Global - Documentation

Methods

decode(token) → {DecodedToken}

Decodes a well formed JWT without any verification

Source:

index.js, line 221

Parameters:

Name	Type	Description
`token`	`String`	decodes the token

Returns:

Type:: DecodedToken

if token is valid according to exp and nbf

validateAccessToken(access_token, alg, atHash, cb)

Validates an access_token based on http://openid.net/specs/openid-connect-core-1_0.html#ImplicitTokenValidation. The id_token from where the alg and atHash parameters are taken, should be decoded and verified before using thisfunction

Source:

index.js, line 261

Parameters:

Name	Type	Description
`access_token`	`String`	the access_token
`alg`	`String`	The algorithm defined in the header of the previously verified id_token under the "alg" claim.
`atHash`	`String`	The "at_hash" value included in the payload of the previously verified id_token.
`cb`	`validateAccessTokenCallback`	callback used to notify the results of the validation.

verify(token, nonceopt, cb)

Verifies an id_token

It will validate:

signature according to the algorithm configured in the verifier.
if nonce is present and matches the one provided
if iss and aud claims matches the configured issuer and audience
if token is not expired and valid (if the nbf claim is in the past)

Source:

index.js, line 54

Parameters:

Name	Type	Attributes	Description
`token`	`String`		id_token to verify
`nonce`	`String`	<optional>	nonce value that should match the one in the id_token claims
`cb`	`verifyCallback`		callback used to notify the results of the validation

verifyExpAndIat(exp, iat) → {boolean}

Verifies that the exp and iat claims are valid in the current moment.

Source:

index.js, line 158

Parameters:

Name	Type	Description
`exp`	`String`	value of `exp` claim
`iat`	`String`	value of `iat` claim

Returns:

Type:: boolean

if token is valid according to exp and iat

verifyExpAndNbf(exp, nbf) → {boolean}

Verifies that the exp and nbf claims are valid in the current moment.

Source:

index.js, line 123

Parameters:

Name	Type	Description
`exp`	`String`	value of `exp` claim
`nbf`	`String`	value of `nbf` claim

Returns:

Type:: boolean

if token is valid according to exp and nbf

Type Definitions

DecodedToken

Properties:

Name	Type	Description
`header`	`Object`	content of the JWT header.
`payload`	`Object`	token claims.
`encoded`	`Object`	encoded parts of the token.

Source:

index.js, line 213

Type:

Object

validateAccessTokenCallback(erropt)

Source:

index.js, line 255

Parameters:

Name	Type	Attributes	Description
`err`	`Error`	<optional>	error returned if the validation cannot be performed or the token is invalid. If there is no error, then the access_token is valid.

verifyCallback(erropt, statusopt)

Source:

index.js, line 48

Parameters:

Name	Type	Attributes	Description
`err`	`Error`	<optional>	error returned if the verify cannot be performed
`status`	`boolean`	<optional>	if the token is valid or not