sipp11
/
stdbWeb
forked from rachanon/stdbWeb
1
0
Fork 0
Code
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
0 Tags
3.8 MiB
 
 
 
 
Tree: 828de39d9d
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '828de39d9d'
${ noResults }
stdbWeb/jwt/api/symbols/KJUR.jws.JWS.html

1627 lines
48 KiB
Raw Blame History

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<meta name="generator" content="JsDoc Toolkit" />
<title>jsrsasign 4.8.7 JavaScript API Reference - KJUR.jws.JWS</title>
<style type="text/css">
/* default.css */
body
{
font: 12px "Lucida Grande", Tahoma, Arial, Helvetica, sans-serif;
width: 800px;
}
.header
{
clear: both;
background-color: #ccc;
padding: 8px;
}
h1
{
font-size: 150%;
font-weight: bold;
padding: 0;
margin: 1em 0 0 .3em;
}
hr
{
border: none 0;
border-top: 1px solid #7F8FB1;
height: 1px;
}
pre.code
{
display: block;
padding: 8px;
border: 1px dashed #ccc;
}
#index
{
margin-top: 24px;
float: left;
width: 160px;
position: absolute;
left: 8px;
background-color: #F3F3F3;
padding: 8px;
}
#content
{
margin-left: 190px;
width: 600px;
}
.classList
{
list-style-type: none;
padding: 0;
margin: 0 0 0 8px;
font-family: arial, sans-serif;
font-size: 1em;
overflow: auto;
}
.classList li
{
padding: 0;
margin: 0 0 8px 0;
}
.summaryTable { width: 100%; }
h1.classTitle
{
font-size:170%;
line-height:130%;
}
h2 { font-size: 110%; }
caption, div.sectionTitle
{
background-color: #7F8FB1;
color: #fff;
font-size:130%;
text-align: left;
padding: 2px 6px 2px 6px;
border: 1px #7F8FB1 solid;
}
div.sectionTitle { margin-bottom: 8px; }
.summaryTable thead { display: none; }
.summaryTable td
{
vertical-align: top;
padding: 4px;
border-bottom: 1px #7F8FB1 solid;
border-right: 1px #7F8FB1 solid;
}
/*col#summaryAttributes {}*/
.summaryTable td.attributes
{
border-left: 1px #7F8FB1 solid;
width: 140px;
text-align: right;
}
td.attributes, .fixedFont
{
line-height: 15px;
color: #002EBE;
font-family: "Courier New",Courier,monospace;
font-size: 13px;
}
.summaryTable td.nameDescription
{
text-align: left;
font-size: 13px;
line-height: 15px;
}
.summaryTable td.nameDescription, .description
{
line-height: 15px;
padding: 4px;
padding-left: 4px;
}
.summaryTable { margin-bottom: 8px; }
ul.inheritsList
{
list-style: square;
margin-left: 20px;
padding-left: 0;
}
.detailList {
margin-left: 20px;
line-height: 15px;
}
.detailList dt { margin-left: 20px; }
.detailList .heading
{
font-weight: bold;
padding-bottom: 6px;
margin-left: 0;
}
.light, td.attributes, .light a:link, .light a:visited
{
color: #777;
font-style: italic;
}
.fineprint
{
text-align: right;
font-size: 10px;
}
</style>
</head>
<body>
<!-- ============================== header ================================= -->
<!-- begin static/header.html -->
<div id="header" style="background: #7F8FB1; color: white; margin: -10px">
&nbsp; <b><a href="http://kjur.github.com/jsrsasign/" style="color: white">jsrsasign</a></b> JavaScript API Reference
</div>
<!-- end static/header.html -->
<!-- ============================== classes index ============================ -->
<div id="index">
<!-- begin publish.classesIndex -->
<div align="center"><a href="../index.html">Class Index</a>
| <a href="../files.html">File Index</a></div>
<hr />
<h2>Classes</h2>
<ul class="classList">
<li><i><a href="../symbols/global__.html">global__</a></i></li>
<li><a href="../symbols/ASN1HEX.html">ASN1HEX</a></li>
<li><a href="../symbols/Base64x.html">Base64x</a></li>
<li><a href="../symbols/KEYUTIL.html">KEYUTIL</a></li>
<li><a href="../symbols/KJUR.html">KJUR</a></li>
<li><a href="../symbols/KJUR.asn1.html">KJUR.asn1</a></li>
<li><a href="../symbols/KJUR.asn1.ASN1Object.html">KJUR.asn1.ASN1Object</a></li>
<li><a href="../symbols/KJUR.asn1.ASN1Util.html">KJUR.asn1.ASN1Util</a></li>
<li><a href="../symbols/KJUR.asn1.cades.html">KJUR.asn1.cades</a></li>
<li><a href="../symbols/KJUR.asn1.cades.CAdESUtil.html">KJUR.asn1.cades.CAdESUtil</a></li>
<li><a href="../symbols/KJUR.asn1.cades.CompleteCertificateRefs.html">KJUR.asn1.cades.CompleteCertificateRefs</a></li>
<li><a href="../symbols/KJUR.asn1.cades.OtherCertID.html">KJUR.asn1.cades.OtherCertID</a></li>
<li><a href="../symbols/KJUR.asn1.cades.OtherHash.html">KJUR.asn1.cades.OtherHash</a></li>
<li><a href="../symbols/KJUR.asn1.cades.OtherHashAlgAndValue.html">KJUR.asn1.cades.OtherHashAlgAndValue</a></li>
<li><a href="../symbols/KJUR.asn1.cades.SignaturePolicyIdentifier.html">KJUR.asn1.cades.SignaturePolicyIdentifier</a></li>
<li><a href="../symbols/KJUR.asn1.cades.SignatureTimeStamp.html">KJUR.asn1.cades.SignatureTimeStamp</a></li>
<li><a href="../symbols/KJUR.asn1.cms.html">KJUR.asn1.cms</a></li>
<li><a href="../symbols/KJUR.asn1.cms.Attribute.html">KJUR.asn1.cms.Attribute</a></li>
<li><a href="../symbols/KJUR.asn1.cms.AttributeList.html">KJUR.asn1.cms.AttributeList</a></li>
<li><a href="../symbols/KJUR.asn1.cms.CMSUtil.html">KJUR.asn1.cms.CMSUtil</a></li>
<li><a href="../symbols/KJUR.asn1.cms.ContentInfo.html">KJUR.asn1.cms.ContentInfo</a></li>
<li><a href="../symbols/KJUR.asn1.cms.ContentType.html">KJUR.asn1.cms.ContentType</a></li>
<li><a href="../symbols/KJUR.asn1.cms.EncapsulatedContentInfo.html">KJUR.asn1.cms.EncapsulatedContentInfo</a></li>
<li><a href="../symbols/KJUR.asn1.cms.IssuerAndSerialNumber.html">KJUR.asn1.cms.IssuerAndSerialNumber</a></li>
<li><a href="../symbols/KJUR.asn1.cms.MessageDigest.html">KJUR.asn1.cms.MessageDigest</a></li>
<li><a href="../symbols/KJUR.asn1.cms.SignedData.html">KJUR.asn1.cms.SignedData</a></li>
<li><a href="../symbols/KJUR.asn1.cms.SignerInfo.html">KJUR.asn1.cms.SignerInfo</a></li>
<li><a href="../symbols/KJUR.asn1.cms.SigningCertificate.html">KJUR.asn1.cms.SigningCertificate</a></li>
<li><a href="../symbols/KJUR.asn1.cms.SigningCertificateV2.html">KJUR.asn1.cms.SigningCertificateV2</a></li>
<li><a href="../symbols/KJUR.asn1.cms.SigningTime.html">KJUR.asn1.cms.SigningTime</a></li>
<li><a href="../symbols/KJUR.asn1.csr.html">KJUR.asn1.csr</a></li>
<li><a href="../symbols/KJUR.asn1.csr.CertificationRequest.html">KJUR.asn1.csr.CertificationRequest</a></li>
<li><a href="../symbols/KJUR.asn1.csr.CertificationRequestInfo.html">KJUR.asn1.csr.CertificationRequestInfo</a></li>
<li><a href="../symbols/KJUR.asn1.csr.CSRUtil.html">KJUR.asn1.csr.CSRUtil</a></li>
<li><a href="../symbols/KJUR.asn1.DERAbstractString.html">KJUR.asn1.DERAbstractString</a></li>
<li><a href="../symbols/KJUR.asn1.DERAbstractStructured.html">KJUR.asn1.DERAbstractStructured</a></li>
<li><a href="../symbols/KJUR.asn1.DERAbstractTime.html">KJUR.asn1.DERAbstractTime</a></li>
<li><a href="../symbols/KJUR.asn1.DERBitString.html">KJUR.asn1.DERBitString</a></li>
<li><a href="../symbols/KJUR.asn1.DERBoolean.html">KJUR.asn1.DERBoolean</a></li>
<li><a href="../symbols/KJUR.asn1.DEREnumerated.html">KJUR.asn1.DEREnumerated</a></li>
<li><a href="../symbols/KJUR.asn1.DERGeneralizedTime.html">KJUR.asn1.DERGeneralizedTime</a></li>
<li><a href="../symbols/KJUR.asn1.DERIA5String.html">KJUR.asn1.DERIA5String</a></li>
<li><a href="../symbols/KJUR.asn1.DERInteger.html">KJUR.asn1.DERInteger</a></li>
<li><a href="../symbols/KJUR.asn1.DERNull.html">KJUR.asn1.DERNull</a></li>
<li><a href="../symbols/KJUR.asn1.DERNumericString.html">KJUR.asn1.DERNumericString</a></li>
<li><a href="../symbols/KJUR.asn1.DERObjectIdentifier.html">KJUR.asn1.DERObjectIdentifier</a></li>
<li><a href="../symbols/KJUR.asn1.DEROctetString.html">KJUR.asn1.DEROctetString</a></li>
<li><a href="../symbols/KJUR.asn1.DERPrintableString.html">KJUR.asn1.DERPrintableString</a></li>
<li><a href="../symbols/KJUR.asn1.DERSequence.html">KJUR.asn1.DERSequence</a></li>
<li><a href="../symbols/KJUR.asn1.DERSet.html">KJUR.asn1.DERSet</a></li>
<li><a href="../symbols/KJUR.asn1.DERTaggedObject.html">KJUR.asn1.DERTaggedObject</a></li>
<li><a href="../symbols/KJUR.asn1.DERTeletexString.html">KJUR.asn1.DERTeletexString</a></li>
<li><a href="../symbols/KJUR.asn1.DERUTCTime.html">KJUR.asn1.DERUTCTime</a></li>
<li><a href="../symbols/KJUR.asn1.DERUTF8String.html">KJUR.asn1.DERUTF8String</a></li>
<li><a href="../symbols/KJUR.asn1.tsp.html">KJUR.asn1.tsp</a></li>
<li><a href="../symbols/KJUR.asn1.tsp.AbstractTSAAdapter.html">KJUR.asn1.tsp.AbstractTSAAdapter</a></li>
<li><a href="../symbols/KJUR.asn1.tsp.Accuracy.html">KJUR.asn1.tsp.Accuracy</a></li>
<li><a href="../symbols/KJUR.asn1.tsp.FixedTSAAdapter.html">KJUR.asn1.tsp.FixedTSAAdapter</a></li>
<li><a href="../symbols/KJUR.asn1.tsp.MessageImprint.html">KJUR.asn1.tsp.MessageImprint</a></li>
<li><a href="../symbols/KJUR.asn1.tsp.PKIFailureInfo.html">KJUR.asn1.tsp.PKIFailureInfo</a></li>
<li><a href="../symbols/KJUR.asn1.tsp.PKIFreeText.html">KJUR.asn1.tsp.PKIFreeText</a></li>
<li><a href="../symbols/KJUR.asn1.tsp.PKIStatus.html">KJUR.asn1.tsp.PKIStatus</a></li>
<li><a href="../symbols/KJUR.asn1.tsp.PKIStatusInfo.html">KJUR.asn1.tsp.PKIStatusInfo</a></li>
<li><a href="../symbols/KJUR.asn1.tsp.SimpleTSAAdapter.html">KJUR.asn1.tsp.SimpleTSAAdapter</a></li>
<li><a href="../symbols/KJUR.asn1.tsp.TimeStampReq.html">KJUR.asn1.tsp.TimeStampReq</a></li>
<li><a href="../symbols/KJUR.asn1.tsp.TimeStampResp.html">KJUR.asn1.tsp.TimeStampResp</a></li>
<li><a href="../symbols/KJUR.asn1.tsp.TSPUtil.html">KJUR.asn1.tsp.TSPUtil</a></li>
<li><a href="../symbols/KJUR.asn1.tsp.TSTInfo.html">KJUR.asn1.tsp.TSTInfo</a></li>
<li><a href="../symbols/KJUR.asn1.x509.html">KJUR.asn1.x509</a></li>
<li><a href="../symbols/KJUR.asn1.x509.AlgorithmIdentifier.html">KJUR.asn1.x509.AlgorithmIdentifier</a></li>
<li><a href="../symbols/KJUR.asn1.x509.AttributeTypeAndValue.html">KJUR.asn1.x509.AttributeTypeAndValue</a></li>
<li><a href="../symbols/KJUR.asn1.x509.AuthorityKeyIdentifier.html">KJUR.asn1.x509.AuthorityKeyIdentifier</a></li>
<li><a href="../symbols/KJUR.asn1.x509.BasicConstraints.html">KJUR.asn1.x509.BasicConstraints</a></li>
<li><a href="../symbols/KJUR.asn1.x509.Certificate.html">KJUR.asn1.x509.Certificate</a></li>
<li><a href="../symbols/KJUR.asn1.x509.CRL.html">KJUR.asn1.x509.CRL</a></li>
<li><a href="../symbols/KJUR.asn1.x509.CRLDistributionPoints.html">KJUR.asn1.x509.CRLDistributionPoints</a></li>
<li><a href="../symbols/KJUR.asn1.x509.CRLEntry.html">KJUR.asn1.x509.CRLEntry</a></li>
<li><a href="../symbols/KJUR.asn1.x509.DistributionPoint.html">KJUR.asn1.x509.DistributionPoint</a></li>
<li><a href="../symbols/KJUR.asn1.x509.DistributionPointName.html">KJUR.asn1.x509.DistributionPointName</a></li>
<li><a href="../symbols/KJUR.asn1.x509.Extension.html">KJUR.asn1.x509.Extension</a></li>
<li><a href="../symbols/KJUR.asn1.x509.ExtKeyUsage.html">KJUR.asn1.x509.ExtKeyUsage</a></li>
<li><a href="../symbols/KJUR.asn1.x509.GeneralName.html">KJUR.asn1.x509.GeneralName</a></li>
<li><a href="../symbols/KJUR.asn1.x509.GeneralNames.html">KJUR.asn1.x509.GeneralNames</a></li>
<li><a href="../symbols/KJUR.asn1.x509.KeyUsage.html">KJUR.asn1.x509.KeyUsage</a></li>
<li><a href="../symbols/KJUR.asn1.x509.OID.html">KJUR.asn1.x509.OID</a></li>
<li><a href="../symbols/KJUR.asn1.x509.RDN.html">KJUR.asn1.x509.RDN</a></li>
<li><a href="../symbols/KJUR.asn1.x509.SubjectPublicKeyInfo.html">KJUR.asn1.x509.SubjectPublicKeyInfo</a></li>
<li><a href="../symbols/KJUR.asn1.x509.TBSCertificate.html">KJUR.asn1.x509.TBSCertificate</a></li>
<li><a href="../symbols/KJUR.asn1.x509.TBSCertList.html">KJUR.asn1.x509.TBSCertList</a></li>
<li><a href="../symbols/KJUR.asn1.x509.Time.html">KJUR.asn1.x509.Time</a></li>
<li><a href="../symbols/KJUR.asn1.x509.X500Name.html">KJUR.asn1.x509.X500Name</a></li>
<li><a href="../symbols/KJUR.asn1.x509.X509Util.html">KJUR.asn1.x509.X509Util</a></li>
<li><a href="../symbols/KJUR.crypto.html">KJUR.crypto</a></li>
<li><a href="../symbols/KJUR.crypto.DSA.html">KJUR.crypto.DSA</a></li>
<li><a href="../symbols/KJUR.crypto.ECDSA.html">KJUR.crypto.ECDSA</a></li>
<li><a href="../symbols/KJUR.crypto.ECParameterDB.html">KJUR.crypto.ECParameterDB</a></li>
<li><a href="../symbols/KJUR.crypto.Mac.html">KJUR.crypto.Mac</a></li>
<li><a href="../symbols/KJUR.crypto.MessageDigest.html">KJUR.crypto.MessageDigest</a></li>
<li><a href="../symbols/KJUR.crypto.OID.html">KJUR.crypto.OID</a></li>
<li><a href="../symbols/KJUR.crypto.Signature.html">KJUR.crypto.Signature</a></li>
<li><a href="../symbols/KJUR.crypto.Util.html">KJUR.crypto.Util</a></li>
<li><a href="../symbols/KJUR.jws.html">KJUR.jws</a></li>
<li><a href="../symbols/KJUR.jws.IntDate.html">KJUR.jws.IntDate</a></li>
<li><a href="../symbols/KJUR.jws.JWS.html">KJUR.jws.JWS</a></li>
<li><a href="../symbols/KJUR.jws.JWSJS.html">KJUR.jws.JWSJS</a></li>
<li><a href="../symbols/PKCS5PKEY.html">PKCS5PKEY</a></li>
<li><a href="../symbols/RSAKey.html">RSAKey</a></li>
<li><a href="../symbols/X509.html">X509</a></li>
</ul>
<hr />
<!-- end publish.classesIndex -->
</div>
<div id="content">
<!-- ============================== class title ============================ -->
<h1 class="classTitle">
Class KJUR.jws.JWS
</h1>
<!-- ============================== class summary ========================== -->
<p class="description">
JSON Web Signature(JWS) class
<br /><i>Defined in: </i> <a href="../symbols/src/jws-3.3.js.html">jws-3.3.js</a>.
</p>
<!-- ============================== constructor summary ==================== -->
<table class="summaryTable" cellspacing="0" summary="A summary of the constructor documented in the class KJUR.jws.JWS.">
<caption>Class Summary</caption>
<thead>
<tr>
<th scope="col">Constructor Attributes</th>
<th scope="col">Constructor Name and Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="attributes">&nbsp;</td>
<td class="nameDescription" >
<div class="fixedFont">
<b><a href="../symbols/KJUR.jws.JWS.html#constructor">KJUR.jws.JWS</a></b>()
</div>
<div class="description">JSON Web Signature(JWS) class.</div>
</td>
</tr>
</tbody>
</table>
<!-- ============================== properties summary ===================== -->
<table class="summaryTable" cellspacing="0" summary="A summary of the fields documented in the class KJUR.jws.JWS.">
<caption>Field Summary</caption>
<thead>
<tr>
<th scope="col">Field Attributes</th>
<th scope="col">Field Name and Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="attributes">&lt;static&gt; &nbsp;</td>
<td class="nameDescription">
<div class="fixedFont">
KJUR.jws.JWS.<b><a href="../symbols/KJUR.jws.JWS.html#.jwsalg2sigalg">jwsalg2sigalg</a></b>
</div>
<div class="description">static associative array of general signature algorithm name from JWS algorithm name</div>
</td>
</tr>
</tbody>
</table>
<!-- ============================== methods summary ======================== -->
<table class="summaryTable" cellspacing="0" summary="A summary of the methods documented in the class KJUR.jws.JWS.">
<caption>Method Summary</caption>
<thead>
<tr>
<th scope="col">Method Attributes</th>
<th scope="col">Method Name and Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="attributes">&lt;static&gt; &nbsp;</td>
<td class="nameDescription">
<div class="fixedFont">KJUR.jws.JWS.<b><a href="../symbols/KJUR.jws.JWS.html#.getEncodedSignatureValueFromJWS">getEncodedSignatureValueFromJWS</a></b>(sJWS)
</div>
<div class="description">get Encoed Signature Value from JWS string.</div>
</td>
</tr>
<tr>
<td class="attributes">&lt;static&gt; &nbsp;</td>
<td class="nameDescription">
<div class="fixedFont">KJUR.jws.JWS.<b><a href="../symbols/KJUR.jws.JWS.html#.getJWKthumbprint">getJWKthumbprint</a></b>(o)
</div>
<div class="description">get RFC 7638 JWK thumbprint from JWK object
This method calculates JWK thmubprint for specified JWK object
as described in
<a href="https://tools.ietf.org/html/rfc7638">RFC 7638</a>.</div>
</td>
</tr>
<tr>
<td class="attributes">&lt;static&gt; &nbsp;</td>
<td class="nameDescription">
<div class="fixedFont">KJUR.jws.JWS.<b><a href="../symbols/KJUR.jws.JWS.html#.inArray">inArray</a></b>(item, a)
</div>
<div class="description">check whether item is included by array</div>
</td>
</tr>
<tr>
<td class="attributes">&lt;static&gt; &nbsp;</td>
<td class="nameDescription">
<div class="fixedFont">KJUR.jws.JWS.<b><a href="../symbols/KJUR.jws.JWS.html#.includedArray">includedArray</a></b>(a1, a2)
</div>
<div class="description">check whether array is included by another array</div>
</td>
</tr>
<tr>
<td class="attributes">&lt;static&gt; &nbsp;</td>
<td class="nameDescription">
<div class="fixedFont">KJUR.jws.JWS.<b><a href="../symbols/KJUR.jws.JWS.html#.isSafeJSONString">isSafeJSONString</a></b>(s)
</div>
<div class="description">check whether a String "s" is a safe JSON string or not.</div>
</td>
</tr>
<tr>
<td class="attributes">&lt;static&gt; &nbsp;</td>
<td class="nameDescription">
<div class="fixedFont">KJUR.jws.JWS.<b><a href="../symbols/KJUR.jws.JWS.html#.parse">parse</a></b>(sJWS)
</div>
<div class="description">parse header and payload of JWS signature<br/>
This method parses JWS signature string.</div>
</td>
</tr>
<tr>
<td class="attributes">&lt;static&gt; &nbsp;</td>
<td class="nameDescription">
<div class="fixedFont">KJUR.jws.JWS.<b><a href="../symbols/KJUR.jws.JWS.html#.parseJWS">parseJWS</a></b>(sJWS)
</div>
<div class="description">parse JWS string and set public property 'parsedJWS' dictionary.</div>
</td>
</tr>
<tr>
<td class="attributes">&lt;static&gt; &nbsp;</td>
<td class="nameDescription">
<div class="fixedFont">KJUR.jws.JWS.<b><a href="../symbols/KJUR.jws.JWS.html#.readSafeJSONString">readSafeJSONString</a></b>(s)
</div>
<div class="description">read a String "s" as JSON object if it is safe.</div>
</td>
</tr>
<tr>
<td class="attributes">&lt;static&gt; &nbsp;</td>
<td class="nameDescription">
<div class="fixedFont">KJUR.jws.JWS.<b><a href="../symbols/KJUR.jws.JWS.html#.sign">sign</a></b>(alg, spHead, spPayload, key, pass)
</div>
<div class="description">generate JWS signature by specified key<br/>
This method supports following algorithms.</div>
</td>
</tr>
<tr>
<td class="attributes">&lt;static&gt; &nbsp;</td>
<td class="nameDescription">
<div class="fixedFont">KJUR.jws.JWS.<b><a href="../symbols/KJUR.jws.JWS.html#.verify">verify</a></b>(sJWS, key, acceptAlgs)
</div>
<div class="description">verify JWS signature by specified key or certificate<br/>
<p>
This method verifies a JSON Web Signature Compact Serialization string by the validation
algorithm as described in
<a href="http://self-issued.info/docs/draft-jones-json-web-signature-04.html#anchor5">
the section 5 of Internet Draft draft-jones-json-web-signature-04.</div>
</td>
</tr>
<tr>
<td class="attributes">&lt;static&gt; &nbsp;</td>
<td class="nameDescription">
<div class="fixedFont">KJUR.jws.JWS.<b><a href="../symbols/KJUR.jws.JWS.html#.verifyJWT">verifyJWT</a></b>(sJWT, key, acceptField)
</div>
<div class="description">This method verifies a
<a href="https://tools.ietf.org/html/rfc7519">RFC 7519</a>
JSON Web Token(JWT).</div>
</td>
</tr>
</tbody>
</table>
<!-- ============================== events summary ======================== -->
<!-- ============================== constructor details ==================== -->
<div class="details"><a name="constructor"> </a>
<div class="sectionTitle">
Class Detail
</div>
<div class="fixedFont">
<b>KJUR.jws.JWS</b>()
</div>
<div class="description">
JSON Web Signature(JWS) class.<br/>
This class provides JSON Web Signature(JWS)/JSON Web Token(JWT) signing and validation.
<h4>Supported Algorithms</h4>
Here is supported algorithm names for <a href="../symbols/KJUR.jws.JWS.html#.sign">KJUR.jws.JWS.sign</a> and <a href="../symbols/KJUR.jws.JWS.html#.verify">KJUR.jws.JWS.verify</a>
methods.
<table>
<tr><th>alg value</th><th>spec requirement</th><th>jsjws support</th></tr>
<tr><td>HS256</td><td>REQUIRED</td><td>SUPPORTED</td></tr>
<tr><td>HS384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
<tr><td>HS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
<tr><td>RS256</td><td>RECOMMENDED</td><td>SUPPORTED</td></tr>
<tr><td>RS384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
<tr><td>RS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
<tr><td>ES256</td><td>RECOMMENDED+</td><td>SUPPORTED</td></tr>
<tr><td>ES384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
<tr><td>ES512</td><td>OPTIONAL</td><td>-</td></tr>
<tr><td>PS256</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
<tr><td>PS384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
<tr><td>PS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
<tr><td>none</td><td>REQUIRED</td><td>SUPPORTED(signature generation only)</td></tr>
</table>
<dl>
<dt><b>NOTE1</b>
<dd>HS384 is supported since jsjws 3.0.2 with jsrsasign 4.1.4.
<dt><b>NOTE2</b>
<dd>Some deprecated methods have been removed since jws 3.3 of jsrsasign 4.10.0.
Removed methods are following:
<ul>
<li>JWS.verifyJWSByNE</li>
<li>JWS.verifyJWSByKey</li>
<li>JWS.generateJWSByNED</li>
<li>JWS.generateJWSByKey</li>
<li>JWS.generateJWSByP1PrvKey</li>
</ul>
</dl>
<b>EXAMPLE</b><br/>
</div>
<pre class="code">// JWS signing
sJWS = KJUR.jws.JWS.sign(null, '{"alg":"HS256", "cty":"JWT"}', '{"age": 21}', "password");
// JWS validation
isValid = KJUR.jws.JWS.verify('eyJjdHkiOiJKV1QiLCJhbGc...', "password");
// JWT validation
isValid = KJUR.jws.JWS.verifyJWT('eyJh...', "password", {
alg: ['HS256', 'HS384'],
iss: ['http://foo.com']
});</pre>
<dl class="detailList">
<dt class="heading">Since:</dt>
<dd>jsjws 1.0</dd>
</dl>
<dl class="detailList">
<dt class="heading">See:</dt>
<dd><a href="http://kjur.github.com/jsjws/">'jwjws'(JWS JavaScript Library) home page http://kjur.github.com/jsjws/</a></dd>
<dd><a href="http://kjur.github.com/jsrsasigns/">'jwrsasign'(RSA Sign JavaScript Library) home page http://kjur.github.com/jsrsasign/</a></dd>
<dd><a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-14">IETF I-D JSON Web Algorithms (JWA)</a></dd>
</dl>
</div>
<!-- ============================== field details ========================== -->
<div class="sectionTitle">
Field Detail
</div>
<a name=".jwsalg2sigalg"> </a>
<div class="fixedFont">&lt;static&gt;
<span class="light">KJUR.jws.JWS.</span><b>jwsalg2sigalg</b>
</div>
<div class="description">
static associative array of general signature algorithm name from JWS algorithm name
</div>
<dl class="detailList">
<dt class="heading">Since:</dt>
<dd>jws 3.0.0</dd>
</dl>
<!-- ============================== method details ========================= -->
<div class="sectionTitle">
Method Detail
</div>
<a name=".getEncodedSignatureValueFromJWS"> </a>
<div class="fixedFont">&lt;static&gt;
<span class="light">{String}</span>
<span class="light">KJUR.jws.JWS.</span><b>getEncodedSignatureValueFromJWS</b>(sJWS)
</div>
<div class="description">
get Encoed Signature Value from JWS string.<br/>
</div>
<dl class="detailList">
<dt class="heading">Parameters:</dt>
<dt>
<span class="light fixedFont">{String}</span> <b>sJWS</b>
</dt>
<dd>JWS signature string to be verified</dd>
</dl>
<dl class="detailList">
<dt class="heading">Throws:</dt>
<dt>
<b></b>
</dt>
<dd>if sJWS is not comma separated string such like "Header.Payload.Signature".</dd>
</dl>
<dl class="detailList">
<dt class="heading">Returns:</dt>
<dd><span class="light fixedFont">{String}</span> string of Encoded Signature Value</dd>
</dl>
<hr />
<a name=".getJWKthumbprint"> </a>
<div class="fixedFont">&lt;static&gt;
<span class="light">{String}</span>
<span class="light">KJUR.jws.JWS.</span><b>getJWKthumbprint</b>(o)
</div>
<div class="description">
get RFC 7638 JWK thumbprint from JWK object
This method calculates JWK thmubprint for specified JWK object
as described in
<a href="https://tools.ietf.org/html/rfc7638">RFC 7638</a>.
It supports all type of "kty". (i.e. "RSA", "EC" and "oct"
(for symmetric key))
Working sample is
<a href="https://kjur.github.io/jsrsasign/sample/tool_jwktp.html">here</a>.
</div>
<pre class="code">jwk = {"kty":"RSA", "n":"0vx...", "e":"AQAB", ...};
thumbprint = KJUR.jws.JWS.getJWKthumbprint(jwk);</pre>
<dl class="detailList">
<dt class="heading">Parameters:</dt>
<dt>
<span class="light fixedFont">{String}</span> <b>o</b>
</dt>
<dd>JWK object to be calculated thumbprint</dd>
</dl>
<dl class="detailList">
<dt class="heading">Since:</dt>
<dd>jsrsasign 5.0.2 jws 3.3.2</dd>
</dl>
</dl>
<dl class="detailList">
<dt class="heading">Returns:</dt>
<dd><span class="light fixedFont">{String}</span> Base64 URL encoded JWK thumbprint value</dd>
</dl>
<hr />
<a name=".inArray"> </a>
<div class="fixedFont">&lt;static&gt;
<span class="light">{Boolean}</span>
<span class="light">KJUR.jws.JWS.</span><b>inArray</b>(item, a)
</div>
<div class="description">
check whether item is included by array
</div>
<pre class="code">KJUR.jws.JWS.inArray('b', ['b', 'c', 'a']) => true
KJUR.jws.JWS.inArray('a', ['b', 'c', 'a']) => true
KJUR.jws.JWS.inArray('a', ['b', 'c']) => false</pre>
<dl class="detailList">
<dt class="heading">Parameters:</dt>
<dt>
<span class="light fixedFont">{String}</span> <b>item</b>
</dt>
<dd>check whether item is included by array</dd>
<dt>
<span class="light fixedFont">{Array}</span> <b>a</b>
</dt>
<dd>check whether item is included by array</dd>
</dl>
<dl class="detailList">
<dt class="heading">Since:</dt>
<dd>jws 3.2.3
This method verifies whether an item is included by an array.
It doesn't care about item ordering in an array.</dd>
</dl>
</dl>
<dl class="detailList">
<dt class="heading">Returns:</dt>
<dd><span class="light fixedFont">{Boolean}</span> check whether item is included by array</dd>
</dl>
<hr />
<a name=".includedArray"> </a>
<div class="fixedFont">&lt;static&gt;
<span class="light">{Boolean}</span>
<span class="light">KJUR.jws.JWS.</span><b>includedArray</b>(a1, a2)
</div>
<div class="description">
check whether array is included by another array
</div>
<pre class="code">KJUR.jws.JWS.includedArray(['b'], ['b', 'c', 'a']) => true
KJUR.jws.JWS.includedArray(['a', 'b'], ['b', 'c', 'a']) => true
KJUR.jws.JWS.includedArray(['a', 'b'], ['b', 'c']) => false</pre>
<dl class="detailList">
<dt class="heading">Parameters:</dt>
<dt>
<span class="light fixedFont">{Array}</span> <b>a1</b>
</dt>
<dd>check whether set a1 is included by a2</dd>
<dt>
<span class="light fixedFont">{Array}</span> <b>a2</b>
</dt>
<dd>check whether set a1 is included by a2</dd>
</dl>
<dl class="detailList">
<dt class="heading">Since:</dt>
<dd>jws 3.2.3
This method verifies whether an array is included by another array.
It doesn't care about item ordering in a array.</dd>
</dl>
</dl>
<dl class="detailList">
<dt class="heading">Returns:</dt>
<dd><span class="light fixedFont">{Boolean}</span> check whether set a1 is included by a2</dd>
</dl>
<hr />
<a name=".isSafeJSONString"> </a>
<div class="fixedFont">&lt;static&gt;
<span class="light">{Number}</span>
<span class="light">KJUR.jws.JWS.</span><b>isSafeJSONString</b>(s)
</div>
<div class="description">
check whether a String "s" is a safe JSON string or not.<br/>
If a String "s" is a malformed JSON string or an other object type
this returns 0, otherwise this returns 1.
</div>
<dl class="detailList">
<dt class="heading">Parameters:</dt>
<dt>
<span class="light fixedFont">{String}</span> <b>s</b>
</dt>
<dd>JSON string</dd>
</dl>
<dl class="detailList">
<dt class="heading">Returns:</dt>
<dd><span class="light fixedFont">{Number}</span> 1 or 0</dd>
</dl>
<hr />
<a name=".parse"> </a>
<div class="fixedFont">&lt;static&gt;
<span class="light">{Array}</span>
<span class="light">KJUR.jws.JWS.</span><b>parse</b>(sJWS)
</div>
<div class="description">
parse header and payload of JWS signature<br/>
This method parses JWS signature string.
Resulted associative array has following properties:
<ul>
<li>headerObj - JSON object of header</li>
<li>payloadObj - JSON object of payload if payload is JSON string otherwise undefined</li>
<li>headerPP - pretty printed JSON header by stringify</li>
<li>payloadPP - pretty printed JSON payload by stringify if payload is JSON otherwise Base64URL decoded raw string of payload</li>
<li>sigHex - hexadecimal string of signature</li>
</ul>
</div>
<pre class="code">KJUR.jws.JWS.parse(sJWS) ->
{
headerObj: {"alg": "RS256", "typ": "JWS"},
payloadObj: {"product": "orange", "quantity": 100},
headerPP:
'{
"alg": "RS256",
"typ": "JWS"
}',
payloadPP:
'{
"product": "orange",
"quantity": 100
}',
sigHex: "91f3cd..."
}</pre>
<dl class="detailList">
<dt class="heading">Parameters:</dt>
<dt>
<span class="light fixedFont">{String}</span> <b>sJWS</b>
</dt>
<dd>string of JWS signature to parse</dd>
</dl>
<dl class="detailList">
<dt class="heading">Since:</dt>
<dd>jws 3.3.3</dd>
</dl>
</dl>
<dl class="detailList">
<dt class="heading">Throws:</dt>
<dt>
<b></b>
</dt>
<dd>if sJWS is malformed JWS signature</dd>
</dl>
<dl class="detailList">
<dt class="heading">Returns:</dt>
<dd><span class="light fixedFont">{Array}</span> associative array of parsed header and payload. See below.</dd>
</dl>
<hr />
<a name=".parseJWS"> </a>
<div class="fixedFont">&lt;static&gt;
<span class="light">KJUR.jws.JWS.</span><b>parseJWS</b>(sJWS)
</div>
<div class="description">
parse JWS string and set public property 'parsedJWS' dictionary.<br/>
</div>
<dl class="detailList">
<dt class="heading">Parameters:</dt>
<dt>
<span class="light fixedFont">{String}</span> <b>sJWS</b>
</dt>
<dd>JWS signature string to be parsed.</dd>
</dl>
<dl class="detailList">
<dt class="heading">Since:</dt>
<dd>jws 1.1</dd>
</dl>
</dl>
<dl class="detailList">
<dt class="heading">Throws:</dt>
<dt>
<b></b>
</dt>
<dd>if sJWS is not comma separated string such like "Header.Payload.Signature".</dd>
<dt>
<b></b>
</dt>
<dd>if JWS Header is a malformed JSON string.</dd>
</dl>
<hr />
<a name=".readSafeJSONString"> </a>
<div class="fixedFont">&lt;static&gt;
<span class="light">{Object}</span>
<span class="light">KJUR.jws.JWS.</span><b>readSafeJSONString</b>(s)
</div>
<div class="description">
read a String "s" as JSON object if it is safe.<br/>
If a String "s" is a malformed JSON string or not JSON string,
this returns null, otherwise returns JSON object.
</div>
<dl class="detailList">
<dt class="heading">Parameters:</dt>
<dt>
<span class="light fixedFont">{String}</span> <b>s</b>
</dt>
<dd>JSON string</dd>
</dl>
<dl class="detailList">
<dt class="heading">Since:</dt>
<dd>1.1.1</dd>
</dl>
</dl>
<dl class="detailList">
<dt class="heading">Returns:</dt>
<dd><span class="light fixedFont">{Object}</span> JSON object or null</dd>
</dl>
<hr />
<a name=".sign"> </a>
<div class="fixedFont">&lt;static&gt;
<span class="light">{String}</span>
<span class="light">KJUR.jws.JWS.</span><b>sign</b>(alg, spHead, spPayload, key, pass)
</div>
<div class="description">
generate JWS signature by specified key<br/>
This method supports following algorithms.
<table>
<tr><th>alg value</th><th>spec requirement</th><th>jsjws support</th></tr>
<tr><td>HS256</td><td>REQUIRED</td><td>SUPPORTED</td></tr>
<tr><td>HS384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
<tr><td>HS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
<tr><td>RS256</td><td>RECOMMENDED</td><td>SUPPORTED</td></tr>
<tr><td>RS384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
<tr><td>RS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
<tr><td>ES256</td><td>RECOMMENDED+</td><td>SUPPORTED</td></tr>
<tr><td>ES384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
<tr><td>ES512</td><td>OPTIONAL</td><td>-</td></tr>
<tr><td>PS256</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
<tr><td>PS384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
<tr><td>PS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
<tr><td>none</td><td>REQUIRED</td><td>SUPPORTED(signature generation only)</td></tr>
</table>
<dl>
<dt>NOTE1:
<dd>salt length of RSAPSS signature is the same as the hash algorithm length
because of <a href="http://www.ietf.org/mail-archive/web/jose/current/msg02901.html">IETF JOSE ML discussion</a>.
<dt>NOTE2:
<dd>To support HS384, patched version of CryptoJS is used.
<a href="https://code.google.com/p/crypto-js/issues/detail?id=84">See here for detail</a>.
<dt>NOTE3:
From jsrsasign 4.10.0 jws 3.3.0, Way to provide password
for HS* algorithm is changed. The 'key' attribute value is
passed to <a href="../symbols/KJUR.crypto.Mac.html#.setPassword">KJUR.crypto.Mac.setPassword</a> so please see
<a href="../symbols/KJUR.crypto.Mac.html#.setPassword">KJUR.crypto.Mac.setPassword</a> for detail.
As for backword compatibility, if key is a string, has even length and
0..9, A-F or a-f characters, key string is treated as a hexadecimal
otherwise it is treated as a raw string.
<dd>
</dl>
<b>EXAMPLE</b><br/>
</div>
<pre class="code">// sign HS256 signature with password "aaa" implicitly handled as string
sJWS = KJUR.jws.JWS.sign(null, {alg: "HS256", cty: "JWT"}, {age: 21}, "aaa");
// sign HS256 signature with password "6161" implicitly handled as hex
sJWS = KJUR.jws.JWS.sign(null, {alg: "HS256", cty: "JWT"}, {age: 21}, "6161");
// sign HS256 signature with base64 password
sJWS = KJUR.jws.JWS.sign(null, {alg: "HS256"}, {age: 21}, {b64: "Mi/8..a="});
// sign RS256 signature with PKCS#8 PEM RSA private key
sJWS = KJUR.jws.JWS.sign(null, {alg: "RS256"}, {age: 21}, "-----BEGIN PRIVATE KEY...");
// sign RS256 signature with PKCS#8 PEM ECC private key with passcode
sJWS = KJUR.jws.JWS.sign(null, {alg: "ES256"}, {age: 21},
"-----BEGIN PRIVATE KEY...", "keypass");
// header and payload can be passed by both string and object
sJWS = KJUR.jws.JWS.sign(null, '{alg:"HS256",cty:"JWT"}', '{age:21}', "aaa");</pre>
<dl class="detailList">
<dt class="heading">Parameters:</dt>
<dt>
<span class="light fixedFont">{String}</span> <b>alg</b>
</dt>
<dd>JWS algorithm name to sign and force set to sHead or null</dd>
<dt>
<span class="light fixedFont">{String}</span> <b>spHead</b>
</dt>
<dd>string or object of JWS Header</dd>
<dt>
<span class="light fixedFont">{String}</span> <b>spPayload</b>
</dt>
<dd>string or object of JWS Payload</dd>
<dt>
<span class="light fixedFont">{String}</span> <b>key</b>
</dt>
<dd>string of private key or mac key object to sign</dd>
<dt>
<span class="light fixedFont">{String}</span> <b>pass</b>
</dt>
<dd>(OPTION)passcode to use encrypted asymmetric private key</dd>
</dl>
<dl class="detailList">
<dt class="heading">Since:</dt>
<dd>jws 3.0.0</dd>
</dl>
</dl>
<dl class="detailList">
<dt class="heading">Returns:</dt>
<dd><span class="light fixedFont">{String}</span> JWS signature string</dd>
</dl>
<dl class="detailList">
<dt class="heading">See:</dt>
<dd><a href="http://kjur.github.io/jsrsasign/api/symbols/KJUR.crypto.Signature.html">jsrsasign KJUR.crypto.Signature method</a></dd>
<dd><a href="http://kjur.github.io/jsrsasign/api/symbols/KJUR.crypto.Mac.html">jsrsasign KJUR.crypto.Mac method</a></dd>
</dl>
<hr />
<a name=".verify"> </a>
<div class="fixedFont">&lt;static&gt;
<span class="light">{Boolean}</span>
<span class="light">KJUR.jws.JWS.</span><b>verify</b>(sJWS, key, acceptAlgs)
</div>
<div class="description">
verify JWS signature by specified key or certificate<br/>
<p>
This method verifies a JSON Web Signature Compact Serialization string by the validation
algorithm as described in
<a href="http://self-issued.info/docs/draft-jones-json-web-signature-04.html#anchor5">
the section 5 of Internet Draft draft-jones-json-web-signature-04.</a>
</p>
<p>
Since 3.2.0 strict key checking has been provided against a JWS algorithm
in a JWS header.
<ul>
<li>In case 'alg' is 'HS*' in the JWS header,
'key' shall be hexadecimal string for Hmac{256,384,512} shared secret key.
Otherwise it raise an error.</li>
<li>In case 'alg' is 'RS*' or 'PS*' in the JWS header,
'key' shall be a RSAKey object or a PEM string of
X.509 RSA public key certificate or PKCS#8 RSA public key.
Otherwise it raise an error.</li>
<li>In case 'alg' is 'ES*' in the JWS header,
'key' shall be a KJUR.crypto.ECDSA object or a PEM string of
X.509 ECC public key certificate or PKCS#8 ECC public key.
Otherwise it raise an error.</li>
<li>In case 'alg' is 'none' in the JWS header,
validation not supported after jsjws 3.1.0.</li>
</ul>
</p>
<p>
NOTE1: The argument 'acceptAlgs' is supported since 3.2.0.
Strongly recommended to provide acceptAlgs to mitigate
signature replacement attacks.<br/>
</p>
<p>
NOTE2: From jsrsasign 4.9.0 jws 3.2.5, Way to provide password
for HS* algorithm is changed. The 'key' attribute value is
passed to <a href="../symbols/KJUR.crypto.Mac.html#.setPassword">KJUR.crypto.Mac.setPassword</a> so please see
<a href="../symbols/KJUR.crypto.Mac.html#.setPassword">KJUR.crypto.Mac.setPassword</a> for detail.
As for backword compatibility, if key is a string, has even length and
0..9, A-F or a-f characters, key string is treated as a hexadecimal
otherwise it is treated as a raw string.
</p>
</div>
<pre class="code">// 1) verify a RS256 JWS signature by a certificate string.
isValid = KJUR.jws.JWS.verify('eyJh...', '-----BEGIN...', ['RS256']);
// 2) verify a HS256 JWS signature by a certificate string.
isValid = KJUR.jws.JWS.verify('eyJh...', {hex: '6f62ad...'}, ['HS256']);
isValid = KJUR.jws.JWS.verify('eyJh...', {b64: 'Mi/ab8...a=='}, ['HS256']);
isValid = KJUR.jws.JWS.verify('eyJh...', {utf8: 'Secret秘密'}, ['HS256']);
isValid = KJUR.jws.JWS.verify('eyJh...', '6f62ad', ['HS256']); // implicit hex
isValid = KJUR.jws.JWS.verify('eyJh...', '6f62ada', ['HS256']); // implicit raw string
// 3) verify a ES256 JWS signature by a KJUR.crypto.ECDSA key object.
var pubkey = KEYUTIL.getKey('-----BEGIN CERT...');
var isValid = KJUR.jws.JWS.verify('eyJh...', pubkey);</pre>
<dl class="detailList">
<dt class="heading">Parameters:</dt>
<dt>
<span class="light fixedFont">{String}</span> <b>sJWS</b>
</dt>
<dd>string of JWS signature to verify</dd>
<dt>
<span class="light fixedFont">{Object}</span> <b>key</b>
</dt>
<dd>string of public key, certificate or key object to verify</dd>
<dt>
<span class="light fixedFont">{String}</span> <b>acceptAlgs</b>
</dt>
<dd>array of algorithm name strings (OPTION)</dd>
</dl>
<dl class="detailList">
<dt class="heading">Since:</dt>
<dd>jws 3.0.0</dd>
</dl>
</dl>
<dl class="detailList">
<dt class="heading">Returns:</dt>
<dd><span class="light fixedFont">{Boolean}</span> true if the signature is valid otherwise false</dd>
</dl>
<dl class="detailList">
<dt class="heading">See:</dt>
<dd><a href="http://kjur.github.io/jsrsasign/api/symbols/KJUR.crypto.Signature.html">jsrsasign KJUR.crypto.Signature method</a></dd>
<dd><a href="http://kjur.github.io/jsrsasign/api/symbols/KJUR.crypto.Mac.html">jsrsasign KJUR.crypto.Mac method</a></dd>
</dl>
<hr />
<a name=".verifyJWT"> </a>
<div class="fixedFont">&lt;static&gt;
<span class="light">{Boolean}</span>
<span class="light">KJUR.jws.JWS.</span><b>verifyJWT</b>(sJWT, key, acceptField)
</div>
<div class="description">
This method verifies a
<a href="https://tools.ietf.org/html/rfc7519">RFC 7519</a>
JSON Web Token(JWT).
It will verify following:
<ul>
<li>Header.alg
<ul>
<li>alg is specified in JWT header.</li>
<li>alg is included in acceptField.alg array. (MANDATORY)</li>
<li>alg is proper for key.</li>
</ul>
</li>
<li>Payload.iss (issuer) - Payload.iss is included in acceptField.iss array if specified. (OPTION)</li>
<li>Payload.sub (subject) - Payload.sub is included in acceptField.sub array if specified. (OPTION)</li>
<li>Payload.aud (audience) - Payload.aud is included in acceptField.aud array or
the same as value if specified. (OPTION)</li>
<li>Time validity
<ul>
<li>
If acceptField.verifyAt as number of UNIX origin time is specifed for validation time,
this method will verify at the time for it, otherwise current time will be used to verify.
</li>
<li>
Clock of JWT generator or verifier can be fast or slow. If these clocks are
very different, JWT validation may fail. To avoid such case, 'jsrsasign' supports
'acceptField.gracePeriod' parameter which specifies acceptable time difference
of those clocks in seconds. So if you want to accept slow or fast in 2 hours,
you can specify <code>acceptField.gracePeriod = 2 * 60 * 60;</code>.
"gracePeriod" is zero by default.
"gracePeriod" is supported since jsrsasign 5.0.12.
</li>
<li>Payload.exp (expire) - Validation time is smaller than Payload.exp + gracePeriod.</li>
<li>Payload.nbf (not before) - Validation time is greater than Payload.nbf - gracePeriod.</li>
<li>Payload.iat (issued at) - Validation time is greater than Payload.iat - gracePeriod.</li>
</ul>
</li>
<li>Payload.jti (JWT id) - Payload.jti is included in acceptField.jti if specified. (OPTION)</li>
<li>JWS signature of JWS is valid for specified key.</li>
</ul>
</div>
<pre class="code">// simple validation for HS256
isValid = KJUR.jws.JWS.verifyJWT("eyJhbG...", "616161", {alg: ["HS256"]}),
// full validation for RS or PS
pubkey = KEYUTIL.getKey('-----BEGIN CERT...');
isValid = KJUR.jws.JWS.verifyJWT('eyJh...', pubkey, {
alg: ['RS256', 'RS512', 'PS256', 'PS512'],
iss: ['http://foo.com'],
sub: ['mailto:john@foo.com', 'mailto:alice@foo.com'],
verifyAt: KJUR.jws.IntDate.get('20150520235959Z'),
aud: ['http://foo.com'], // aud: 'http://foo.com' is fine too.
jti: 'id123456',
gracePeriod: 1 * 60 * 60 // accept 1 hour slow or fast
});</pre>
<dl class="detailList">
<dt class="heading">Parameters:</dt>
<dt>
<span class="light fixedFont">{String}</span> <b>sJWT</b>
</dt>
<dd>string of JSON Web Token(JWT) to verify</dd>
<dt>
<span class="light fixedFont">{Object}</span> <b>key</b>
</dt>
<dd>string of public key, certificate or key object to verify</dd>
<dt>
<span class="light fixedFont">{Array}</span> <b>acceptField</b>
</dt>
<dd>associative array of acceptable fields (OPTION)</dd>
</dl>
<dl class="detailList">
<dt class="heading">Since:</dt>
<dd>jws 3.2.3 jsrsasign 4.8.0</dd>
</dl>
</dl>
<dl class="detailList">
<dt class="heading">Returns:</dt>
<dd><span class="light fixedFont">{Boolean}</span> true if the JWT token is valid otherwise false</dd>
</dl>
<!-- ============================== event details ========================= -->
<hr />
</div>
<!-- ============================== footer ================================= -->
<div class="fineprint" style="clear:both">
&copy; 2012-2015 Kenji Urushima, All rights reserved<br/>
Documentation generated by <a href="http://code.google.com/p/jsdoc-toolkit/" target="_blank">JsDoc Toolkit</a> 2.4.0
</div>
</body>
</html>