@edgefirst-dev/jwt - v1.3.0
    Preparing search index...

    Class JWT

    Hierarchy

    • Data<ObjectParser>
      • JWT

    Implements

    • JWTPayload

    Indexable

    • [propName: string]: unknown
    Index

    Constructors

    constructor

    Properties

    parser payload

    Accessors

    audience expirationTime expired expiresAt expiresIn id issuedAt issuer notBefore subject

    Methods

    sign toJSON decode sign verify

    Constructors

    • Creates a new JWT instance with the given payload.

      Parameters

      • payload: JWTPayload = {}

        The payload of the JWT.

      Returns JWT

      const jwt = new JWT({ sub: "1234567890", name: "John Doe" });
      console.log(jwt.subject); // "1234567890"

    Properties

    parser: ObjectParser
    payload: JWTPayload = {}

    The payload of the JWT.

    Accessors

    • get audience(): null | string | string[]

      Gets the audience (aud) claim of the JWT.

      The "aud" (audience) claim identifies the recipients that the JWT is intended for. It can be a single string or an array of strings representing multiple audiences.

      Returns null | string | string[]

      The audience claim or null if not present.

      const jwt = new JWT({ aud: "my-audience" });
      console.log(jwt.audience); // "my-audience"
    • set audience(value: null | string | string[]): void

      Sets the audience (aud) claim of the JWT.

      The "aud" claim is used to specify the recipient(s) of the token.

      Parameters

      • value: null | string | string[]

        The audience claim to set.

      Returns void

      const jwt = new JWT();
      jwt.audience = "my-audience";
      console.log(jwt.audience); // "my-audience"
    • get expirationTime(): null | number

      Gets the expiration time (exp) of the JWT.

      The "exp" (expiration time) claim defines the time after which the JWT must not be accepted. It is represented as a Unix timestamp in seconds.

      Returns null | number

      The expiration timestamp or null if not set.

      const jwt = new JWT({ exp:Date.now() + 3600 });
      console.log(jwt.expirationTime); // timestamp
    • set expirationTime(value: null | number): void

      Sets the expiration time (exp) of the JWT.

      Specifies when the JWT will expire. After this time, the token is no longer valid.

      Parameters

      • value: null | number

        The expiration timestamp to set.

      Returns void

      const jwt = new JWT();
      jwt.expirationTime = Date.now() + 3600; // 1 hour from now
      console.log(jwt.expirationTime);
    • get expired(): boolean

      Checks if the JWT has expired.

      Determines if the current time is past the expiration time (exp).

      Returns boolean

      True if expired, false otherwise.

      const jwt = new JWT({ exp: Date.now() - 10 });
      console.log(jwt.expired); // true
    • get expiresAt(): null | Date

      Gets the expiration date as a Date object.

      Converts the expiration timestamp (exp) into a Date object.

      Returns null | Date

      The expiration date or null if not set.

      const jwt = new JWT({ exp: Date.now() + 3600 });
      console.log(jwt.expiresAt); // Date object
    • get expiresIn(): null | number

      Gets the second from now until the JWT expires.

      Returns null | number

      The expiration in seconds from now or null.

      const jwt = new JWT({ exp:Date.now() + 3600 });
      console.log(jwt.expiresIn); // seconds from now
    • get id(): null | string

      Gets the JWT ID (jti) claim.

      The "jti" (JWT ID) claim is a unique identifier for the token. It is often used to prevent replay attacks by ensuring each JWT has a unique ID.

      Returns null | string

      The JWT ID or null if not set.

      const jwt = new JWT({ jti: "unique-id-123" });
      console.log(jwt.id); // "unique-id-123"
    • set id(value: null | string): void

      Sets the JWT ID (jti) claim.

      Assigns a unique identifier to the token.

      Parameters

      • value: null | string

        The JWT ID to set.

      Returns void

      const jwt = new JWT();
      jwt.id = "unique-id-123";
      console.log(jwt.id); // "unique-id-123"
    • get issuedAt(): null | Date

      Gets the issued-at (iat) claim of the JWT.

      The "iat" (issued at) claim represents the time at which the token was issued. It is typically used to track when the JWT was created.

      Returns null | Date

      The issuance date or null if not set.

      const jwt = new JWT({ iat: Math.floor(Date.now() / 1000) });
      console.log(jwt.issuedAt); // Date object
    • set issuedAt(value: null | Date): void

      Sets the issued-at (iat) claim of the JWT.

      Indicates the time the JWT was created.

      Parameters

      • value: null | Date

        The issuance date to set.

      Returns void

      const jwt = new JWT();
      jwt.issuedAt = new Date();
      console.log(jwt.issuedAt);
    • get issuer(): null | string

      Gets the issuer (iss) claim of the JWT.

      The "iss" (issuer) claim identifies the entity that issued the JWT. This is typically a URL or identifier of the authentication server.

      Returns null | string

      The issuer or null if not set.

      const jwt = new JWT({ iss: "auth.example.com" });
      console.log(jwt.issuer); // "auth.example.com"
    • set issuer(value: null | string): void

      Sets the issuer (iss) claim of the JWT.

      Identifies the entity that issued the token.

      Parameters

      • value: null | string

        The issuer to set.

      Returns void

      const jwt = new JWT();
      jwt.issuer = "auth.example.com";
      console.log(jwt.issuer); // "auth.example.com"
    • get notBefore(): null | Date

      Gets the not-before (nbf) claim of the JWT.

      The "nbf" (not before) claim specifies the earliest time at which the JWT is valid. The token should not be accepted before this time.

      Returns null | Date

      The not-before date or null if not set.

      const jwt = new JWT({ nbf: Math.floor(Date.now() / 1000) + 300 });
      console.log(jwt.notBefore); // Date object
    • set notBefore(value: null | Date): void

      Sets the not-before (nbf) claim of the JWT.

      Defines when the JWT becomes valid.

      Parameters

      • value: null | Date

        The not-before date to set.

      Returns void

      const jwt = new JWT();
      jwt.notBefore = new Date(Date.now() + 300000);
      console.log(jwt.notBefore); // Date object
    • get subject(): null | string

      Gets the subject (sub) claim of the JWT.

      The "sub" (subject) claim represents the entity that the JWT is about. This is often the user ID or identifier of the authenticated entity.

      Returns null | string

      The subject or null if not set.

      const jwt = new JWT({ sub: "user-123" });
      console.log(jwt.subject); // "user-123"
    • set subject(value: null | string): void

      Sets the subject (sub) claim of the JWT.

      Defines the entity that the token is about.

      Parameters

      • value: null | string

        The subject to set.

      Returns void

      const jwt = new JWT();
      jwt.subject = "user-123";
      console.log(jwt.subject); // "user-123"

    Methods

    • Signs the JWT using the specified algorithm and key set.

      Parameters

      • algorithm: Algoritm

        The algorithm to use for signing.

      • jwks: { alg: string; id: string; private: CryptoKey }[]

        The key set containing private keys.

      Returns Promise<string>

      The signed JWT as a string.

      const jwt = new JWT({ sub: "1234567890" });
      const signed = await jwt.sign(JWK.Algoritm.ES256, [{ private: privateKey, alg: "RS256" }]);
      console.log(signed);

    • Converts the Data object into a plain JSON representation, including all properties defined as getters in the subclass.

      The toJSON method dynamically identifies getter properties in the subclass and collects their values to construct a JSON object. This is particularly useful when you want to serialize the Data object for APIs, logging, or other use cases requiring JSON format.

      Returns Record<string, unknown>

      A plain object representing the Data instance with all getter properties.

      class LoginData extends Data<FormParser> {
        get username() {
          return this.parser.getString("username");
        }
        get password() {
          return this.parser.getString("password");
        }
      }

      const loginData = new LoginData(new FormParser(formData));
      console.log(JSON.stringify(loginData.toJSON()));
      // Output: { "username": "johndoe", "password": "secret" }

    • Decodes a JWT without verifying its signature.

      Type Parameters

      Parameters

      • this: new (payload: JWTPayload) => M
      • token: string

        The JWT to decode.

      Returns M

      A new instance of the decoded JWT payload.

      const decoded = JWT.decode(token);
      console.log(decoded.subject);

    • Signs a JWT instance using the given algorithm and key set.

      Parameters

      • jwt: JWT

        The JWT instance to sign.

      • algorithm: Algoritm

        The signing algorithm.

      • jwks: { alg: string; id: string; private: CryptoKey }[]

        The key set containing private keys.

      Returns Promise<string>

      The signed JWT as a string.

      const jwt = new JWT({ sub: "1234567890" });
      const signed = await JWT.sign(jwt, "RS256", [{ private: privateKey, alg: "RS256" }]);
      console.log(signed);

    • Verifies a JWT using the provided key set.

      Type Parameters

      Parameters

      • this: new (payload: JWTPayload) => M
      • token: string

        The JWT to verify.

      • jwks: { public: CryptoKey }[]

        The key set containing public keys.

      • Optionaloptions: JWTVerifyOptions

        Optional verification options.

      Returns Promise<M>

      A new instance of the verified JWT payload.

      If no valid key is found for verification.

      const verified = await JWT.verify(token, [{ public: publicKey }]);
      console.log(verified.subject);

    Settings

    Member Visibility

    On This Page

    Constructors
    Properties
    Accessors
    Methods