Formed in 2009, the Archive Team (not to be confused with the archive.org Archive-It Team) is a rogue archivist collective dedicated to saving copies of rapidly dying or deleted websites for the sake of history and digital heritage. The group is 100% composed of volunteers and interested parties, and has expanded into a large amount of related projects for saving online and digital history.
djwt
Create and verify JSON Web Tokens with deno.
API
create
Takes a header, payload and key and returns the url-safe encoded jwt.
import { create } from "https://deno.land/x/djwt@$VERSION/mod.ts"
const jwt = await create({ alg: "HS512", typ: "JWT" }, { foo: "bar" }, "secret")
// eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJmb28iOiJiYXIifQ.WePl7achkd0oGNB8XRF_LJwxlyiPZqpdNgdKpDboAjSTsWq-aOGNynTp8TOv8KjonFym8vwFwppXOLoLXbkIaQverify
Takes a jwt, key and an algorithm and returns the payload of the jwt
if the jwt is valid. Otherwise it throws an Error.
import { verify } from "https://deno.land/x/djwt@$VERSION/mod.ts"
const payload = await verify(jwt, "secret", "HS512") // { foo: "bar" }decode
Takes a jwt and returns an object with the header, payload and signature
properties if the jwt is valid (without signature verification). Otherwise it
throws an Error.
import { decode } from "https://deno.land/x/djwt@$VERSION/mod.ts"
const jwt =
"eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJmb28iOiJiYXIifQ.WePl7achkd0oGNB8XRF_LJwxlyiPZqpdNgdKpDboAjSTsWq-aOGNynTp8TOv8KjonFym8vwFwppXOLoLXbkIaQ"
const { payload, signature, header } = decode(jwt)
// { header: { alg: "HS512", typ: "JWT" }, payload: { foo: "bar" }, signature: "59e3e5eda72191dd2818d07c5d117f2c9c3197288f66aa5d36074aa436e8023493b16abe68e18dca74e9f133aff0a8e89c5ca6f2fc05c29a5738ba0b5db90869" }getNumericDate
This helper function simplifies setting a
NumericDate. It takes either a
Date object or a number (in seconds) and returns the number of seconds from
1970-01-01T00:00:00Z UTC until the specified UTC date/time.
// A specific date:
getNumericDate(new Date("2025-07-01"))
// One hour from now:
getNumericDate(60 * 60)Claims
Expiration Time (exp)
The optional exp claim in the payload identifies the expiration time on or after which the JWT must not be accepted for processing. Its value must be a number containing a NumericDate value. This module checks if the current date/time is before the expiration date/time listed in the exp claim.
const jwt = await create(header, { exp: getNumericDate(60 * 60) }, "secret")Not Before (nbf)
The optional nbf (not before) claim identifies the time before which the jwt must not be accepted for processing. Its value must be a number containing a NumericDate value.
Algorithms
The following signature and MAC algorithms have been implemented:
- HS256 (HMAC SHA-256)
- HS512 (HMAC SHA-512)
- RS256 (RSASSA-PKCS1-v1_5 SHA-256)
- none (Unsecured JWTs).
Serialization
This application uses the JWS Compact Serialization only.
Specifications
Contribution
Every kind of contribution to this project is highly appreciated. Please run
deno fmt on the changed files before making a pull request.
Big Thank you to timreichen and all the other amazing contributors.
