Skip to content

Latest commit

 

History

History
431 lines (250 loc) · 10.4 KB

jwt_encrypt.encryptjwt.md

File metadata and controls

431 lines (250 loc) · 10.4 KB

Class: EncryptJWT

jwt/encrypt.EncryptJWT

The EncryptJWT class is a utility for creating Compact JWE formatted JWT strings.

example ESM import

import { EncryptJWT } from 'jose/jwt/encrypt'

example CJS import

const { EncryptJWT } = require('jose/jwt/encrypt')

example Usage

const jwt = await new EncryptJWT({ 'urn:example:claim': true })
  .setProtectedHeader({ alg: 'dir', enc: 'A256GCM' })
  .setIssuedAt()
  .setIssuer('urn:example:issuer')
  .setAudience('urn:example:audience')
  .setExpirationTime('2h')
  .encrypt(secretKey)

console.log(jwt)

Hierarchy

  • ProduceJWT

    EncryptJWT

Table of contents

Constructors

Methods

Constructors

constructor

new EncryptJWT(payload)

Parameters

Name Type Description
payload JWTPayload The JWT Claims Set object.

Inherited from

ProduceJWT.constructor

Defined in

lib/jwt_producer.ts:10

Methods

encrypt

encrypt(key, options?): Promise<string>

Encrypts and returns the JWT.

Parameters

Name Type Description
key KeyLike Public Key or Secret to encrypt the JWT with.
options? EncryptOptions JWE Encryption options.

Returns

Promise<string>

Defined in

jwt/encrypt.ts:151


replicateAudienceAsHeader

replicateAudienceAsHeader(): EncryptJWT

Replicates the "aud" (Audience) Claim as a JWE Protected Header Parameter as per RFC7519#section-5.3.

Returns

EncryptJWT

Defined in

jwt/encrypt.ts:140


replicateIssuerAsHeader

replicateIssuerAsHeader(): EncryptJWT

Replicates the "iss" (Issuer) Claim as a JWE Protected Header Parameter as per RFC7519#section-5.3.

Returns

EncryptJWT

Defined in

jwt/encrypt.ts:122


replicateSubjectAsHeader

replicateSubjectAsHeader(): EncryptJWT

Replicates the "sub" (Subject) Claim as a JWE Protected Header Parameter as per RFC7519#section-5.3.

Returns

EncryptJWT

Defined in

jwt/encrypt.ts:131


setAudience

setAudience(audience): EncryptJWT

Set "aud" (Audience) Claim.

Parameters

Name Type Description
audience string | string[] "aud" (Audience) Claim value to set on the JWT Claims Set.

Returns

EncryptJWT

Inherited from

ProduceJWT.setAudience

Defined in

lib/jwt_producer.ts:47


setContentEncryptionKey

setContentEncryptionKey(cek): EncryptJWT

Sets a content encryption key to use, by default a random suitable one is generated for the JWE enc" (Encryption Algorithm) Header Parameter. You do not need to invoke this method, it is only really intended for test and vector validation purposes.

Parameters

Name Type Description
cek Uint8Array JWE Content Encryption Key.

Returns

EncryptJWT

Defined in

jwt/encrypt.ts:94


setExpirationTime

setExpirationTime(input): EncryptJWT

Set "exp" (Expiration Time) Claim.

Parameters

Name Type Description
input string | number "exp" (Expiration Time) Claim value to set on the JWT Claims Set. When number is passed that is used as a value, when string is passed it is resolved to a time span and added to the current timestamp.

Returns

EncryptJWT

Inherited from

ProduceJWT.setExpirationTime

Defined in

lib/jwt_producer.ts:85


setInitializationVector

setInitializationVector(iv): EncryptJWT

Sets the JWE Initialization Vector to use for content encryption, by default a random suitable one is generated for the JWE enc" (Encryption Algorithm) Header Parameter. You do not need to invoke this method, it is only really intended for test and vector validation purposes.

Parameters

Name Type Description
iv Uint8Array JWE Initialization Vector.

Returns

EncryptJWT

Defined in

jwt/encrypt.ts:110


setIssuedAt

setIssuedAt(input?): EncryptJWT

Set "iat" (Issued At) Claim.

Parameters

Name Type Description
input? number "iat" (Issued At) Claim value to set on the JWT Claims Set. Default is current timestamp.

Returns

EncryptJWT

Inherited from

ProduceJWT.setIssuedAt

Defined in

lib/jwt_producer.ts:100


setIssuer

setIssuer(issuer): EncryptJWT

Set "iss" (Issuer) Claim.

Parameters

Name Type Description
issuer string "Issuer" Claim value to set on the JWT Claims Set.

Returns

EncryptJWT

Inherited from

ProduceJWT.setIssuer

Defined in

lib/jwt_producer.ts:27


setJti

setJti(jwtId): EncryptJWT

Set "jti" (JWT ID) Claim.

Parameters

Name Type Description
jwtId string "jti" (JWT ID) Claim value to set on the JWT Claims Set.

Returns

EncryptJWT

Inherited from

ProduceJWT.setJti

Defined in

lib/jwt_producer.ts:57


setKeyManagementParameters

setKeyManagementParameters(parameters): EncryptJWT

Sets the JWE Key Management parameters to be used when encrypting. Use of this is method is really only needed for ECDH-ES based algorithms when utilizing the Agreement PartyUInfo or Agreement PartyVInfo parameters. Other parameters will always be randomly generated when needed and missing.

Parameters

Name Type Description
parameters JWEKeyManagementHeaderParameters JWE Key Management parameters.

Returns

EncryptJWT

Defined in

jwt/encrypt.ts:78


setNotBefore

setNotBefore(input): EncryptJWT

Set "nbf" (Not Before) Claim.

Parameters

Name Type Description
input string | number "nbf" (Not Before) Claim value to set on the JWT Claims Set. When number is passed that is used as a value, when string is passed it is resolved to a time span and added to the current timestamp.

Returns

EncryptJWT

Inherited from

ProduceJWT.setNotBefore

Defined in

lib/jwt_producer.ts:69


setProtectedHeader

setProtectedHeader(protectedHeader): EncryptJWT

Sets the JWE Protected Header on the EncryptJWT object.

Parameters

Name Type Description
protectedHeader JWEHeaderParameters JWE Protected Header. Must contain an "alg" (JWE Algorithm) and "enc" (JWE Encryption Algorithm) properties.

Returns

EncryptJWT

Defined in

jwt/encrypt.ts:62


setSubject

setSubject(subject): EncryptJWT

Set "sub" (Subject) Claim.

Parameters

Name Type Description
subject string "sub" (Subject) Claim value to set on the JWT Claims Set.

Returns

EncryptJWT

Inherited from

ProduceJWT.setSubject

Defined in

lib/jwt_producer.ts:37