Create an Encrypted JWT (JWE)
Set up dependencies and aliaes:
const { JWK } = require('node-jose');
const { JWE } = require('node-jose');
Set content encryption algorithm:
var contentAlg = "A256CBC-HS512";
Get he server/recipient key
var skey =
{
"kty": "RSA",
"kid":"pdmN_UI10XD6wy44jm-JkHmJOFxevse_2jio8cH1lRw",
"use": "enc",
"n":"3ZWrUY0Y6IKN1qI4BhxR2C7oHVFgGPYkd38uGq1jQNSqEvJFcN93CYm16_G78FAFKWqwsJb3Wx-nbxDn6LtP4AhULB1H0K0g7_jLklDAHvI8yhOKlvoyvsUFPWtNxlJyh5JJXvkNKV_4Oo12e69f8QCuQ6NpEPl-cSvXIqUYBCs",
"e": "AQAB",
"alg": "RSA-OAEP",
"key_ops":["wrap","verify"]
};
Make the server/recipient key a JWK:
var key = await JWK.asKey(skey);
Create the token payload/claim set:
var payload = JSON.stringify({"sub": "1234567890", "name": "Eric D.", "role": "admin","iat": 1516239022});
Set up the encryption options:
var options =
{
compact: true,
contentAlg: contentAlg,
protect: Object.keys(
{
"alg": key.alg,
"kid": key.kid,
"enc": contentAlg
}),
fields:
{
"alg": key.alg,
"kid": key.kid,
"enc": contentAlg
}
};
encrypt. the payload should be read in as a "utf8" encoding. Buffer automatically generated in update().
var token = await JWE.createEncrypt(options, key).update(payload, "utf8").final();
no comments
sign in to comment