Skip to content

Releases: cross-org/jwt

0.5.0

23 Jul 14:54
@Pinta365 Pinta365
0.5.0
36128a9
Compare
Choose a tag to compare
0.5.0 Latest
Latest
  • New function unsafeParseJOSEHeader() - "unsafely" parse the JOSE header of a JWT without cryptokey.
  • New JWTOption additionalHeaderClaims - Additional claims to include/override as part of the JWT's JOSE header.

Working with JWT Headers

Some usage scenarios, such as interoperating with OIDC providers that set key identifier (kid) header claims in the JWTs they issue, require JWT header introspection. Similarly, it is sometimes necessary to create tokens with additional header claims or override existing claims (e.g., the typ claim).

The additionalHeaderClaims property in the JWTOptions provide the means to set/override header claims in tokens created through signJWT. Conversely, the unsafeParseJOSEHeader function reads the header claims of a token without validating it.

What's Changed

  • Add support for additional header claims in signJWT() function by @cwirving in #5
  • Add the ability to provide arbitrary custom header claims by @cwirving in #6

New Contributors

Full Changelog: 0.4.9...0.5.0

Contributors

cwirving
Assets 2
Loading

0.4.9

17 Jun 09:59
@Pinta365 Pinta365
0.4.9
2e430eb
Compare
Choose a tag to compare
0.4.9

Cross runtime bug fix: Use crypto global object

Full Changelog: 0.4.8...0.4.9

Assets 2
Loading

0.4.8

22 May 21:25
@Pinta365 Pinta365
0.4.8
2b4fca3
Compare
Choose a tag to compare
0.4.8

Adding support and tests for expiresIn and notBefore helper options.
They translate into exp and nbf standard claims on payload signing.

const options: JWTOptions = {
    expiresIn: "1h",
    notBefore: "5m",
};

Full Changelog: 0.4.7...0.4.8

Assets 2
Loading

0.4.7

29 Apr 17:05
@Pinta365 Pinta365
0.4.7
eee3009
Compare
Choose a tag to compare
0.4.7

Changes to exportPEMKey(), now accepts options as an optional second

Function signature

async function exportPEMKey(key: CryptoKey, filePathOrOptions?: string | ExportPEMKeyOptions): Promise<string>

Options object

interface ExportPEMKeyOptions {
    /**
     * Optional path to write the PEM-formatted key to
     */
    filePath?: string;
    /**
     * Optional for file write mode
     */
    mode?: number;
}

Full Changelog: 0.4.6...0.4.7

Assets 2
Loading

0.4.6

28 Apr 21:07
@Pinta365 Pinta365
0.4.6
ed82711
Compare
Choose a tag to compare
0.4.6 
publish version
Assets 2
Loading

0.4.5

28 Apr 21:04
@Pinta365 Pinta365
0.4.5
aed3d3b
Compare
Choose a tag to compare
0.4.5
  • typo fix

Full Changelog: 0.4.4...0.4.5

Assets 2
Loading

0.4.4

28 Apr 20:54
@Pinta365 Pinta365
0.4.4
73c7b29
Compare
Choose a tag to compare
0.4.4
  • Documentation fix for unsafeParseJWT()

Full Changelog: 0.4.3...0.4.4

Assets 2
Loading

0.4.3

28 Apr 20:52
@Pinta365 Pinta365
0.4.3
f51260b
Compare
Choose a tag to compare
0.4.3
  • New function to parse a JWT "unsafe" without a key. unsafeParseJWT()

Full Changelog: 0.4.2...0.4.3

Assets 2
Loading

0.4.2

23 Apr 17:22
@Pinta365 Pinta365
0.4.2
478c42d
Compare
Choose a tag to compare
0.4.2
  • Import PEM key pairs (experimental).
  • Export PEM key pairs (experimental).

Supports RS256, RS384, RS512, ES256, ES384, PS256, PS384 and PS512

Full Changelog: 0.4.1...0.4.2

Assets 2
Loading

0.4.1

09 Apr 17:14
@Pinta365 Pinta365
0.4.1
3b14ecd
Compare
Choose a tag to compare
0.4.1
  • More tests
  • Readme examples

Full Changelog: 0.4.0...0.4.1

Assets 2
Loading