first to rate

Readme

JWT-KMS

Sign and validate JWT tokens using keys stored in the AWS Key Management Service (KMS).

Feature Todo List:

  • Symmetric encryption (both parties have IAM access to KMS key)
  • Asymmetic encryption (only 1 party has IAM access to KMS key)

Requirements

  • node.js 6+

Installation

npm install jwt-kms

Usage

const JWTKMS = require("jwt-kms");

var jwtkms = new JWTKMS({
    aws: {
        region: "us-east-1",
        accessKeyId : process.env.AWS_ACCESS_KEY,   // Optional if set in environment
        secretAccessKey: process.env.AWS_SECRET_KEY // Optional if set in environment
    }
});

// Create a JWT token using a KMS key identified by a key_arn
jwtkms.sign({foo: "bar"}, key_arn).then(function(token)
{
    // ...
});

// Create a JWT token using a KMS key identified by a key_arn
jwtkms.sign(
    { foo: "bar" }, 
    { expires: new Date(Date.now() + 60*1000) }, // Expires in 60 seconds
    key_arn
).then(function(token)
{
    // ...
});

// Verify that you have a valid JWT key
jwtkms.verify(token).then(function(decoded)
{
    console.log(decoded);
    /* 
    {
        foo: "bar
    }
    */
});

// Validate that you have a JWT key but **DOESN'T CHECK FOR AUTHENTICITY**
jwtkms.validate(token);
// true

jwtkms.validate("Not a JWT token");
// false

jwtkms.validate(expired_token);
// false

// This is why you need to use jwtkms.verify to check a token
jwtkms.validate(token_but_not_authentic);
// true

Testing

npm install mocha -g # if you don't have it installed already
npm test

Credit

Rate & Review

Great Documentation0
Easy to Use0
Performant0
Highly Customizable0
Bleeding Edge0
Responsive Maintainers0
Poor Documentation0
Hard to Use0
Slow0
Buggy0
Abandoned0
Unwelcoming Community0
100
No reviews found
Be the first to rate

Alternatives

No alternatives found

Tutorials

No tutorials found
Add a tutorial