JSDoc: Class: JWKSet

new JWKSet(dataopt)

JSON Web Key Set (IETF RFC7517 Section 5.)

Parameters:

Name	Type	Attributes	Description
`data`	Object \| Array	<optional>

Source:

JWKSet.js, line 26

Members

publicJwks :String

The publishable JSON serialized string of the JWKSet. Returns only public keys.

Type:

String

Source:

JWKSet.js, line 523

To Do:

Memoization

Methods

(static) generateKeys(data) → {Promise.<JWKSet>}

Instantiate a new JWKSet and generate one or many JWK keypairs and secret keys.

Parameters:

Name	Type	Description
`data`	String \| Object \| Array

Source:

JWKSet.js, line 108

Returns:

A promise that resolves a new JWKSet containing the generated key pairs.

Type: Promise.<JWKSet>

Examples

Simple RSA keypair

JWKSet.generateKeys('RS256')
  .then(console.log)
// => { keys: [
//      { d: '...',
//        kty: 'RSA',
//        alg: 'RS256',
//        kid: 'abcd',
//        ... },
//      { kty: 'RSA',
//        alg: 'RS256',
//        kid: 'abcd',
//        ... }
//    ] }

Multiple keypairs

JWKSet.generateKeys(['RS256', 'ES256'])
  .then(console.log)
// => { keys: [
//      { ..., kty: 'RSA', alg: 'RS256' },
//      { ..., kty: 'RSA', alg: 'RS256' },
//      { ..., kty: 'EC', alg: 'ES256' },
//      { ..., kty: 'EC', alg: 'ES256' }] }

Object descriptor RSA keypair

let keyDescriptor = {
  alg: 'RS256',
  kid: 'custom',
  modulusLength: 1024
}

JWKSet.generateKeys(keyDescriptor)
  .then(console.log)
// => { keys: [
//      { ..., alg: 'RS256', kid: 'custom' },
//      { ..., alg: 'RS256', kid: 'custom' }] }

Mixed input, multiple keypairs

let keyDescriptor = {
  alg: 'RS512',
  modulusLength: 1024
}

JWKSet.generateKeys([keyDescriptor, 'ES256'])
  .then(console.log)
// => { keys: [
//      { ..., kty: 'RSA', alg: 'RS512' },
//      { ..., kty: 'RSA', alg: 'RS512' },
//      { ..., kty: 'EC', alg: 'ES256' },
//      { ..., kty: 'EC', alg: 'ES256' }] }

(static) importKeys(data) → {Promise.<JWKSet>}

Instantiate a new JWKSet and import keys from JSON string, JS object, remote URL or file path.

Parameters:

Name	Type	Description
`data`	String \| Object \| Array

Source:

JWKSet.js, line 179

Returns:

A promise that resolves a new JWKSet containing the generated key pairs.

Type: Promise.<JWKSet>

Examples

Import keys from JSON string

let jsonJwkSet = '{"meta":"abcd","keys":[...]}'

JWKSet.importKeys(jsonJwkSet)
  .then(console.log)
// => { meta: 'abcd', keys: [...] }

Import keys from object

let jwkSet = {
  meta: 'abcd',
  keys: [...]
}

JWKSet.importKeys(jwkSet)
  .then(console.log)
// => { meta: 'abcd', keys: [...] }

Import keys from URL

let jwkSetUrl = 'https://idp.example.com/jwks'

JWKSet.importKeys(jwkSetUrl)
  .then(console.log)
//
// HTTP/1.1 200 OK
// Content-Type: application/json
//
// {"meta":"abcd","keys":[...]}
//
// => { meta: 'abcd',
//      keys: [...] }

Import keys from file path

let jwkSetPath = './path/to/my/file.json'

JWKSet.importKeys(jwkSetPath)
  .then(console.log)
//
// Contents of ./path/to/my/file.json -
// {"meta":"abcd","keys":[...]}
//
// => { meta: 'abcd',
//      keys: [...] }

Mixed input, multiple sources

let jwkSetPath = './path/to/my/file.json'
let jwkSet = { meta: 'abcd', keys: [...] }

JWKSet.importKeys([jwkSet, jwkSetPath])
  .then(console.log)
//
// Contents of ./path/to/my/file.json -
// {"other":"efgh","keys":[...]}
//
// => { meta: 'abcd',
//      other: 'efgh',
//      keys: [...] }

exportKeys(kekopt) → {String}

Serialize the JWKSet for storage or transmission.

Parameters:

Name	Type	Attributes	Description
`kek`	JWK	<optional>	optional encryption key

Source:

JWKSet.js, line 509

To Do:

Encryption

Returns:

The JSON serialized string of the JWKSet.

Type: String

filter(predicate) → {Array.<JWK>}

Execute a filter query on the JWKSet keys.

Parameters:

Name	Type	Description
`predicate`	function \| Object	Filter function or predicate object

Source:

JWKSet.js, line 429

Returns:

An array of JWKs matching the filter predicate.

Type: Array.<JWK>

Examples

Function predicate

let predicate = key => key.key_ops.includes('sign')

let filtered = jwks.filter(predicate)
// => [ { ..., key_ops: ['sign'] } ]

MongoDB-like object predicate (see Sift)

let predicate = { key_ops: { $in: ['sign', 'verify'] } }

let filtered = jwks.filter(predicate)
// => [ { ..., key_ops: ['sign'] },
//      { ..., key_ops: ['verify'] } ]

find(predicate) → {JWK}

Execute a find query on the JWKSet keys.

Parameters:

Name	Type	Description
`predicate`	function \| Object	Find function or predicate object

Source:

JWKSet.js, line 467

Returns:

The first JWK matching the find predicate.

Type: JWK

Examples

Function predicate

let predicate = key => key.key_ops.includes('sign')

let filtered = jwks.find(predicate)
// => { ..., key_ops: ['sign'] }

MongoDB-like object predicate (see Sift)

let predicate = { key_ops: { $in: ['sign', 'verify'] } }

let filtered = jwks.find()
// => { ..., key_ops: ['sign'] }

generateKeys(data) → {Promise.<Array.<JWK>, Array.<Array.<JWK>>>}

Generate additional keys and include them in the JWKSet.

Parameters:

Name	Type	Description
`data`	String \| Object \| Array

Source:

JWKSet.js, line 237

Returns:

A promise that resolves the newly generated key pairs after they are added to the JWKSet instance.

Type: Promise.<Array.<JWK>, Array.<Array.<JWK>>>

Examples

Simple RSA keypair

jwks.generateKeys('RS256')
  .then(console.log)
// => [
//      { kty: 'RSA' },
//      { kty: 'RSA' }
//    ]

Multiple keypairs

jwks.generateKeys(['RS256', 'ES256'])
  .then(console.log)
// => [
//      [ { kty: 'RSA' },
//        { kty: 'RSA' } ],
//      [ { kty: 'EC' },
//        { kty: 'EC' } ] ]

Object descriptor RSA keypair

let keyDescriptor = {
  alg: 'RS256',
  kid: 'custom',
  modulusLength: 1024
}

jwks.generateKeys(keyDescriptor)
  .then(console.log)
// => [ { kty: 'RSA', kid: 'custom' },
//      { kty: 'RSA', kid: 'custom' } ]

Mixed input, multiple keypairs

let keyDescriptor = {
  alg: 'RS512',
  modulusLength: 1024
}

jwks.generateKeys([keyDescriptor, 'ES256'])
  .then(console.log)
// => [
//      [ { kty: 'RSA' },
//        { kty: 'RSA' } ],
//      [ { kty: 'EC' },
//        { kty: 'EC' } ]
//    ]

importKeys(data, kekopt) → {Promise.<Array.<JWK>>}

Import additional keys and include them in the JWKSet.

Parameters:

Name	Type	Attributes	Description
`data`	String \| Object \| Array
`kek`	JWK	<optional>	Key encryption key.

Source:

JWKSet.js, line 352

To Do:

Import encrypted JWKSet

Returns:

A promise that resolves the newly imported key pairs after they are added to the JWKSet instance.

Type: Promise.<Array.<JWK>>

Examples

Import keys from JSON string

let jsonJwkSet = '{"meta":"abcd","keys":[...]}'

jwks.importKeys(jsonJwkSet)
  .then(console.log)
// => [ {...},
//      {...} ]

Import keys from object

let jwkSet = {
  meta: 'abcd',
  keys: [...]
}

jwks.importKeys(jwkSet)
  .then(console.log)
// => [ {...},
//      {...} ]

Import keys from URL

let jwkSetUrl = 'https://idp.example.com/jwks'

jwks.importKeys(jwkSetUrl)
  .then(console.log)
//
// HTTP/1.1 200 OK
// Content-Type: application/json
//
// {"meta":"abcd","keys":[...]}
//
// => [ {...},
//      {...} ]

Import keys from file path

let jwkSetPath = './path/to/my/file.json'

jwks.importKeys(jwkSetPath)
  .then(console.log)
//
// Contents of ./path/to/my/file.json -
// {"meta":"abcd","keys":[...]}
//
// => [ {...},
//      {...} ]

Mixed input, multiple sources

let jwkSetPath = './path/to/my/file.json'
let jwkSet = { meta: 'abcd', keys: [...] }

jwks.importKeys([jwkSet, jwkSetPath])
  .then(console.log)
//
// Contents of ./path/to/my/file.json -
// {"other":"efgh","keys":[...]}
//
// => [ {...},
//      {...},
//      {...},
//      {...} ]