| title | index | category | type |
|---|---|---|---|
DID JWT |
3 |
did-jwt |
reference |
ES256Kthe secp256k1 ECDSA curveES256K-Rthe secp256k1 ECDSA curve with recovery parameter
The PublicKey section of a DID document contains one or more Public Keys. We support the following types:
| Name | Encoding | Algorithm's |
|---|---|---|
Secp256k1SignatureVerificationKey2018 |
publicKeyHex |
ES256K, ES256K-R |
Secp256k1VerificationKey2018 |
publicKeyHex |
ES256K, ES256K-R |
Secp256k1VerificationKey2018 |
ethereumAddress |
ES256K-R |
| Name | Description | Required |
|---|---|---|
iss |
The DID of the signing identity | yes |
sub |
The DID of the subject of the JWT | no |
aud |
The DID or URL of the audience of the JWT. Our libraries or app will not accept any JWT that has someone else as the audience | no |
iat |
The time of issuance | yes |
exp |
Expiration time of JWT | no |
- SimpleSigner(hexPrivateKey) ⇒
function The SimpleSigner returns a configured function for signing data. It also defines an interface that you can also implement yourself and use in our other modules.
- did-jwt/JWT
- .decodeJWT(jwt) ⇒
Object - .createJWT(payload, [options]) ⇒
Promise.<Object, Error> - .verifyJWT(jwt, [options]) ⇒
Promise.<Object, Error> - .resolveAuthenticator(alg, did, auth) ⇒
Promise.<Object, Error>
- .decodeJWT(jwt) ⇒
Decodes a JWT and returns an object representing the payload
Kind: static method of did-jwt/JWT
Returns: Object - a JS object representing the decoded JWT
| Param | Type | Description |
|---|---|---|
| jwt | String |
a JSON Web Token to verify |
Example
decodeJWT('eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NksifQ.eyJpYXQiOjE1MjU5Mjc1MTcsImF1ZCI6ImRpZDp1cG9ydDoyb3NuZko0V3k3TEJBbTJuUEJYaXJlMVdmUW43NVJyVjZUcyIsImV4cCI6MTU1NzQ2MzQyMSwibmFtZSI6InVQb3J0IERldmVsb3BlciIsImlzcyI6ImRpZDp1cG9ydDoyb3NuZko0V3k3TEJBbTJuUEJYaXJlMVdmUW43NVJyVjZUcyJ9.R7owbvNZoL4ti5ec-Kpktb0datw9Y-FshHsF5R7cXuKaiGlQz1dcOOXbXTOb-wg7-30CDfchFERR6Yc8F61ymw')
Creates a signed JWT given an address which becomes the issuer, a signer, and a payload for which the signature is over.
Kind: static method of did-jwt/JWT
Returns: Promise.<Object, Error> - a promise which resolves with a signed JSON Web Token or rejects with an error
| Param | Type | Description |
|---|---|---|
| payload | Object |
payload object |
| [options] | Object |
an unsigned credential object |
| options.issuer | String |
The DID of the issuer (signer) of JWT |
| options.alg | String |
The JWT signing algorithm to use. Supports: [ES256K, ES256K-R], Defaults to: ES256K |
| options.signer | SimpleSigner |
a signer, reference our SimpleSigner.js |
Example
const signer = SimpleSigner(process.env.PRIVATE_KEY)
createJWT({address: '5A8bRWU3F7j3REx3vkJ...', signer}, {key1: 'value', key2: ..., ... }).then(jwt => {
...
})
Verifies given JWT. If the JWT is valid, the promise returns an object including the JWT, the payload of the JWT, and the did doc of the issuer of the JWT.
Kind: static method of did-jwt/JWT
Returns: Promise.<Object, Error> - a promise which resolves with a response object or rejects with an error
| Param | Type | Description |
|---|---|---|
| jwt | String |
a JSON Web Token to verify |
| [options] | Object |
an unsigned credential object |
| options.auth | Boolean |
Require signer to be listed in the authentication section of the DID document (for Authentication purposes) |
| options.audience | String |
DID of the recipient of the JWT |
| options.callbackUrl | String |
callback url in JWT |
Example
verifyJWT('did:uport:eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NksifQ.eyJyZXF1Z....', {audience: '5A8bRWU3F7j3REx3vkJ...', callbackUrl: 'https://...'}).then(obj => {
const did = obj.did // DID of signer
const payload = obj.payload
const doc = obj.doc // DID Document of signer
const jwt = obj.jwt
const signerKeyId = obj.signerKeyId // ID of key in DID document that signed JWT
...
})
Resolves relevant public keys or other authenticating material used to verify signature from the DID document of provided DID
Kind: static method of did-jwt/JWT
Returns: Promise.<Object, Error> - a promise which resolves with a response object containing an array of authenticators or if non exist rejects with an error
| Param | Type | Description |
|---|---|---|
| alg | String |
a JWT algorithm |
| did | String |
a Decentralized IDentifier (DID) to lookup |
| auth | Boolean |
Restrict public keys to ones specifically listed in the 'authentication' section of DID document |
Example
resolveAuthenticator('ES256K', 'did:uport:2nQtiQG6Cgm1GYTBaaKAgr76uY7iSexUkqX').then(obj => {
const payload = obj.payload
const profile = obj.profile
const jwt = obj.jwt
...
})
The SimpleSigner returns a configured function for signing data. It also defines an interface that you can also implement yourself and use in our other modules.
Kind: global function
Returns: function - a configured signer function
| Param | Type | Description |
|---|---|---|
| hexPrivateKey | String |
a hex encoded private key |
Example
const signer = SimpleSigner(process.env.PRIVATE_KEY)
signer(data, (err, signature) => {
...
})