How to use the jose.JWT.verify function in jose

To help you get started, we’ve selected a few jose examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github panva / node-oidc-provider / lib / helpers / oidc_context.js View on Github external
}
        if (typeof payload.jti !== 'string' || !payload.jti) {
          throw new Error('must have a jti string property');
        }
        if (typeof payload.iat !== 'number' || !payload.iat) {
          throw new Error('must have a iat number property');
        }
        if (payload.htm !== this.ctx.method) {
          throw new Error('htm mismatch');
        }
        if (payload.htu !== `${this.urlFor(this.route)}`) {
          throw new Error('htu mismatch');
        }

        try {
          JWT.verify(token, key, { maxTokenAge: `${dPoPConfig.iatTolerance} seconds`, clockTolerance: `${clockTolerance} seconds` });
        } catch (err) {
          if (err instanceof errors.JWTClaimInvalid) {
            throw new Error(`failed claim check (${err.message})`);
          }
          throw err;
        }

        const result = { jwk: key, jti: payload.jti, iat: payload.iat };
        instance(this).dpop = result;
        return result;
      } catch (err) {
        throw new InvalidRequest(`invalid DPoP Proof JWT (${err.message})`);
      }
    }

jose

JWA, JWS, JWE, JWT, JWK, JWKS for Node.js, Browser, Cloudflare Workers, Deno, Bun, and other Web-interoperable runtimes

MIT
Latest version published 16 days ago

Package Health Score

94 / 100
Full package analysis