JSON Web Token (JWT) is the compact, URL-safe means of representing claims to be transferred between two parties. JWT is a string, that consists of three parts: a header, a payload, and a signature. The header of a JWT The header typically consists of two parts: the type of the token, which is JWT, and the signing algorithm being used, such as HMAC SHA256 or RSA. Example of JWT header which specifies that…

This is a follow-up to my article about JWT. It became clear that many developers do not fully understand what MAC and HMAC are and how they work. Therefore, I wanted to provide a follow-up discussing these concepts in more detail. Message Authentication Code (MAC) is a cryptographic technique that…

Working for some time with JSON Web Signature (JWS) I came to the conclusion that many developers do not understand what it is and how it works. JSON Web Signature (JWS) represents content secured with digital signatures or Message Authentication Codes (MACs) using JSON-based data structures. There are two defined serializations for JWSs: a compact (described in this article) and a JSON. The compact serialised JWS is a string…

It is easy with node-jose library when you know how to do it. It took me some time to learn, because this information is missing in the documentation. Luckily it was in tests. The missing example (creates a JWT with an embedded ‘jwk’): // {input} is a String // {key} is from jwk keystore jose.JWS.createSign( { fields: { typ: 'JWT', }, format: 'compact', opts: { protect: false }, }, { key, reference: 'jwk', // MISSING in documentation }, ).update(input, 'utf-8') .final() .then((result) => { // {result} is a JSON object -- JWT using the JSON General Serialization });

Today I would like to share small hint about how to get licenses from all packages, used in your javascript project. It’s very useful to make Bill Of Materials for your legal department. Assuming you are using yarn (if no — start right now), go to your project directory and paste this command: yarn licenses list To get only licensees use (for yarn 1.7.x): yarn licenses list | awk '/^├─/ {$1=""; print $0}'

In one of our projects we’ve decided to use Socket.io to handle webscockets and to use a Jest to write BDD/TDD tests. Simply because on frontend we are using Jest too. And we wanted to use one test framework in all project. This has proven to be a challenge. We cannot find any working example. Documentation did not cover our use case. So for all of you with this problem I’ve created a boilerplate. I hope it will save you a couple of hours.

In the part #3 of my guide we were discovering Sets. Now it’s time for maps. Maps are ordered lists of key-value pairs. The key and the value can have any type. This is the main difference between objects keys and maps. Try this code: const log = x =>…

In the previous post we’ve met magic three dots „…” alias spread operator. Those dots are worth exploring before we will go to maps. Main objective of the spread operator is to spread the elements of an array or an iterable object. Try this code: const log = x =>…

I’ve discovered that many of us JavasScript programers haven’t noticed that ECMAScript6 introduced two new types of collections: sets and maps. Let’s start today with a set. What is it, you may ask? The set is a collection of unique elements. Try this code: const log = x => console.log(x); …