jose

JWA, JWS, JWE, JWT, JWK, JWKS for Node.js, Browser, Cloudflare Workers, Deno, Bun, and other Web-interoperable runtimes.

MIT License

Downloads
47.9M
Stars
4.9K
Committers
32
View Code on GitHub View on X
Ecosystems: Bun, Deno, Vercel, Next, Node.js, Cloudflare, Electron

Bot releases are hidden (Show)

jose -

Published by panva over 4 years ago

Bug Fixes

  • handle private EC keys without public component (#86) (e8ad389), closes #85
jose -

Published by panva over 4 years ago

Bug Fixes

  • allow any JSON numeric value for timestamp values (7ba4922)
jose -

Published by panva over 4 years ago

Features

  • add opt-in objects to verify using embedded JWS Header public keys (7c1cab1)
jose -

Published by panva over 4 years ago

Bug Fixes

  • typescript: types of key generate functions without overloads (7e60722), closes #80
  • "typ" content-type validation, case insensitive and handled prefix (0691586)
jose -

Published by panva over 4 years ago

Features

  • update JWT Profile for OAuth 2.0 Access Tokens to latest draft (8c0a8a9)

BREAKING CHANGES

  • at+JWT JWT draft profile - in the draft's Section 2.2 the claims iat and jti are now REQUIRED (was RECOMMENDED).

Draft specification profiles are updated as minor versions of the library, therefore, since they may have breaking changes, use the ~ semver operator when using these and pay close attention to changelog and the drafts themselves.

jose -

Published by panva over 4 years ago

Bug Fixes

  • build: don't publish junk files (6e98c1a)
jose -

Published by panva over 4 years ago

Bug Fixes

  • use native openssl AES Key Wrap 🤦 (dcf8d75)
jose -

Published by panva over 4 years ago

Features

  • update JWT Profile for OAuth 2.0 Access Tokens to latest draft (bc77a15)
jose -

Published by panva over 4 years ago

Bug Fixes

  • allow importing simpler passphrases as oct keys (f86bda3)
jose -

Published by panva over 4 years ago

Features

  • add JWT.verify "typ" option for checking JWT Type Header parameter (fc08426)
jose -

Published by panva over 4 years ago

Bug Fixes

  • typescript: add optional JWK.Key props and make them readonly (b92079c), closes #67

Features

  • add ECDH-ES with X25519 and X448 OKP keys (38369ea)
  • add RSA-OAEP-384 and RSA-OAEP-512 JWE Key Management Algorithms (7477f08)
jose -

Published by panva over 4 years ago

Performance Improvements

  • various codepaths refactored (3e3d7dd)
jose -

Published by panva over 4 years ago

Bug Fixes

  • actually remove the base64url proper encoding check (eae01b5)
jose -

Published by panva over 4 years ago

Features

  • keystore filtering by JWK Key thumbprint (a9f6f71)

Performance Improvements

  • base64url decode, JWT.verify, JWK.Key instance re-use (470b4c7)
jose -

Published by panva over 4 years ago

Bug Fixes

  • contactKDF iteration count fixed for key sizes larger than 256 bits (70ff222)
jose -

Published by panva over 4 years ago

Bug Fixes

  • typescript: don't expose non existant classes, fix decode key (0f8bf88)

Features

  • add opt-in support for Unsecured JWS algorithm "none" (3a6d17f)
jose -

Published by panva almost 5 years ago

Features

  • add JWTExpired error and JWTClaimInvalid claim and reason props (a0c0c7a), closes #62
jose -

Published by panva almost 5 years ago

Features

  • exposed shorthands for JWT verification profiles (b1864e3)
jose -

Published by panva almost 5 years ago

Bug Fixes

  • ensure asn1.js version to remove Buffer deprecation notice (13b1106)
  • expose JOSENotSupported key import errors on unsupported runtimes (bc81e5d)
  • typo in JOSENotSupported error when x509 certs are not supported (bb58c9c)
jose -

Published by panva almost 5 years ago

Bug Fixes

  • force iat past check when maxTokenAge option is used + JWT refactor (828ad5a)
Package Rankings
Top 0.63% on Npmjs.org
Top 8.17% on Proxy.golang.org
Top 19.68% on Repo1.maven.org
Top 0.67% on Deno.land
Related Projects
oauth4webapi

OAuth 2 / OpenID Connect for JavaScript Runtimes

02 Mar 2022 509