deno.land / x / jose@v5.2.4 / jwt / verify.ts
12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970import { compactVerify } from '../jws/compact/verify.ts'import type { JWTPayload, KeyLike, VerifyOptions, JWTClaimVerificationOptions, JWTHeaderParameters, GetKeyFunction, FlattenedJWSInput, JWTVerifyResult, ResolvedKey,} from '../types.d.ts'import jwtPayload from '../lib/jwt_claims_set.ts'import { JWTInvalid } from '../util/errors.ts'
/** Combination of JWS Verification options and JWT Claims Set verification options. */export interface JWTVerifyOptions extends VerifyOptions, JWTClaimVerificationOptions {}
/** * Interface for JWT Verification dynamic key resolution. No token components have been verified at * the time of this function call. * * @see [createRemoteJWKSet](../functions/jwks_remote.createRemoteJWKSet.md#function-createremotejwkset) to verify using a remote JSON Web Key Set. */export interface JWTVerifyGetKey extends GetKeyFunction<JWTHeaderParameters, FlattenedJWSInput> {}
/** * Verifies the JWT format (to be a JWS Compact format), verifies the JWS signature, validates the * JWT Claims Set. * * @param jwt JSON Web Token value (encoded as JWS). * @param key Key to verify the JWT with. See * {@link https://github.com/panva/jose/issues/210#jws-alg Algorithm Key Requirements}. * @param options JWT Decryption and JWT Claims Set validation options. */export async function jwtVerify<PayloadType = JWTPayload>( jwt: string | Uint8Array, key: KeyLike | Uint8Array, options?: JWTVerifyOptions,): Promise<JWTVerifyResult<PayloadType>>
/** * @param jwt JSON Web Token value (encoded as JWS). * @param getKey Function resolving a key to verify the JWT with. See * {@link https://github.com/panva/jose/issues/210#jws-alg Algorithm Key Requirements}. * @param options JWT Decryption and JWT Claims Set validation options. */export async function jwtVerify<PayloadType = JWTPayload, KeyLikeType extends KeyLike = KeyLike>( jwt: string | Uint8Array, getKey: JWTVerifyGetKey, options?: JWTVerifyOptions,): Promise<JWTVerifyResult<PayloadType> & ResolvedKey<KeyLikeType>>
export async function jwtVerify( jwt: string | Uint8Array, key: KeyLike | Uint8Array | JWTVerifyGetKey, options?: JWTVerifyOptions,) { const verified = await compactVerify(jwt, <Parameters<typeof compactVerify>[1]>key, options) if (verified.protectedHeader.crit?.includes('b64') && verified.protectedHeader.b64 === false) { throw new JWTInvalid('JWTs MUST NOT use unencoded payload') } const payload = jwtPayload(verified.protectedHeader, verified.payload, options) const result = { payload, protectedHeader: verified.protectedHeader } if (typeof key === 'function') { return { ...result, key: verified.key } } return result}
Version Info