dan/jose
1
0
Fork 0
mirror of https://github.com/danbulant/jose synced 2026-05-25 04:51:47 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
jose/docs/interfaces/_jwt_verify_.jwtverifyoptions.md
Filip Skokan e17c305dce chore(release): 3.7.0
2021-03-03 00:23:42 +01:00

3.7 KiB
Raw Blame History

Interface: JWTVerifyOptions

Combination of JWS Verification options and JWT Claims Set verification options.

Index

Properties

Properties

algorithms

Optional algorithms: string[]

Defined in src/types.d.ts:466

A list of accepted JWS "alg" (Algorithm) Header Parameter values.

audience

Optional audience: string | string[]

Defined in src/types.d.ts:422

Expected JWT "aud" (Audience) Claim value(s).

clockTolerance

Optional clockTolerance: string | number

Defined in src/types.d.ts:429

Expected clock tolerance

  • in seconds when number (e.g. 5)
  • parsed as seconds when a string (e.g. "5 seconds", "10 minutes", "2 hours").

crit

Optional crit: { [propName:string]: boolean; }

Defined in src/types.d.ts:378

An object with keys representing recognized "crit" (Critical) Header Parameter names. The value for those is either true or false. true when the Header Parameter MUST be integrity protected, false when it's irrelevant.

This makes the "Extension Header Parameter "${parameter}" is not recognized" error go away.

Use this when a given JWS/JWT/JWE profile requires the use of proprietary non-registered "crit" (Critical) Header Parameters. This will only make sure the Header Parameter is syntactically correct when provided and that it is optionally integrity protected. It will not process the Header Parameter in any way or reject if the operation if it is missing. You MUST still verify the Header Parameter was present and process it according to the profile's validation steps after the operation succeeds.

The JWS extension Header Parameter b64 is always recognized and processed properly. No other registered Header Parameters that need this kind of default built-in treatment are currently available.

currentDate

Optional currentDate: Date

Defined in src/types.d.ts:456

Date to use when comparing NumericDate claims, defaults to new Date().

issuer

Optional issuer: string | string[]

Defined in src/types.d.ts:434

Expected JWT "iss" (Issuer) Claim value(s).

maxTokenAge

Optional maxTokenAge: string | number

Defined in src/types.d.ts:441

Maximum time elapsed (in seconds) from the JWT "iat" (Issued At) Claim value.

  • in seconds when number (e.g. 5)
  • parsed as seconds when a string (e.g. "5 seconds", "10 minutes", "2 hours").

subject

Optional subject: string

Defined in src/types.d.ts:446

Expected JWT "sub" (Subject) Claim value.

typ

Optional typ: string

Defined in src/types.d.ts:451

Expected JWT "typ" (Type) Header Parameter value.