npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

paseto-cli

v1.0.0

Published

PASETO CLI application (uses paseto-ts)

Downloads

5

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

miunaumiunau

Keywords

decryptencryptsignverifypasetov4localpublictypescript

Readme

PASETO CLI

A command-line interface for working with PASETO (Platform-Agnostic Security Tokens) using the paseto-ts library.

Features

  • Generate PASETO v4 tokens (local and public)
  • Encrypt and decrypt payloads
  • Sign and verify tokens
  • Support for footer data and implicit assertions
  • JSON output mode for scripting
  • Detailed command-specific help

Installation

npm install -g paseto-cli

or with npx:

npx paseto-cli --help

Usage

Generate Keys

# Generate a local key
paseto-cli -g local

# Generate a key pair
paseto-cli -g public

# Generate keys with JSON output
paseto-cli -g local -j

Encrypt/Decrypt

# Encrypt a payload
paseto-cli -c encrypt -k k4.local.YOUR_KEY -p '{"data":"test"}'

# Encrypt with footer and assertion
paseto-cli -c encrypt -k k4.local.YOUR_KEY -p '{"data":"test"}' -F '{"kid":"key1"}' -a '{"aud":"example"}'

# Decrypt a token
paseto-cli -c decrypt -k k4.local.YOUR_KEY -t v4.local.ENCRYPTED_TOKEN

Sign/Verify

# Sign a payload
paseto-cli -c sign -k k4.secret.YOUR_SECRET_KEY -p '{"data":"test"}'

# Verify a token
paseto-cli -c verify -k k4.public.YOUR_PUBLIC_KEY -t v4.public.SIGNED_TOKEN

Reading from files

# Encrypt payload from file
paseto-cli -c encrypt -k k4.local.YOUR_KEY -f ./payload.json

# Decrypt token from file
paseto-cli -c decrypt -k k4.local.YOUR_KEY -f ./token.txt

JSON Output

# Enable JSON output
paseto-cli -c decrypt -k k4.local.YOUR_KEY -t v4.local.TOKEN -j

Working with Assertions

PASETO supports "implicit assertions" which are used to validate token claims without including them in the token payload. This is useful for validating properties like audience, issuer, or other contextual security information.

Basic Assertion Examples

# Encrypt with audience assertion
paseto-cli -c encrypt -k k4.local.YOUR_KEY -p '{"data":"test"}' -a '{"aud":"api.example.com"}'

# Decrypt with audience assertion (will validate the audience claim)
paseto-cli -c decrypt -k k4.local.YOUR_KEY -t v4.local.TOKEN -a '{"aud":"api.example.com"}'

# Sign with issuer and audience assertions
paseto-cli -c sign -k k4.secret.YOUR_KEY -p '{"data":"test"}' -a '{"iss":"auth.example.com","aud":"api.example.com"}'

# Verify with multiple assertions
paseto-cli -c verify -k k4.public.YOUR_KEY -t v4.public.TOKEN -a '{"iss":"auth.example.com","aud":"api.example.com"}'

Complex Assertions

You can use more complex assertions with nested objects:

# Encrypt with complex assertion structure
paseto-cli -c encrypt -k k4.local.YOUR_KEY -p '{"data":"test"}' -a '{
  "aud": "api.example.com",
  "iss": "auth.example.com",
  "sub": "user123",
  "context": {
    "ip": "192.168.1.1",
    "userAgent": "Mozilla/5.0",
    "permissions": ["read", "write"]
  }
}'

Combining Assertions and Footers

Assertions and footers can be used together:

# Encrypt with both footer and assertions
paseto-cli -c encrypt -k k4.local.YOUR_KEY -p '{"data":"test"}' \
  -F '{"kid":"key-2022-01"}' \
  -a '{"aud":"api.example.com"}'

Reading Assertions from File

For complex assertions, you might want to read them from a file:

# Store your assertions in a file
echo '{"aud":"api.example.com","iss":"auth.example.com"}' > assertions.json

# Use assertions from file (requires shell that supports command substitution)
paseto-cli -c verify -k k4.public.YOUR_KEY -t v4.public.TOKEN -a "$(cat assertions.json)"

Help

# General help
paseto-cli --help

# Command-specific help
paseto-cli -c encrypt --help
paseto-cli -c decrypt --help
paseto-cli -c sign --help
paseto-cli -c verify --help

Development

Setup

# Clone the repository
git clone https://github.com/auth70/paseto-cli.git
cd paseto-cli

# Install dependencies
npm install

# Build the project
npm run build

Testing

Tests are written with Vitest. The test suite includes unit tests for the CLI functionality.

# Run tests
npm test

# Run tests in watch mode
npm run test:watch

Project Structure

  • src/index.ts - CLI entry point
  • src/cli.ts - CLI functionality implementation
  • test/ - Test files

License

MIT