Skip to content

Instantly share code, notes, and snippets.

@Rinlama

Rinlama/Node JWT issuer and verification

Created August 6, 2022 23:30
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save Rinlama/5bf2d4e295a58b0f609060153d4f0ae7 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save Rinlama/5bf2d4e295a58b0f609060153d4f0ae7 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Node JWT issuer and verification
const base64url = require('base64url');
const crypto = require('crypto');
const signatureFunction = crypto.createSign('RSA-SHA256');
const verifyFunction = crypto.createVerify('RSA-SHA256');
const fs = require('fs');
/**
* ISSUANCE
*/
const headerObj = {
alg: 'RS256',
typ: 'JWT'
};
const payloadObj = {
sub: '1234567890',
name: 'John Doe',
admin: true,
iat: 1516239022
};
const headerObjString = JSON.stringify(headerObj);
const payloadObjString = JSON.stringify(payloadObj);
const base64UrlHeader = base64url(headerObjString);
const base64UrlPayload = base64url(payloadObjString);
signatureFunction.write(base64UrlHeader + '.' + base64UrlPayload);
signatureFunction.end();
const PRIV_KEY = fs.readFileSync(__dirname + '/priv_key.pem', 'utf8');
const signatureBase64 = signatureFunction.sign(PRIV_KEY, 'base64');
const signatureBase64Url = base64url.fromBase64(signatureBase64);
console.log(signatureBase64Url);
// END ISSUANCE
/**
* VERIFICATION
*/
const JWT = 'eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0.POstGetfAytaZS82wHcjoTyoqhMyxXiWdR7Nn7A29DNSl0EiXLdwJ6xC6AfgZWF1bOsS_TuYI3OG85AmiExREkrS6tDfTQ2B3WXlrr-wp5AokiRbz3_oB4OxG-W9KcEEbDRcZc0nH3L7LzYptiy1PtAylQGxHTWZXtGz4ht0bAecBgmpdgXMguEIcoqPJ1n3pIWk_dUZegpqx0Lka21H6XxUTxiy8OcaarA8zdnPUnV6AmNP3ecFawIFYdvJB_cm-GvpCSbr8G8y_Mllj8f4x9nBH8pQux89_6gUY618iYv7tuPWBFfEbLxtF2pZS6YC1aSfLQxeNe8djT9YjpvRZA';
const jwtParts = JWT.split('.');
const headerInBase64UrlFormat = jwtParts[0];
const payloadInBase64UrlFormat = jwtParts[1];
const signatureInBase64UrlFormat = jwtParts[2];
verifyFunction.write(headerInBase64UrlFormat + '.' + payloadInBase64UrlFormat);
verifyFunction.end();
const jwtSignatureBase64 = base64url.toBase64(signatureInBase64UrlFormat);
const PUB_KEY = fs.readFileSync(__dirname + '/pub_key.pem', 'utf8');
const signatureIsValid = verifyFunction.verify(PUB_KEY, jwtSignatureBase64, 'base64');
console.log(signatureIsValid);
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment