Methods
decode(token) → {DecodedToken}
Decodes a well formed JWT without any verification
Parameters:
Name | Type | Description |
---|---|---|
token |
String
|
decodes the token |
validateAccessToken(access_token, alg, atHash, cb)
Validates an access_token based on http://openid.net/specs/openid-connect-core-1_0.html#ImplicitTokenValidation. The id_token from where the alg and atHash parameters are taken, should be decoded and verified before using thisfunction
Parameters:
Name | Type | Description |
---|---|---|
access_token |
String
|
the access_token |
alg |
String
|
The algorithm defined in the header of the previously verified id_token under the "alg" claim. |
atHash |
String
|
The "at_hash" value included in the payload of the previously verified id_token. |
cb |
validateAccessTokenCallback
|
callback used to notify the results of the validation. |
verify(token, nonceopt, cb)
Verifies an id_token
It will validate:
- signature according to the algorithm configured in the verifier.
- if nonce is present and matches the one provided
- if
iss
andaud
claims matches the configured issuer and audience - if token is not expired and valid (if the
nbf
claim is in the past)
Parameters:
Name | Type | Attributes | Description |
---|---|---|---|
token |
String
|
id_token to verify |
|
nonce |
String
|
<optional> |
nonce value that should match the one in the id_token claims |
cb |
verifyCallback
|
callback used to notify the results of the validation |
verifyExpAndIat(exp, iat) → {boolean}
Verifies that the exp
and iat
claims are valid in the current moment.
Parameters:
Name | Type | Description |
---|---|---|
exp |
String
|
value of |
iat |
String
|
value of |
Returns:
- Type:
-
boolean
if token is valid according to exp
and iat
verifyExpAndNbf(exp, nbf) → {boolean}
Verifies that the exp
and nbf
claims are valid in the current moment.
Parameters:
Name | Type | Description |
---|---|---|
exp |
String
|
value of |
nbf |
String
|
value of |
Returns:
- Type:
-
boolean
if token is valid according to exp
and nbf
Type Definitions
DecodedToken
Properties:
Name | Type | Description |
---|---|---|
header |
Object
|
content of the JWT header. |
payload |
Object
|
token claims. |
encoded |
Object
|
encoded parts of the token. |
Type:
-
Object
validateAccessTokenCallback(erropt)
Parameters:
Name | Type | Attributes | Description |
---|---|---|---|
err |
Error
|
<optional> |
error returned if the validation cannot be performed or the token is invalid. If there is no error, then the access_token is valid. |