Skip to content

Latest commit

 

History

History
317 lines (190 loc) · 8.13 KB

jwt_encrypt.EncryptJWT.md

File metadata and controls

317 lines (190 loc) · 8.13 KB

Class: EncryptJWT

The EncryptJWT class is a utility for creating Compact JWE formatted JWT strings.

example Usage

const jwt = await new jose.EncryptJWT({ 'urn:example:claim': true })
  .setProtectedHeader({ alg: 'dir', enc: 'A256GCM' })
  .setIssuedAt()
  .setIssuer('urn:example:issuer')
  .setAudience('urn:example:audience')
  .setExpirationTime('2h')
  .encrypt(secretKey)

console.log(jwt)

Table of contents

Constructors

Methods

Constructors

constructor

new EncryptJWT(payload)

Parameters

Name Type Description
payload JWTPayload The JWT Claims Set object.

Methods

encrypt

encrypt(key, options?): Promise<string>

Encrypts and returns the JWT.

Parameters

Name Type Description
key KeyLike | Uint8Array Public Key or Secret to encrypt the JWT with.
options? EncryptOptions JWE Encryption options.

Returns

Promise<string>


replicateAudienceAsHeader

replicateAudienceAsHeader(): EncryptJWT

Replicates the "aud" (Audience) Claim as a JWE Protected Header Parameter as per RFC7519#section-5.3.

Returns

EncryptJWT


replicateIssuerAsHeader

replicateIssuerAsHeader(): EncryptJWT

Replicates the "iss" (Issuer) Claim as a JWE Protected Header Parameter as per RFC7519#section-5.3.

Returns

EncryptJWT


replicateSubjectAsHeader

replicateSubjectAsHeader(): EncryptJWT

Replicates the "sub" (Subject) Claim as a JWE Protected Header Parameter as per RFC7519#section-5.3.

Returns

EncryptJWT


setAudience

setAudience(audience): EncryptJWT

Set "aud" (Audience) Claim.

Parameters

Name Type Description
audience string | string[] "aud" (Audience) Claim value to set on the JWT Claims Set.

Returns

EncryptJWT


setContentEncryptionKey

setContentEncryptionKey(cek): EncryptJWT

Sets a content encryption key to use, by default a random suitable one is generated for the JWE enc" (Encryption Algorithm) Header Parameter. You do not need to invoke this method, it is only really intended for test and vector validation purposes.

Parameters

Name Type Description
cek Uint8Array JWE Content Encryption Key.

Returns

EncryptJWT


setExpirationTime

setExpirationTime(input): EncryptJWT

Set "exp" (Expiration Time) Claim.

Parameters

Name Type Description
input string | number "exp" (Expiration Time) Claim value to set on the JWT Claims Set. When number is passed that is used as a value, when string is passed it is resolved to a time span and added to the current timestamp.

Returns

EncryptJWT


setInitializationVector

setInitializationVector(iv): EncryptJWT

Sets the JWE Initialization Vector to use for content encryption, by default a random suitable one is generated for the JWE enc" (Encryption Algorithm) Header Parameter. You do not need to invoke this method, it is only really intended for test and vector validation purposes.

Parameters

Name Type Description
iv Uint8Array JWE Initialization Vector.

Returns

EncryptJWT


setIssuedAt

setIssuedAt(input?): EncryptJWT

Set "iat" (Issued At) Claim.

Parameters

Name Type Description
input? number "iat" (Issued At) Claim value to set on the JWT Claims Set. Default is current timestamp.

Returns

EncryptJWT


setIssuer

setIssuer(issuer): EncryptJWT

Set "iss" (Issuer) Claim.

Parameters

Name Type Description
issuer string "Issuer" Claim value to set on the JWT Claims Set.

Returns

EncryptJWT


setJti

setJti(jwtId): EncryptJWT

Set "jti" (JWT ID) Claim.

Parameters

Name Type Description
jwtId string "jti" (JWT ID) Claim value to set on the JWT Claims Set.

Returns

EncryptJWT


setKeyManagementParameters

setKeyManagementParameters(parameters): EncryptJWT

Sets the JWE Key Management parameters to be used when encrypting. Use of this is method is really only needed for ECDH-ES based algorithms when utilizing the Agreement PartyUInfo or Agreement PartyVInfo parameters. Other parameters will always be randomly generated when needed and missing.

Parameters

Name Type Description
parameters JWEKeyManagementHeaderParameters JWE Key Management parameters.

Returns

EncryptJWT


setNotBefore

setNotBefore(input): EncryptJWT

Set "nbf" (Not Before) Claim.

Parameters

Name Type Description
input string | number "nbf" (Not Before) Claim value to set on the JWT Claims Set. When number is passed that is used as a value, when string is passed it is resolved to a time span and added to the current timestamp.

Returns

EncryptJWT


setProtectedHeader

setProtectedHeader(protectedHeader): EncryptJWT

Sets the JWE Protected Header on the EncryptJWT object.

Parameters

Name Type Description
protectedHeader CompactJWEHeaderParameters JWE Protected Header. Must contain an "alg" (JWE Algorithm) and "enc" (JWE Encryption Algorithm) properties.

Returns

EncryptJWT


setSubject

setSubject(subject): EncryptJWT

Set "sub" (Subject) Claim.

Parameters

Name Type Description
subject string "sub" (Subject) Claim value to set on the JWT Claims Set.

Returns

EncryptJWT