Package Exports

get-jwks

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (get-jwks) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

get-jwks

Fetch utils for JWKS keys

Installation

Just run:

npm install get-jwks

Usage

const buildGetJwks = require('get-jwks')

const getJwks = buildGetJwks()

const secret = await getJwks.getSecret({
  domain: 'https://exampe.com/',
  alg: 'token_alg',
  kid: 'token_kid'
})

// to clear the secret in cache
getJwks.clearCache()

getSecret

Calling the getSecret will fetch the JSON Web Key, Set and verify if any of the public keys matches the alg and kid values of your JWT token. And it will cache the secret so if called again it will not make another http request to return the secret. It is asynchronous.

domain: A string containing the domain (ie: https://www.example.com/) from which the library should fetch the JWKS. get-jwks will add the JWKS location (.well-known/jwks.json) to form the final url (ie: https://www.example.com/.well-known/jwks.json).
alg: The alg header parameter represents the cryptographic algorithm used to secure the token. You will find it in your decoded JWT.
kid: The kid is a hint that indicates which key was used to secure the JSON web signature of the token. You will find it in your decoded JWT.

clearCache

Clears the contents of the cache

Optional cache constuctor

When creating the cache constructor you pass some optional parameters based off the tiny-lru package.

max: Max items to hold in cache, the default setting is 100.
ttl: Milliseconds an item will remain in cache; lazy expiration upon next get() of an item, the default setting is 60000.

const buildGetJwks = require('get-jwks')

const getJwks = buildGetJwks({
  max: 500,
  ttl: 60 * 1000
})