• Stars
    star
    304
  • Rank 137,274 (Top 3 %)
  • Language
    JavaScript
  • License
    MIT License
  • Created over 5 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

PASETO (Platform-Agnostic SEcurity TOkens) for Node.js with no dependencies

paseto

PASETO: Platform-Agnostic SEcurity TOkens for Node.js with no dependencies.

Implemented Protocol Versions

v1 v2 v3 v4
local βœ… ❌ βœ… ❌
public βœ… βœ… βœ… βœ…

Support

If you or your business use paseto, please consider becoming a sponsor so I can continue maintaining it and adding new features carefree.

Documentation

Usage

Installing paseto

npm install paseto

Usage

const paseto = require('paseto')

// Generic (all versions) APIs
const { decode } = paseto

// PASETO Protocol Version v1 specific API
const { V1 } = paseto // { sign, verify, encrypt, decrypt, generateKey }

// PASETO Protocol Version v2 specific API
const { V2 } = paseto // { sign, verify, generateKey }

// PASETO Protocol Version v3 specific API
const { V3 } = paseto // { sign, verify, encrypt, decrypt, generateKey }

// PASETO Protocol Version v4 specific API
const { V4 } = paseto // { sign, verify, generateKey }

// errors utilized by paseto
const { errors } = paseto

Producing tokens

const { V4: { sign } } = paseto

(async () => {
  {
    const token = await sign({ sub: 'johndoe' }, privateKey)
    // v4.public.eyJzdWIiOiJqb2huZG9lIiwiaWF0IjoiMjAyMS0wOC0wM1QwNTozOTozNy42NzNaIn3AW3ri7P5HpdakJmZvhqssz7Wtzi2Rb3JafwKplLoCWuMkITYOo5KNNR5NMaeAR6ePZ3xWUcbO0R11YLb02awO
  }
})()

Consuming tokens

const { V4: { verify } } = paseto

(async () => {
  {
    const payload = await verify(token, publicKey)
    // { sub: 'johndoe', iat: '2019-07-01T15:22:47.982Z' }
  }
})()

FAQ

Supported Library Versions

Version Security Fixes πŸ”‘ Other Bug Fixes 🐞 New Features ⭐ Node.js version supported
3.x.x βœ… βœ… βœ… >= 16.0.0
2.x.x βœ… ❌ ❌ ^12.19.0 || >=14.15.0
1.x.x βœ… ❌ ❌ >= 12.0.0

Semver?

Yes. Everything that's either exported in the TypeScript definitions file or documented is subject to Semantic Versioning 2.0.0. The rest is to be considered private API and is subject to change between any versions.

How do I use it outside of Node.js

It is only built for Node.js environment versions >=16.0.0

More Repositories

1

jose

"JSON Web Almost Everything" - JWA, JWS, JWE, JWT, JWK, JWKS for Node.js, Browser, Cloudflare Workers, Deno, Bun, and other Web-interoperable runtimes.
TypeScript
3,506
star
2

node-oidc-provider

OpenID Certifiedβ„’ OAuth 2.0 Authorization Server implementation for Node.js
JavaScript
2,852
star
3

node-openid-client

OpenID Certifiedβ„’ Relying Party (OpenID Connect/OAuth 2.0 Client) implementation for Node.js.
JavaScript
1,589
star
4

oauth4webapi

OAuth 2 / OpenID Connect for JavaScript Runtimes
TypeScript
273
star
5

node-oidc-provider-example

A step-by-step approach to getting an OpenID Connect Provider instance up and running using oidc-provider
JavaScript
130
star
6

dpop

DPoP for Web Platform API JavaScript runtimes
TypeScript
24
star
7

oidc-token-hash

Create and validate hashes pushed by OpenID Connect providers to ID Tokens.
JavaScript
19
star
8

hkdf

HKDF with no dependencies using runtime's native crypto in Node.js, Browser, Cloudflare Workers, Electron, and Deno.
JavaScript
19
star
9

jwterminal

a quick script pulled together to get jwt.io-like JWT debugging in your terminal
JavaScript
7
star
10

personalausweis

German ID Card Validation in node.js
JavaScript
7
star
11

openid-client-cli

CLI for managing dynamic OpenID Connect client registrations.
JavaScript
5
star
12

oidc-provider-conformance-tests

OpenID Connect Provider conformance test suite for oidc-provider library
JavaScript
5
star
13

it-should-just-work

TypeScript
1
star
14

jose-x25519-ecdh

!DEPRECATED! ECDH-ES implementation for X25519 keys extension for the jose module.
JavaScript
1
star
15

fetch-node-release

Fetch latest Node.js release version by keyword such as "stable", "lts/carbon" or "lts/*".
JavaScript
1
star
16

panva

1
star
17

openid-client-conformance-tests

OpenID Connect Relying Party conformance test suite for openid-client library
JavaScript
1
star
18

jose-chacha

!DEPRECATED! ChaCha derived AEAD algorithms extension for the `jose` (v2.x) Node.js package
JavaScript
1
star
19

keyobject-to-cryptokey

Converts KeyObject instances to CryptoKey for use with a given JSON Web Algorithm
TypeScript
1
star