Algorithms supported

DID PublicKey Types

The PublicKey section of a DID document contains one or more Public Keys. We support the following types:

NameEncodingAlgorithm's
Secp256k1SignatureVerificationKey2018publicKeyHexES256K , ES256K-R
Secp256k1VerificationKey2018publicKeyHexES256K , ES256K-R
Secp256k1VerificationKey2018ethereumAddressES256K-R

Claims

NameDescriptionRequired
issThe DID of the signing identityyes
subThe DID of the subject of the JWTno
audThe DID or URL of the audience of the JWT. Our libraries or app will not accept any JWT that has someone else as the audienceno
iatThe time of issuanceyes
expExpiration time of JWTno

Modules

did-jwt/JWT

Functions

SimpleSigner(hexPrivateKey)function

The SimpleSigner returns a configured function for signing data. It also defines an interface that you can also implement yourself and use in our other modules.

did-jwt/JWT

did-jwt/JWT.decodeJWT(jwt) ⇒ Object

Decodes a JWT and returns an object representing the payload

Kind: static method of did-jwt/JWT
Returns: Object - a JS object representing the decoded JWT

ParamTypeDescription
jwt String a JSON Web Token to verify

Example

decodeJWT('eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NksifQ.eyJpYXQiOjE1MjU5Mjc1MTcsImF1ZCI6ImRpZDp1cG9ydDoyb3NuZko0V3k3TEJBbTJuUEJYaXJlMVdmUW43NVJyVjZUcyIsImV4cCI6MTU1NzQ2MzQyMSwibmFtZSI6InVQb3J0IERldmVsb3BlciIsImlzcyI6ImRpZDp1cG9ydDoyb3NuZko0V3k3TEJBbTJuUEJYaXJlMVdmUW43NVJyVjZUcyJ9.R7owbvNZoL4ti5ec-Kpktb0datw9Y-FshHsF5R7cXuKaiGlQz1dcOOXbXTOb-wg7-30CDfchFERR6Yc8F61ymw')

 

did-jwt/JWT.createJWT(payload, [config]) ⇒ Promise.<Object, Error>

Creates a signed JWT given an address which becomes the issuer, a signer, and a payload for which the signature is over.

Kind: static method of did-jwt/JWT
Returns: Promise.<Object, Error> - a promise which resolves with a signed JSON Web Token or rejects with an error

ParamTypeDescription
payload Object payload object
[ config ] Object an unsigned credential object
config.issuer String The DID of the issuer (signer) of JWT
config.alg String The JWT signing algorithm to use. Supports: [ ES256K, ES256K-R ] , Defaults to: ES256K
config.signerSimpleSignera signer, reference our SimpleSigner.js

Example

const signer = SimpleSigner(process.env.PRIVATE_KEY)
 createJWT({address: '5A8bRWU3F7j3REx3vkJ...', signer}, {key1: 'value', key2: ..., ... }).then(jwt => {
     ...
 })

 

did-jwt/JWT.verifyJWT(jwt, [config]) ⇒ Promise.<Object, Error>

Verifies given JWT. If the JWT is valid, the promise returns an object including the JWT, the payload of the JWT, and the did doc of the issuer of the JWT.

Kind: static method of did-jwt/JWT
Returns: Promise.<Object, Error> - a promise which resolves with a response object or rejects with an error

ParamTypeDescription
jwt String a JSON Web Token to verify
[ config ] Object an unsigned credential object
config.auth Boolean Require signer to be listed in the authentication section of the DID document (for Authentication purposes)
config.audience String DID of the recipient of the JWT
config.callbackUrl String callback url in JWT

Example

verifyJWT('did:uport:eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NksifQ.eyJyZXF1Z....', {audience: '5A8bRWU3F7j3REx3vkJ...', callbackUrl: 'https://...'}).then(obj => {
     const did = obj.did // DID of signer
     const payload = obj.payload
     const doc = obj.doc // DID Document of signer
     const jwt = obj.jwt
     const signerKeyId = obj.signerKeyId // ID of key in DID document that signed JWT
     ...
 })

 

did-jwt/JWT.resolveAuthenticator(alg, did, auth) ⇒ Promise.<Object, Error>

Resolves relevant public keys or other authenticating material used to verify signature from the DID document of provided DID

Kind: static method of did-jwt/JWT
Returns: Promise.<Object, Error> - a promise which resolves with a response object containing an array of authenticators or if non exist rejects with an error

ParamTypeDescription
alg String a JWT algorithm
did String a Decentralized IDentifier (DID) to lookup
auth Boolean Restrict public keys to ones specifically listed in the 'authentication' section of DID document

Example

resolveAuthenticator('ES256K', 'did:uport:2nQtiQG6Cgm1GYTBaaKAgr76uY7iSexUkqX').then(obj => {
     const payload = obj.payload
     const profile = obj.profile
     const jwt = obj.jwt
     ...
 })

 

SimpleSigner(hexPrivateKey) ⇒

The SimpleSigner returns a configured function for signing data. It also defines an interface that you can also implement yourself and use in our other modules.

Kind: global function
Returns: function - a configured signer function

ParamTypeDescription
hexPrivateKey String a hex encoded private key

Example

const signer = SimpleSigner(process.env.PRIVATE_KEY)
 signer(data, (err, signature) => {
   ...
 })