Very Popular
12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127import { create, decode, getNumericDate, Header, Payload, validate, verify,} from "../mod.ts";
import { assertEquals, assertRejects, assertThrows, decodeHex,} from "./test_deps.ts";
const header: Header = { alg: "HS256", typ: "JWT",};
const payload: Payload = { name: "John Doe",};
const keyHS256 = await crypto.subtle.importKey( "raw", new TextEncoder().encode("secret"), { name: "HMAC", hash: "SHA-256" }, false, ["sign", "verify"],);
const keyHS384 = await crypto.subtle.generateKey( { name: "HMAC", hash: "SHA-384" }, true, ["sign", "verify"],);
const keyHS512 = await crypto.subtle.importKey( "raw", new TextEncoder().encode("secret"), { name: "HMAC", hash: "SHA-512" }, false, ["sign", "verify"],);
const keyRS256 = await window.crypto.subtle.generateKey( { name: "RSASSA-PKCS1-v1_5", modulusLength: 4096, publicExponent: new Uint8Array([1, 0, 1]), hash: "SHA-256", }, true, ["verify", "sign"],);const keyRS384 = await window.crypto.subtle.generateKey( { name: "RSASSA-PKCS1-v1_5", modulusLength: 4096, publicExponent: new Uint8Array([1, 0, 1]), hash: "SHA-384", }, true, ["verify", "sign"],);const keyRS512 = await window.crypto.subtle.generateKey( { name: "RSASSA-PKCS1-v1_5", modulusLength: 4096, publicExponent: new Uint8Array([1, 0, 1]), hash: "SHA-512", }, true, ["verify", "sign"],);
const keyPS256 = await window.crypto.subtle.generateKey( { name: "RSA-PSS", // Consider using a 4096-bit key for systems that require long-term security modulusLength: 2048, publicExponent: new Uint8Array([1, 0, 1]), hash: "SHA-256", }, true, ["sign", "verify"],);
const keyPS384 = await window.crypto.subtle.generateKey( { name: "RSA-PSS", // Consider using a 4096-bit key for systems that require long-term security modulusLength: 2048, publicExponent: new Uint8Array([1, 0, 1]), hash: "SHA-384", }, true, ["sign", "verify"],);
const keyPS512 = await window.crypto.subtle.generateKey( { name: "RSA-PSS", // Consider using a 4096-bit key for systems that require long-term security modulusLength: 2048, publicExponent: new Uint8Array([1, 0, 1]), hash: "SHA-512", }, true, ["sign", "verify"],);
const keyES256 = await window.crypto.subtle.generateKey( { name: "ECDSA", namedCurve: "P-256", }, true, ["sign", "verify"],);
const keyES384 = await window.crypto.subtle.generateKey( { name: "ECDSA", namedCurve: "P-384", }, true, ["sign", "verify"],);
// P-521 is not yet supported.// const keyES512 = await window.crypto.subtle.generateKey(// {// name: "ECDSA",// namedCurve: "P-521",// },// true,// ["sign", "verify"],// );
Deno.test({ name: "[jwt] create", fn: async function () { assertEquals( await create( header, payload, keyHS256, ), "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoiSm9obiBEb2UifQ.xuEv8qrfXu424LZk8bVgr9MQJUIrp1rHcPyZw_KSsds", ); assertEquals( await create( { alg: "HS512", typ: "JWT", }, {}, keyHS512, ), "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.e30.dGumW8J3t2BlAwqqoisyWDC6ov2hRtjTAFHzd-Tlr4DUScaHG4OYqTHXLHEzd3hU5wy5xs87vRov6QzZnj410g", ); assertEquals( await create({ alg: "HS512", typ: "JWT" }, { foo: "bar" }, keyHS512), "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJmb28iOiJiYXIifQ.WePl7achkd0oGNB8XRF_LJwxlyiPZqpdNgdKpDboAjSTsWq-aOGNynTp8TOv8KjonFym8vwFwppXOLoLXbkIaQ", ); await assertRejects( async () => { await create(header, payload, keyHS512); }, Error, "The jwt's alg 'HS256' does not match the key's algorithm.", ); },});
Deno.test({ name: "[jwt] verify", fn: async function () { assertEquals( await verify( await create(header, payload, keyHS256), keyHS256, ), payload, ); await assertEquals( await verify( await create({ alg: "HS512", typ: "JWT" }, {}, keyHS512), keyHS512, ), {}, );
await assertEquals( await verify( await create({ alg: "HS512", typ: "JWT" }, {}, keyHS512), keyHS512, { expLeeway: 10 }, ), {}, );
await assertEquals( await verify( await create({ alg: "HS512", typ: "JWT" }, {}, keyHS512), keyHS512, { nbfLeeway: 10 }, ), {}, );
await assertRejects( async () => { await verify( "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoiSm9obiBEb2UifQ.xuEv8qrfXu424LZk8bVgr9MQJUIrp1rHcPyZw_KSsd", keyHS256, ); }, Error, "The jwt's signature does not match the verification signature.", );
await assertRejects( async () => { // payload = { "exp": false } await verify( "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOmZhbHNlfQ.LXb8M9J6ar14CTq7shnqDMWmSsoH_zyIHiD44Rqd6uI", keyHS512, ); }, Error, "The jwt has an invalid 'exp' or 'nbf' claim.", );
await assertRejects( async () => { await verify("", keyHS512); }, Error, "The serialization of the jwt is invalid.", );
await assertRejects( async () => { await verify("invalid", keyHS512); }, Error, "The serialization of the jwt is invalid.", );
await assertRejects( async () => { await verify( await create(header, { // @ts-ignore */ nbf: "invalid", exp: 100000000000000000000, }, keyHS256), keyHS256, ); }, Error, "The jwt has an invalid 'exp' or 'nbf' claim", );
await assertRejects( async () => { await verify( "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..F6X5eXaBMszYO1kMrujBGGw4-FTJp2Uld6Daz9v3cu4", keyHS256, ); }, Error, "The serialization of the jwt is invalid.", ); await assertRejects( async () => { await verify( "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.YWJj.uE63kRv-19VnJUBL4OUKaxULtqZ27cJwl8V9IXjJaHg", keyHS256, ); }, Error, "The serialization of the jwt is invalid.", );
await assertRejects( async () => { await verify( "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.bnVsbA.tv7DbhvALc5Eq2sC61Y9IZlG2G15hvJoug9UO6iwmE_UZOLva8EC-9PURg7IIj6f-F9jFWix8vCn9WaAMHR1AA", keyHS512, ); }, Error, "The jwt claims set is not a JSON object", );
await assertRejects( async () => { await verify( "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.dHJ1ZQ.Wmj2Jb9m6FQaZ0rd4AHNR2u9THED_m-aPfGx1w5mtKalrx7NWFS98ZblUNm_Szeugg9CUzhzBfPDyPUA2LTTkA", keyHS512, ); }, Error, "The jwt claims set is not a JSON object", ); await assertRejects( async () => { await verify( "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.W10.BqmZ-tVI9a-HDx6PpMiBdMq6lzcaqO9sW6pImw-NRajCCmRrVi6IgMhEw7lvOG6sxhteceVMl8_xFRGverJJWw", keyHS512, ); }, Error, "The jwt claims set is not a JSON object", ); await assertRejects( async () => { await verify( "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.WyJhIiwxLHRydWVd.eVsshnlupuoVv9S5Q7VOj2BkLyZmOSC27fCoXwyq_MG8B95P2GkLDkL8Fo0Su7qoh1G0BxYjVRHgVppTgpuZRw", keyHS512, ); }, Error, "The jwt claims set is not a JSON object", ); },});
Deno.test({ name: "[jwt] decode", fn: async function () { assertEquals( decode( "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.e30.TVCeFl1nnZWUMQkAQKuSo_I97YeIZAS8T1gOkErT7F8", ), [ { alg: "HS256", typ: "JWT" }, {},
decodeHex(new TextEncoder().encode( "4d509e165d679d959431090040ab92a3f23ded87886404bc4f580e904ad3ec5f", )), ], ); assertThrows( () => { decode("aaa"); }, Error, "The serialization of the jwt is invalid.", );
assertThrows( () => { decode("a"); }, Error, "The serialization of the jwt is invalid.", );
assertThrows( () => { // "ImEi" === base64url("a") decode("ImEi.ImEi.ImEi.ImEi"); }, Error, "The serialization of the jwt is invalid.", );
const jwt = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"; const header: Header = { alg: "HS256", typ: "JWT", }; const payload = { sub: "1234567890", name: "John Doe", iat: 1516239022, }; assertEquals(decode(jwt), [ header, payload, decodeHex( new TextEncoder().encode( "49f94ac7044948c78a285d904f87f0a4c7897f7e8f3a4eb2255fda750b2cc397", ), ), ]); assertEquals( await create( header, payload, await crypto.subtle.importKey( "raw", new TextEncoder().encode("your-256-bit-secret"), { name: "HMAC", hash: "SHA-256" }, false, ["sign", "verify"], ), ), jwt, ); },});
Deno.test({ name: "[jwt] validate", fn: async function () { assertEquals( validate( [ { alg: "HS256", typ: "JWT" }, { exp: 1111111111111111111111111111 }, new Uint8Array(), ], ), { header: { alg: "HS256", typ: "JWT" }, payload: { exp: 1111111111111111111111111111 }, signature: new Uint8Array(), }, ); assertThrows( () => { validate([, , new Uint8Array()]); }, Error, "The jwt's 'alg' header parameter value must be a string.", );
assertThrows( () => { validate([null, {}, new Uint8Array()]); }, Error, "The jwt's 'alg' header parameter value must be a string.", );
assertThrows( () => { validate([{ alg: "HS256", typ: "JWT" }, [], new Uint8Array()]); }, Error, "The jwt claims set is not a JSON object.", );
assertThrows( () => { validate([{ alg: "HS256" }, { exp: "" }, new Uint8Array()]); }, Error, "The jwt has an invalid 'exp' or 'nbf' claim.", );
assertThrows( () => { validate([{ alg: "HS256" }, { exp: 1 }, new Uint8Array()]); }, Error, "The jwt is expired.", );
assertThrows( () => { validate([ { alg: "HS256" }, { nbf: 1111111111111111111111111111 }, new Uint8Array(), ]); }, Error, "The jwt is used too early.", );
const jwt = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"; const header: Header = { alg: "HS256", typ: "JWT", }; const payload = { sub: "1234567890", name: "John Doe", iat: 1516239022, }; assertEquals(decode(jwt), [ header, payload, decodeHex( new TextEncoder().encode( "49f94ac7044948c78a285d904f87f0a4c7897f7e8f3a4eb2255fda750b2cc397", ), ), ]); assertEquals( await create( header, payload, await crypto.subtle.importKey( "raw", new TextEncoder().encode("your-256-bit-secret"), { name: "HMAC", hash: "SHA-256" }, false, ["sign", "verify"], ), ), jwt, ); },});
Deno.test({ name: "[jwt] expired jwt", fn: async function () { const payload = { iss: "joe", jti: "123456789abc", exp: 20000, }; const header: Header = { alg: "HS256", dummy: 100, };
await assertRejects( async () => { await verify( await create( header, { exp: 0 }, keyHS256, ), keyHS256, ); }, Error, "The jwt is expired.", );
await assertRejects( async () => { await verify( await create(header, payload, keyHS256), keyHS256, ); }, Error, "The jwt is expired.", ); },});
Deno.test({ name: "[jwt] too early jwt", fn: async function () { const payload = { iss: "joe", jti: "123456789abc", }; const header: Header = { alg: "HS256", }; const lateNbf = Date.now() / 1000 - 5; const earlyNbf = Date.now() / 1000 + 5; assertEquals( await verify( await create(header, { ...payload, nbf: lateNbf }, keyHS256), keyHS256, ), { ...payload, nbf: lateNbf }, ); await assertRejects( async () => { await verify( await create(header, { ...payload, nbf: earlyNbf }, keyHS256), keyHS256, ); }, Error, "The jwt is used too early.", ); },});
Deno.test({ name: "[jwt] aud claim", fn: async function () { const payload = { iss: "joe", }; const audValue = "smtp"; const header: Header = { alg: "HS256", }; assertEquals( await verify( await create(header, { ...payload, aud: audValue }, keyHS256), keyHS256, ), { ...payload, aud: audValue }, ); assertEquals( await verify( await create(header, { ...payload, aud: [] }, keyHS256), keyHS256, ), { ...payload, aud: [] }, ); assertEquals( await verify( await create(header, { ...payload, aud: [audValue, "sol"] }, keyHS256), keyHS256, { audience: audValue }, ), { ...payload, aud: [audValue, "sol"] }, ); assertEquals( await verify( await create(header, { ...payload, aud: [audValue, "sol"] }, keyHS256), keyHS256, { audience: ["wrong", audValue] }, ), { ...payload, aud: [audValue, "sol"] }, ); assertEquals( await verify( await create(header, { ...payload, aud: audValue }, keyHS256), keyHS256, { audience: audValue }, ), { ...payload, aud: audValue }, ); assertEquals( await verify( await create(header, { ...payload, aud: audValue }, keyHS256), keyHS256, { audience: [audValue, "sol"] }, ), { ...payload, aud: audValue }, ); assertEquals( await verify( await create(header, { ...payload, aud: [audValue, "sol"] }, keyHS256), keyHS256, { audience: new RegExp("^s.*") }, ), { ...payload, aud: [audValue, "sol"] }, ); assertEquals( await verify( await create(header, { ...payload, aud: audValue }, keyHS256), keyHS256, { audience: new RegExp("^s.*") }, ), { ...payload, aud: audValue }, ); await assertRejects( async () => { await verify( await create(header, { ...payload }, keyHS256), keyHS256, { audience: audValue }, ); }, Error, "The jwt has no 'aud' claim.", ); await assertRejects( async () => { await verify( await create( header, { ...payload, aud: 10 as unknown as string }, keyHS256, ), keyHS256, { audience: audValue }, ); }, Error, "The jwt has an invalid 'aud' claim.", ); await assertRejects( async () => { await verify( await create( header, { ...payload, aud: [undefined] as unknown as string[] }, keyHS256, ), keyHS256, { audience: audValue }, ); }, Error, "The jwt has an invalid 'aud' claim.", ); await assertRejects( async () => { await verify( await create(header, { ...payload, aud: audValue }, keyHS256), keyHS256, { audience: new RegExp("^a.*") }, ); }, Error, "The identification with the value in the 'aud' claim has failed.", ); await assertRejects( async () => { await verify( await create( header, { ...payload, aud: [audValue, "sol"] }, keyHS256, ), keyHS256, { audience: new RegExp("^a.*") }, ); }, Error, "The identification with the value in the 'aud' claim has failed.", ); await assertRejects( async () => { await verify( await create(header, { ...payload, aud: audValue }, keyHS256), keyHS256, { audience: audValue + "a" }, ); }, Error, "The identification with the value in the 'aud' claim has failed.", ); await assertRejects( async () => { await verify( await create( header, { ...payload, aud: audValue }, keyHS256, ), keyHS256, { audience: [] }, ); }, Error, "The identification with the value in the 'aud' claim has failed.", ); await assertRejects( async () => { await verify( await create(header, { ...payload, aud: [] }, keyHS256), keyHS256, { audience: audValue }, ); }, Error, "The identification with the value in the 'aud' claim has failed.", ); await assertRejects( async () => { await verify( await create(header, { ...payload, aud: [] }, keyHS256), keyHS256, { audience: new RegExp(".*") }, ); }, Error, "The identification with the value in the 'aud' claim has failed.", ); await assertRejects( async () => { await verify( await create(header, { ...payload, aud: audValue }, keyHS256), keyHS256, { audience: "wrong" }, ); }, Error, "The identification with the value in the 'aud' claim has failed.", ); await assertRejects( async () => { await verify( await create(header, { ...payload, aud: audValue }, keyHS256), keyHS256, { audience: [] }, ); }, Error, "The identification with the value in the 'aud' claim has failed.", ); await assertRejects( async () => { await verify( await create(header, { ...payload, aud: audValue }, keyHS256), keyHS256, { audience: ["wrong", "wrong2"] }, ); }, Error, "The identification with the value in the 'aud' claim has failed.", ); },});
Deno.test({ name: "[jwt] none algorithm", fn: async function () { const payload = { iss: "joe", "http://example.com/is_root": true, }; const header: Header = { alg: "none", }; const jwt = await create(header, payload, null); assertEquals( jwt, "eyJhbGciOiJub25lIn0.eyJpc3MiOiJqb2UiLCJodHRwOi8vZXhhbXBsZS5jb20vaXNfcm9vdCI6dHJ1ZX0.", ); const validatedPayload = await verify( jwt, null, ); assertEquals(validatedPayload, payload); await assertRejects( async () => { await create(header, payload, keyHS256); }, Error, "The alg 'none' does not allow a key.", ); await assertRejects( async () => { await create({ alg: "HS256" }, payload, null); }, Error, "The alg 'HS256' demands a key.", ); await assertRejects( async () => { await verify(await create(header, payload, null), keyHS256); }, Error, "The alg 'none' does not allow a key.", ); await assertRejects( async () => { await verify(await create({ alg: "HS256" }, payload, keyHS256), null); }, Error, "The alg 'HS256' demands a key.", ); },});
Deno.test({ name: "[jwt] HS256 algorithm", fn: async function () { const header: Header = { alg: "HS256", typ: "JWT", }; const payload = { sub: "1234567890", name: "John Doe", iat: 1516239022, }; const jwt = await create(header, payload, keyHS256); const validatedPayload = await verify(jwt, keyHS256); assertEquals( jwt, "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.XbPfbIHMI6arZ3Y922BhjWgQzWXcXNrz0ogtVhfEd2o", ); assertEquals(validatedPayload, payload); await assertRejects( async () => { const invalidJwt = // jwt with not supported crypto algorithm in alg header: "eyJhbGciOiJIUzM4NCIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0.bQTnz6AuMJvmXXQsVPrxeQNvzDkimo7VNXxHeSBfClLufmCVZRUuyTwJF311JHuh"; await verify( invalidJwt, keyHS256, ); }, Error, `The jwt's alg 'HS384' does not match the key's algorithm.`, ); await assertRejects( async () => { const jwtWithInvalidSignature = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.XbPfbIHMI6arZ3Y922BhjWgQzcXNrz0ogthfEd2o"; await verify(jwtWithInvalidSignature, keyHS256); }, Error, "The jwt's signature does not match the verification signature.", ); },});
Deno.test({ name: "[jwt] HS384 algorithm", fn: async function () { const header: Header = { alg: "HS384", typ: "JWT" }; const payload = { sub: "1234567890", name: "John Doe", admin: true, iat: 1516239022, }; const jwt = await create(header, payload, keyHS384); const validatedPayload = await verify(jwt, keyHS384); assertEquals(validatedPayload, payload); },});
Deno.test({ name: "[jwt] HS512 algorithm", fn: async function () { const header: Header = { alg: "HS512", typ: "JWT" }; const payload = { sub: "1234567890", name: "John Doe", admin: true, iat: 1516239022, }; const jwt = await create(header, payload, keyHS512); const validatedPayload = await verify(jwt, keyHS512); assertEquals(validatedPayload, payload); },});
Deno.test("[jwt] RS256 algorithm", async function (): Promise<void> { const header = { alg: "RS256" as const, typ: "JWT" }; const payload = { sub: "1234567890", name: "John Doe", admin: true, iat: 1516239022, }; const jwt = await create(header, payload, keyRS256.privateKey); const receivedPayload = await verify( jwt, keyRS256.publicKey, ); assertEquals(receivedPayload, payload); await assertRejects( async () => { await verify( jwt, keyRS384.publicKey, ); }, Error, `The jwt's alg 'RS256' does not match the key's algorithm.`, ); await assertRejects( async () => { await verify( jwt, keyPS256.publicKey, ); }, Error, `The jwt's alg 'RS256' does not match the key's algorithm.`, );});
Deno.test("[jwt] RS384 algorithm", async function (): Promise<void> { const header = { alg: "RS384" as const, typ: "JWT" }; const payload = { sub: "1234567890", name: "John Doe", admin: true, iat: 1516239022, }; const jwt = await create(header, payload, keyRS384.privateKey); const receivedPayload = await verify( jwt, keyRS384.publicKey, ); assertEquals(receivedPayload, payload);});Deno.test("[jwt] RS512 algorithm", async function (): Promise<void> { const header = { alg: "RS512" as const, typ: "JWT" }; const payload = { sub: "1234567890", name: "John Doe", admin: true, iat: 1516239022, }; const jwt = await create(header, payload, keyRS512.privateKey); const receivedPayload = await verify( jwt, keyRS512.publicKey, ); assertEquals(receivedPayload, payload);});
Deno.test("[jwt] PS256 algorithm", async function (): Promise<void> { const header = { alg: "PS256" as const, typ: "JWT" }; const payload = { sub: "1234567890", name: "John Doe", admin: true, iat: 1516239022, }; const jwt = await create(header, payload, keyPS256.privateKey); const receivedPayload = await verify( jwt, keyPS256.publicKey, ); assertEquals(receivedPayload, payload);});
Deno.test("[jwt] PS384 algorithm", async function (): Promise<void> { const header = { alg: "PS384" as const, typ: "JWT" }; const payload = { sub: "1234567890", name: "John Doe", admin: true, iat: 1516239022, }; const jwt = await create(header, payload, keyPS384.privateKey); const receivedPayload = await verify( jwt, keyPS384.publicKey, ); assertEquals(receivedPayload, payload);});
Deno.test("[jwt] PS512 algorithm", async function (): Promise<void> { const header = { alg: "PS512" as const, typ: "JWT" }; const payload = { sub: "1234567890", name: "John Doe", admin: true, iat: 1516239022, }; const jwt = await create(header, payload, keyPS512.privateKey); const receivedPayload = await verify( jwt, keyPS512.publicKey, ); assertEquals(receivedPayload, payload);});
Deno.test("[jwt] ES256 algorithm", async function (): Promise<void> { const header = { alg: "ES256" as const, typ: "JWT" }; const payload = { sub: "1234567890", name: "John Doe", admin: true, iat: 1516239022, }; const jwt = await create(header, payload, keyES256.privateKey); const receivedPayload = await verify( jwt, keyES256.publicKey, ); assertEquals(receivedPayload, payload);});
Deno.test("[jwt] ES384 algorithm", async function (): Promise<void> { const header = { alg: "ES384" as const, typ: "JWT" }; const payload = { sub: "1234567890", name: "John Doe", admin: true, iat: 1516239022, }; const jwt = await create(header, payload, keyES384.privateKey); const receivedPayload = await verify( jwt, keyES384.publicKey, ); assertEquals(receivedPayload, payload);});
// Deno.test("[jwt] ES512 algorithm", async function (): Promise<void> {// const header = { alg: "ES512" as const, typ: "JWT" };// const payload = {// sub: "1234567890",// name: "John Doe",// admin: true,// iat: 1516239022,// };// const jwt = await create(header, payload, keyES512.privateKey);// const receivedPayload = await verify(// jwt,// keyES512.publicKey,// );// assertEquals(receivedPayload, payload);// });
Deno.test("[jwt] getNumericDate", function (): void { // A specific date: const t1 = getNumericDate(new Date("2020-01-01")); const t2 = getNumericDate(new Date("2099-01-01")); // Ten seconds from now: const t3 = getNumericDate(10); // One hour from now: const t4 = getNumericDate(60 * 60); // 1 second from now: const t5 = getNumericDate(1); // 1 second earlier: const t6 = getNumericDate(-1); assertEquals(t1 < Date.now() / 1000, true); assertEquals(t2 < Date.now() / 1000, false); assertEquals(10, t3 - Math.round(Date.now() / 1000)); assertEquals(t4 < Date.now() / 1000, false); assertEquals(t5 < Date.now() / 1000, false); assertEquals(t6 < Date.now() / 1000, true); assertEquals( getNumericDate(10), getNumericDate(new Date(Date.now() + 10000)), );});