Since we are creating public and private key pairs programmetically for demo purpose, I dumped the private key via console log. We are using that private key to decode the JWE token created in this demo. https://runkit.com/lilanga/64d9b97fcec0ce0009767e99
const jose = require('node-jose');
// Load the private key for decryption and verification
const privateKey = `-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAs3FjNUS1ma1QDLxbY3CbpKdDOYXoCXTabUToEobYWn1YJ0/L
FVzC+wif8Fqn2pxXr4Zv+O4ZXIfjR7ENbZcHrXlzolOg5cWswEHonb4inlR1iRPD
pK7x3JmZU/lqhkegJmg+w/byMvwEFGI+Fh/yv/kVyvpYpNfLZA//IIaggoDqOAwA
mmdilMqW0lK5bqOEy1H8mK2dHuCRUhGi6bhbmywGhNN3L+G1pEehMb84A7WtOnaL
IesK5d2FM72t51/GYMkwkonRguB1WEyqg2QrJ0yeiXBKfo1p1SG+piqcv6Lu9tot
W8HzaIiPiwFTJCFNaLSEZEDuwsuxzlTbaeJoEwIDAQABAoIBAAlAlkgdBVdprMrN
/CZUnD8xUqbeJS3g+mbk79RjYzdzPBQ21IwC7u4eWTooP9G7+vd1cUOUFKGv7gOj
I5lGzsyz35xQlJIUZF5mEkDumKlc8HyDajSNGAfIXF63PwtdGRWx4qlHC+DzcUsT
GmFt/0hvvEnC08btdjLFcmGydLHrLm38Pu45Y3rz1zkqp9/zjQ6MhFKnsSiOsXEj
vz+uydPXNsvYiXuOm+BM1FrzU2JmiRYhse4AlJSg7ns3PWlig1Y5kzzzpPKjSLqy
Oansf96n/d3BjdpDG2k6TkM2aYW5F8cx4e2xuG5WNM/xWpsXOSsUKe5W3eKJc/Su
QzJHzT0CgYEAuswYZs2/wyY2Rx0Du48qyt0eocjfFUIRbBwwBRyDtC85ZJv5pMmD
ih1x2z/m13T4Rj9WYaEoNJemR7IvzTqSUi37pnWERMAPd9yyYvCFICf5YAFu/k2U
Jpw+sUosn5+Hx8mmR8t/uHi3Yj+LFDvDGJnJbxXz5tfaanaoeRkGa8cCgYEA9evO
Qh/DQlMKyLgOwhQxP2i4svgCD30ps6yOFrRd5Bgkr4qh/QT5PV/q5eS86ifKVSpD
jJrsFM2NTlaognkDyzBY8AgSHucWR/4cyK4LIycIdNtBwn09eEc2zcJD6JWsm+K+
0MZQSVoOyEwxuzS+zcRGO3zh4QkoN3YCu4sUaVUCgYBfLy7j+8XSeD9CP2uugEaK
9t/sCsJ6P59HGpnxkNUf1MyHEt/D85deoqBo24gSlB0LFq06tHcbTYdCk26+QjFb
ROktqkZLDh8TsdcIiY0clKIDJNfdJ8TtY8KibqyMbisvR/a+MNkVNBYmL0D8f3Nr
rrmxLFuLbsRyaaJxiqn18wKBgQDVc5tPoaolg1a06a1Fn6kvVIIcNU/0ibsMjRW3
d06XkK0nALmhmBONxhdo+6VNyMPCMDD5de68D7465NTWiptUXd6UWS0BTar1SgdJ
2GcqV9LrOvRVD8evAoD7D0dKNb/gfmsJY1iEknqKODhiOWHz0Az1zWtxnDUgDnpI
tms9EQKBgFozH4cpZJMr8gWwr3CnLLff17zcqiVewugIJp5awb9IVWc1QBZQvjPe
fJLp2k6AZaRTDqcCKiXeog6GBFfRVkrg6Rv7rH+pFELj8VG3XVEU9ylEiOVubnlp
HbuYQ6DdguRt+eOGtzz6NwIcNmiCwSHvgsWXTX63c5h94HrKxJFJ
-----END RSA PRIVATE KEY-----`;
Create decode function to decode and verify JWE token
async function decodeAndVerifyJWE(jweToken) {
// create a key store
const keystore = jose.JWK.createKeyStore();
// Add the private key to the key store
await keystore.add(privateKey, "pem");
// Parse the JWE token
const parsedJWE = await jose.JWE.createDecrypt(keystore).decrypt(jweToken);
// Get the payload
const payload = parsedJWE.plaintext.toString();
console.log('Decoded and verified payload:', payload);
}
Lets call the function with the token we created in the other runkit notebook
// this is the JWT token we created in other runkit notebook
const jweToken = 'eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6IkpLUEdNOXd5Z294aEpUdWZJNTRrN3VOV1FPd2RQN29semhoRG4yUDhvb1EiLCJlbmMiOiJBMjU2R0NNIn0.msHw9-TKjFUK9v4FD0Q8YJyJdEO111TmE8aXAI6FyyCcC_epfrbELrmYHSehn5imMs6iacoW3w3d51Py3FdGCSKIGBomocVlOFobW577FqcCbVhHsh8YU_fbsR5i1G_0eBOwuHr3sfoK0tPeFMbCCIs-NKxDkALSkj9ZV8L_xmadCAKyhAPvB9AZjisz1QtlQIlTsalT5b6czfcb0WeFkwXuE76dCVum6Bmd1tv7WcBiLH3xYiyizUCQBtF-zyLBx3qSG665rbaNTJaYuC79pY9h6yoa9OGLX3Z6joGaisbkUybzmgP8xOyHtib5WHXIIb_7KSiaOBZvuxsY8YTsdQ.xJBINXKV622ZLTE5.LoTbMIkjpw_U3fcBKfxvLWSwR0wzKksrgWRNl_-_Xx3q9kaXhVzHGVXZJOg_WgtjfM0yQYtxBCIIyNnvT3oYMmjvWE7ls562t1pkZmHnqNLek9FsPKR1cIe3GiFZ6iZcRyFliNVZw-rrF7UULAWFVVEmp9qfv2eU7c3Cyq45TyH6Hg3QsyLR5Wpx91FmarfxzAfqTNsq1LCxuBq9ApIJl-vf3DJDL07f8_M_Gh5YBTKZked-WtV_7hEdzGVT19vvuH4DuJmXiBDW4kkxJQi4WOKUgGcneY8bd5RNWHatvOzn4CP2QgRj.kuCJJE_Da07kfVcV1aTZbg';
decodeAndVerifyJWE(jweToken).catch((error) => {
console.error('Error:', error);
});
no comments
sign in to comment