We’re archiving Anvil Connect and all related packages. This code is entirely MIT Licensed. You’re free to do with it what you want. That said, we are recommending against using it, due to the potential for security issues arising from unmaintained software. For more information, see the announcement at anvil.io.
Anvil Connect aims to be a scalable, full-featured, ready-to-run OpenID Connect + OAuth 2.0 Provider. This package contains the JWT modeling library used by Anvil Connect.
$ npm install anvil-connect-jwt --save
All JWTs must conform to the JWT/JWS/JWE/JW* specifications, but applications may impose additional requirements. For example, an OpenID Connect ID Token must require certain claims and headers, restrict the use of others, set default values, etc. Anvil Connect JWT is an abstract class that can be used to define JWTs conforming to application specfic requirements.
// require the package
var JWT = require('anvil-connect-jwt');
// define a subclass
var IDToken = JWT.define({
// default header
header: {
alg: 'RS256'
},
// permitted headers
headers: [
'alg'
],
// modify header schema
registeredHeaders: {
alg: { format: 'StringOrURI', required: true, enum: ['RS256'] }
},
// permitted claims
claims: ['iss', 'sub', 'aud', 'exp', 'iat', 'nonce', 'acr', 'at_hash'],
// modify payload schema
registeredClaims: {
iss: { format: 'StringOrURI', required: true },
sub: { format: 'StringOrURI', required: true },
aud: { format: 'StringOrURI', required: true },
exp: { format: 'IntDate', required: true, default: expires('day') },
iat: { format: 'IntDate', required: true, default: Date.now },
nonce: { format: 'String' },
acr: { format: 'String' },
at_hash: { format: 'String' }
}
});
Copyright (c) 2015 Anvil Research, Inc.