Add util to verify JWT

D-Pow · Aug 8, 2024 · a6bfca2 · a6bfca2
1 parent ea29ad2
commit a6bfca2
Showing 1 changed file with 39 additions and 0 deletions.
diff --git a/src/utils/Jwt.ts b/src/utils/Jwt.ts
@@ -111,3 +111,42 @@ export async function encodeJwt(text: string, {
 
     return jwt;
 }
+
+
+/**
+ * Verifies a JWT token.
+ * Note: This shouldn't be done client-side as it exposes the secret.
+ */
+export async function verifyJwt(jwt: string, signature: Parameters<Crypto['subtle']['verify']>[2], {
+    alg = 'HS256',
+    typ = 'JWT',
+    secret = '',
+} = {}) {
+    const [ encodedHeader, encodedPayload, signatureStr ] = jwt.split('.');
+
+    let algorithm = alg
+        .replace(/^hs/i, 'sha')
+        .replace(/^\D+/gi, match => match.toLowerCase());
+    algorithm = algorithm.replace(/^sha/i, 'SHA-');
+    const algoInfo = {
+        name: 'HMAC',
+        hash: algorithm,
+    };
+
+    const signingKey = await self.crypto.subtle.importKey(
+        'raw',
+        new TextEncoder().encode(secret),
+        algoInfo,
+        false,
+        [ 'verify' ],
+    );
+
+    return await self.crypto.subtle.verify(
+        'HMAC',
+        signingKey,
+        signature,
+        new TextEncoder().encode(
+            `${encodedHeader}.${encodedPayload}`,
+        ),
+    );
+}