An implementation of JSON Web Tokens for Salesforce Commerce Cloud SFRA.
Install the cartridge on server & add it to cartridge path.
Returns the JsonWebToken as string.
payload
is an object literal representing valid JSON.
options
:
privateKeyOrSecret
is a string containing either the secret for HMAC algorithms or the private key for RSA.algorithm
HS256, RS256 or similarkid
Sign with HMAC SHA256
var jwt = require('plugin_jwt');
var options = {};
options.privateKeyOrSecret = 'my_secret';
options.algorithm = 'HS256';
var token = jwt.sign({ foo: 'bar' }, options);
Sign with RSA SHA256
var privateKey = 'my_private_key';
var options = {};
options.privateKeyOrSecret = privateKey;
options.algorithm = 'RS256';
var token = jwt.sign({ foo: 'bar' }, options);
Returns a boolean signifying if the signature is valid or not.
token
is the JsonWebToken string
options
:
publicKeyOrSecret
is a string containing either the secret for HMAC algorithms or the public key for RSA or a function which will return an appropriate JSON Web Key Set for a kid. This function should return a modulus & exponential which then will be used to generate a DER format of public key. NotePKCS#1
is not supported by SFCC, so you'd have to convert your pem to useX.509/SPKI
format.ignoreExpiration
is a boolean to skip JWT expiration time verification.audience
is a string containing JWT audience.issuer
is a string containing JWT issuer.
Verify HMAC SHA256
var jwt = require('plugin_jwt');
var token = 'my_token';
var options = {};
options.publicKeyOrSecret = 'my_secret';
var isValid = jwt.verify(token, options);
Verify RSA SHA256
var publicKey = 'my_public_key';
var token = 'my_token';
var options = {};
options.publicKeyOrSecret = publicKey;
var isValid = jwt.verify(token, options);
Returns the decoded payload without verifying if the signature is valid.
token
is the JsonWebToken string
var decoded = jwt.decode(token);
Array of supported algorithms. The following algorithms are currently supported.
alg Parameter Value | Digital Signature or MAC Algorithm |
---|---|
HS256 | HMAC using SHA-256 hash algorithm |
HS384 | HMAC using SHA-384 hash algorithm |
HS512 | HMAC using SHA-512 hash algorithm |
RS256 | RSA using SHA-256 hash algorithm |
RS384 | RSA using SHA-384 hash algorithm |
RS512 | RSA using SHA-512 hash algorithm |
PS256 | RSA-PSS using SHA-256 hash algorithm |
PS384 | RSA-PSS using SHA-384 hash algorithm |
Check JWTTest.js
controller for SFRA example.
This repository is heavily inspired from node-js repo jsonwebtoken