How to use jsonwebtoken - 10 common examples
To help you get started, we’ve selected a few jsonwebtoken examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
marblejs / marble / packages / middleware-jwt / src / spec / jwt.factory.spec.ts View on Github 
test('#verifyToken verifies wrong JWT token and throws error', () => {
// given
const secret = 'test_secret';
const payload = { id: 'test_id' };
const token = generateToken({ secret: 'wrong_secret' })(payload);
const expectedError = new JsonWebTokenError('invalid signature');
type Payload = typeof payload;
// when
const verifiedToken = () => verifyToken({ secret })(token);
// then
expect(verifiedToken).toThrowError(expectedError);
});.use(async (ctx: Koa.Context, next: () => Promise) => {
try {
await next();
// Catch Koa's stadard 404 response and throw our own error
if (ctx.response.status === 404) throw new NotFoundError();
} catch (err) {
if (err instanceof ObjectionValidationError) {
const e = new ValidationError();
e.errors = err.data;
ctx.body = e;
ctx.status = e.status;
} else if (err instanceof jwt.JsonWebTokenError || err instanceof jwt.TokenExpiredError) {
const e = new AuthenticationError(err.message);
ctx.body = e;
ctx.status = e.status;
} else {
ctx.status = err.status || err.statusCode || 500;
ctx.body = err;
}
// tslint:disable-next-line
if (config.DEBUG) console.log(err.stack);
}
})
.use(WebHookMiddleware);.use(async (ctx, next) => {
try {
await next();
// Catch Koa's stadard 404 response and throw our own error
if (ctx.response.status === 404)
throw new NotFoundError_1.default();
}
catch (err) {
if (err instanceof objection_1.ValidationError) {
const e = new ValidationError_1.default();
e.errors = err.data;
ctx.body = e;
ctx.status = e.status;
}
else if (err instanceof jwt.JsonWebTokenError || err instanceof jwt.TokenExpiredError) {
const e = new AuthenticationError_1.default(err.message);
ctx.body = e;
ctx.status = e.status;
}
else {
ctx.status = err.status || err.statusCode || 500;
ctx.body = err;
}
// tslint:disable-next-line
if (config_1.default.DEBUG)
console.log(err.stack);
}
})
.use(middleware_2.default);io.on("connection", async function(socket) {
const cookies = cookiestring2object(socket.handshake.headers.cookie);
const token = cookies.jwt;
let user;
try {
user = await JWT.verifyAsync(token, jwtSecret, opts);
} catch (e) {
// ignore random connections or invalid JWTs
console.error(e);
return;
}
const vehicleOrgs = {};
if (user.isAdmin !== true) {
const allVehicles = await getVehicles(user.orgid);
allVehicles.forEach(function(item) {
vehicleOrgs[item.id] = item.orgid;
});
}
const listeners = {};
for (let table of tables) {.then( _session => {
if ( _session !== null ) {
// Checking session
user.session.secret = _session.secret || null;
user.session.iv = _session.iv || null;
user.session.guid = _session.guid || null;
user.session.revoked = _session.revoked || false;
if (user.session.secret === null || user.session.iv === null) {
return callback(false);
}
// Check refresh token
return JWT.verifyAsync(user.session.refreshToken, config.server.auth.secret)
.then( decoded => {
const encryptedObject = {
key: user.session.secret,
iv: user.session.iv,
data: decoded
};
return decrypt(encryptedObject, null, data => {
try {
JSON.parse(data);
} catch (e) {
console.error('ERROR parsing decrypted object: ', e);
return callback(false);
}
const token = JSON.parse(data);
const decryptedToken = {
userId: token.id,let issuer;
if (decoded.payload.ver === '1.0') {
issuer = usGovernmentAuthentication.tokenIssuerV1;
} else if (decoded.payload.ver === '2.0') {
issuer = usGovernmentAuthentication.tokenIssuerV2;
} else {
// unknown token format
res.status(401);
res.end();
return;
}
try {
(req as any).jwt = jwt.verify(token, key, {
audience: usGovernmentAuthentication.botTokenAudience,
clockTolerance: 300,
issuer,
// TODO: "jwtId" is a typo, it should be "jwtid"
// But when we enable "jwtid", it will fail the verification
// because the payload does not specify "jti"
// When we comment out "jwtId", it also works (because it is a typo)
// jwtId: botId
});
} catch (err) {
res.status(401);
res.end();
return;new Promise(resolve => {
// Decode the JWT Token
const decoded = jwt.decode(token, { complete: true });
if (!decoded || !decoded.header || !decoded.header.kid) {
throw new Error('Unable to retrieve key identifier from token');
}
if (decoded.header.alg !== 'RS256') {
throw new Error(`Wrong signature algorithm, expected RS256, got ${decoded.header.alg}`);
}
const jkwsClient = jwkRsa({
cache: true,
jwksUri: `https://${process.env.AUTH0_DOMAIN}/.well-known/jwks.json`,
});
// Retrieve the JKWS's signing key using the decode token's key identifier (kid)
jkwsClient.getSigningKey(decoded.header.kid, (err, key) => {
if (err) throw new Error(err);
const signingKey = key.publicKey || key.rsaPublicKey;
// If the JWT Token was valid, verify its validity against the JKWS's signing key
jwt.verify(}
// TODO think more about this special case... I really want this logic to be in sp-plugin-auth
// but here we are.
const AUTH0_HEADER = "auth0|";
if (subject.indexOf(AUTH0_HEADER) === 0) {
const uuidSubject = aguid(subject.slice(AUTH0_HEADER.length));
subject = `https://${DOMAIN}/api/users/${uuidSubject}`;
}
const newToken = jwt.sign({}, JWT_SECRET, {
algorithm: "HS256",
expiresIn: `${JWT_EXPIRATION}ms`,
audience: JWT_AUDIENCE,
issuer: JWT_ISSUER,
subject: subject
});
this.jwt = jwt.decode(newToken);
this._replaceToken(newToken);
}
}.then(data => {
// Decode Cognito's id token and get user's sub.
const idToken = jwt.decode(data.AuthenticationResult.IdToken)
return {
sub: idToken.sub,
raw: data
}
})
}async verifyAccessToken(accessToken: string) {
try {
// Don't return directly for catch block to work properly
const data = await jwtVerify(
accessToken,
config.auth.accessTokenSecret,
config.auth.verifyOptions
)
return data
} catch (err) {
if (err instanceof jwt.JsonWebTokenError || err instanceof SyntaxError) {
return null
}
throw err
}
},
}jsonwebtoken
JSON Web Token implementation (symmetric and asymmetric)
