npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

jwtgen

v2.2.0

Published

JWT key generator

Downloads

6,917

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

richardhyattrichardhyatt

Keywords

JWTgeneratorJSONtokenweb

Readme

Build Status npm version

jwtgen

Command line tool that generates JWT tokens that helps in the testing of applications.

Features

  • Signatures for HMAC-SHA256, HMAC-SHA384, HMAC-SHA512 and RSA-SHA256
  • Issued at (iat) and expiry (exp) values can be configured as offsets
  • Claims can be encoded as JSON or as separate arguments

Installation

Install via npm.

npm install -g jwtgen

Getting Started

The following command will generate a JWT using HMAC-SHA256, a shared secret of my-secret, expires in 1 hour and contains user id of user123 as the iss value.

jwtgen -a HS256 -s "my-secret" -c "iss=user123" -e 3600

eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJ1c2VyMTIzNCIsImlhdCI6MTQ
1NzU1NTQwNSwiZXhwIjoxNDU3NTU5MDA1fQ.nixEkSKDkru92TBsxdzR8GLANIGQrkRa7E21
C-luNg

If the same command is run with the -v option, a more verbose output is displayed.

jwtgen -a HS256 -s "my-secret" -c "iss=user123" -e 3600 -v

algorithm: HS256

claims:
{
  "iss": "user1234",
  "iat": 1457555405,
  "exp": 1457559005
}

token:
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJ1c2VyMTIzNCIsImlhdCI6MTQ
1NzU1NTQwNSwiZXhwIjoxNDU3NTU5MDA1fQ.nixEkSKDkru92TBsxdzR8GLANIGQrkRa7E21
C-luNg

Expired Tokens

Expired tokens can be generated by specifying an offset to the iat value. The following example issues the token 1 hour (3600 seconds) in the past and expires at the generated time.

jwtgen -a HS256 -s "my-secret" -c "iss=user1234" -i=-3600  -e 3600 -v
algorithm: HS256

claims:
{
  "iss": "user1234",
  "iat": 1457552128,
  "exp": 1457555728
}

token:
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJ1c2VyMTIzNCIsImlhdCI6MTQ
1NzU1MjEyOCwiZXhwIjoxNDU3NTU1NzI4fQ.1SoNk-bCy8l3stfN8q4yrjBjbQkaRWP8AMyP
joDDeHE

Tokens Not Valid Yet

Tokens that are not yet valid can be generated by specifying the iat value directly as in the following example:

jwtgen -a HS256 -s "my-secret" -c "iss=user1234" -i=1557555728  -e 3600 -v
algorithm: HS256

claims:
{
  "iss": "user1234",
  "iat": 1557555728,
  "exp": 1557559328
}

token:
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJ1c2VyMTIzNCIsImlhdCI6MTU
1NzU1NTcyOCwiZXhwIjoxNTU3NTU5MzI4fQ.kFt-wgNGIQmB4z-G47yQqGfPPW1FSeyKTFdl
8h5elOQ

Usage

Running the --help command will display a list of options that can be used.

jwtgen --help

Usage: jwtgen [options]

Options:
  -a, --algorithm  algorithm
                        [required] [choices: "HS256", "HS384", "HS512", "RS256"]
  -s, --secret     secret value for HMAC algorithm                      [string]
  -p, --private    private key file (required for RS256 algorithm)      [string]
  -c, --claim      claim in the form [key=value]                        [string]
  --claims         JSON string containing claims                        [string]
  -h, --header     header in the form [key=value]                       [string]
  --headers        JSON string containing headers                       [string]
  -i, --iat        issued at (iat) in seconds from the UNIX epoch [default: now]
  -e, --exp        expiry date in seconds from issued at (iat) time
  -v, --verbose    verbose output                                      [boolean]
  --help           Show help                                           [boolean]

License

BSD-3-Clause

Copyright (c) 2016, Vandium Software Inc. All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of Vandium Software Inc. nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL VANDIUM SOFTWARE INC. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.