SiddharthaChowdhury · July 23, 2024 06:53 · May 2, 2018 · May 2, 2018 · May 2, 2018 · May 1, 2018
diff --git a/jwt-module.js b/jwt-module.js
@@ -41,7 +41,11 @@ module.exports = {
 			expiresIn: 	"30d",
 			algorithm: 	["RS256"]
 		};
-		return jwt.verify(token, publicKEY, verifyOptions);
+		try {
+			return jwt.verify(token, publicKEY, verifyOptions);
+		}catch(err){
+			return false;
+		}
 	}, 
 
 	decode: (token) => {

diff --git a/jwt-using-key-files.js → jwt-script-files.js b/jwt-using-key-files.js → jwt-script-files.js
diff --git a/jwt-module.js b/jwt-module.js
@@ -0,0 +1,50 @@
+const fs 		= require('fs');
+const jwt 		= require('jsonwebtoken');
+// http://travistidwell.com/blog/2013/09/06/an-online-rsa-public-and-private-key-generator/
+// use 'utf8' to get string instead of byte array  (1024 bit key)
+var privateKEY 	= fs.readFileSync('./private.key', 'utf8'); // to sign JWT
+var publicKEY 	= fs.readFileSync('./public.key', 'utf8'); 	// to verify JWT
+
+module.exports = {
+	sign: (payload, $Options) => {
+		/*
+			sOptions = {
+				issuer: "Authorizaxtion/Resource/This server",
+				subject: "iam@user.me", 
+				audience: "Client_Identity" // this should be provided by client
+			}
+		*/
+
+		// Token signing options
+		var signOptions = {
+			issuer: 	$Options.issuer,
+			subject: 	$Options.subject,
+			audience: 	$Options.audience,
+			expiresIn: 	"30d",				// 30 days validity
+			algorithm: 	"RS256" 			// RSASSA options[ "RS256", "RS384", "RS512" ]
+		};
+		return jwt.sign(payload, privateKEY, signOptions);
+	},
+
+	verify: (token, $Option) => {
+		/*
+			vOption = {
+				issuer: "Authorization/Resource/This server",
+				subject: "iam@user.me", 
+				audience: "Client_Identity" // this should be provided by client
+			}		
+		*/
+		var verifyOptions = {
+			issuer: 	$Option.issuer,
+			subject: 	$Option.subject,
+			audience: 	$Option.audience,
+			expiresIn: 	"30d",
+			algorithm: 	["RS256"]
+		};
+		return jwt.verify(token, publicKEY, verifyOptions);
+	}, 
+
+	decode: (token) => {
+		return jwt.decode(token, {complete: true});
+	}
+}
diff --git a/jwt-using-key-files.js b/jwt-using-key-files.js
@@ -1,9 +1,7 @@
 'use strict';
 
-const path = require('path');
 const fs = require('fs');
-
-var jwt = require('jsonwebtoken');
+const jwt = require('jsonwebtoken');
 
 // http://travistidwell.com/blog/2013/09/06/an-online-rsa-public-and-private-key-generator/
 // use 'utf8' to get string instead of byte array 
@@ -36,7 +34,7 @@ var signOptions = {
 	subject: 	s,
 	audience: 	a,
 	expiresIn: 	"12h",
-	algorithm: 	"RS384" 			// RSASSA options[ "RS256", "RS384", "RS512" ]
+	algorithm: 	"RS256" 			// RSASSA options[ "RS256", "RS384", "RS512" ]
 };
 var token = jwt.sign(payload, privateKEY, signOptions);
 console.log("Token :" + token);
@@ -49,7 +47,7 @@ var verifyOptions = {
 	subject: 	s,
 	audience: 	a,
 	expiresIn: 	"12h",
-	algorithm: 	["RS384"]
+	algorithm: 	["RS256"]
 };
 
 var legit = jwt.verify(token, publicKEY, verifyOptions);

diff --git a/jwt-using-key-files.js b/jwt-using-key-files.js
@@ -27,7 +27,7 @@ var payload = {
 
 // To make the JWT more efficient we need 3 things
 var i 	= 'Mysoft corp';			// Issuer (Software organization who issues the token)
-var s 	= '[email protected]';		// Subject (intended user of the token)
+var s 	= '[email protected]';			// Subject (intended user of the token)
 var a 	= 'http://mysoftcorp.in';	// Audience (Domain within which this token will live and function)
 
 // Token signing options
@@ -36,15 +36,14 @@ var signOptions = {
 	subject: 	s,
 	audience: 	a,
 	expiresIn: 	"12h",
-	algorithm: 	"RS384" // RSASSA options[ "RS256", "RS384", "RS512" ]
+	algorithm: 	"RS384" 			// RSASSA options[ "RS256", "RS384", "RS512" ]
 };
 var token = jwt.sign(payload, privateKEY, signOptions);
-console.log(token);
+console.log("Token :" + token);
 
 /*
  ====================   JST Verify =====================
 */
-
 var verifyOptions = {
 	issuer: 	i,
 	subject: 	s,
@@ -56,3 +55,8 @@ var verifyOptions = {
 var legit = jwt.verify(token, publicKEY, verifyOptions);
 console.log("\nJWT verification result: " + JSON.stringify(legit));
 
+/*
+ ====================   JST Decode =====================
+*/
+var decoded =  jwt.decode(token, {complete: true});
+console.log("\nDecoded jwt: "+ JSON.stringify(decoded));
diff --git a/jwt-using-key-files.js b/jwt-using-key-files.js
@@ -0,0 +1,58 @@
+'use strict';
+
+const path = require('path');
+const fs = require('fs');
+
+var jwt = require('jsonwebtoken');
+
+// http://travistidwell.com/blog/2013/09/06/an-online-rsa-public-and-private-key-generator/
+// use 'utf8' to get string instead of byte array 
+var privateKEY 	= fs.readFileSync('./private.key', 'utf8'); // to sign JWT
+var publicKEY 	= fs.readFileSync('./public.key', 'utf8'); 	// to verify JWT
+
+
+/*
+ ====================   JST Signing =====================
+*/
+
+// Remember you dont want the payload to be as small as possible in size
+// Because 1. You gonna have to pass it in each request 
+// Because 2. Informations are sensitive, even though JST is encryped, yet it sits inside unreliable client system
+var payload = {
+	data1: "Data 1",
+	data2: "Data 2",
+	data3: "Data 3",
+	data4: "Data 4",
+};
+
+// To make the JWT more efficient we need 3 things
+var i 	= 'Mysoft corp';			// Issuer (Software organization who issues the token)
+var s 	= '[email protected]';		// Subject (intended user of the token)
+var a 	= 'http://mysoftcorp.in';	// Audience (Domain within which this token will live and function)
+
+// Token signing options
+var signOptions = {
+	issuer: 	i,
+	subject: 	s,
+	audience: 	a,
+	expiresIn: 	"12h",
+	algorithm: 	"RS384" // RSASSA options[ "RS256", "RS384", "RS512" ]
+};
+var token = jwt.sign(payload, privateKEY, signOptions);
+console.log(token);
+
+/*
+ ====================   JST Verify =====================
+*/
+
+var verifyOptions = {
+	issuer: 	i,
+	subject: 	s,
+	audience: 	a,
+	expiresIn: 	"12h",
+	algorithm: 	["RS384"]
+};
+
+var legit = jwt.verify(token, publicKEY, verifyOptions);
+console.log("\nJWT verification result: " + JSON.stringify(legit));
+
diff --git a/private.key b/private.key
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXgIBAAKBgQDRry8T/ef/FM51TBe0/Qs16pPAKlA6oncQRZbIdzmGOxH0H7Pw
+DDOEe90k2JLkiO0CifofkV08m4nZ6EIH6slwdRtZKkRP6FfnRZcirtPpAWcpGDuK
+rKS5XGxIsrzD6vlnm6D2rvxrcnCDt6e8TSx5vFkbG9Emb6DmoFqcn+2MSQIDAQAB
+AoGBALsql2hN9T7w0JVNNcAdO1uGJxqZ6oFcMdE5fK02FwflRFJX1iMIkRfKBIz2
+MLCENKNWjAiPld0arULwGbi9b84tesgi3q6DdPOr99vvfLO3lK+4geno2FpbobXh
+n59f0anpjhUu7hSPH+lMX4XhTTZ0DhJoEyHdp9SmcTGIEYNxAkEA/z1stHqnej58
+1yBdSOZfyKed2gRZWt6eJ+9AdZtMm0REtsyvDM6lBj82mPPAWVTQlwm8A8TIcHTm
+2FWXXGtxpQJBANJPB/l1OjHFqQGeQegbSacPbdj+HOAJZ/VRh/R/Z4QTostgqcty
+9bOa1IDg1G2OQaGbk1prPgIR+Q7xx13LptUCQQCBGBUyF1M7vf0wZXspEvPhLf3l
+tgtnrW76rcTBdwHBCj9i4ZWr+Zx302MO60IfLImvysmgclgaoNXdFzVOFj3NAkBI
+SuJy3dkjQs7Vv5DoOHkY9DTOYouKd7FEosIZSbJLtHRBdPjo9pt/Ibnqk15ySnRF
+GTWN309xZrw2ZuYhV+ABAkEA+TM/GNX2Dnh4imIn+EEJ34mLThc8kVBdzW7KGpk0
+Ex+c5++6k3ZHcjuPmZV3BwKebX4nz6HEjHtX3UPa5nNM0g==
+-----END RSA PRIVATE KEY-----
diff --git a/public.key b/public.key
@@ -0,0 +1,6 @@
+-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDRry8T/ef/FM51TBe0/Qs16pPA
+KlA6oncQRZbIdzmGOxH0H7PwDDOEe90k2JLkiO0CifofkV08m4nZ6EIH6slwdRtZ
+KkRP6FfnRZcirtPpAWcpGDuKrKS5XGxIsrzD6vlnm6D2rvxrcnCDt6e8TSx5vFkb
+G9Emb6DmoFqcn+2MSQIDAQAB
+-----END PUBLIC KEY-----