Class: JWTService
Defined in: src/auth/jwt/jwt-service.ts:214
JWT service for token operations.
Remarks
Provides secure JWT issuance and verification using ES256 algorithm. Supports token revocation via Redis blacklist.
Example
const jwtService = new JWTService({
keyManager,
redis,
logger,
});
// Issue a token
const { token } = await jwtService.issueToken({
subject: 'did:plc:abc123',
sessionId: 'sess_xyz',
scopes: ['read', 'write'],
});
// Verify a token
const { claims } = await jwtService.verifyToken(token);
Constructors
new JWTService()
new JWTService(
options):JWTService
Defined in: src/auth/jwt/jwt-service.ts:225
Creates a new JWTService.
Parameters
options
Service options
Returns
Methods
getJWKS()
getJWKS():
Promise<JSONWebKeySet>
Defined in: src/auth/jwt/jwt-service.ts:387
Gets the JWKS for public key distribution.
Returns
Promise<JSONWebKeySet>
JWKS containing all valid public keys
issueToken()
issueToken(
options):Promise<IssuedToken>
Defined in: src/auth/jwt/jwt-service.ts:238
Issues a new access token.
Parameters
options
Token issuance options
Returns
Promise<IssuedToken>
Issued token with metadata
isTokenRevoked()
isTokenRevoked(
jti):Promise<boolean>
Defined in: src/auth/jwt/jwt-service.ts:377
Checks if a token is revoked.
Parameters
jti
string
Token ID to check
Returns
Promise<boolean>
True if token is revoked
revokeToken()
revokeToken(
jti,expiresAt):Promise<void>
Defined in: src/auth/jwt/jwt-service.ts:364
Revokes a token by its JTI.
Parameters
jti
string
Token ID to revoke
expiresAt
Date
Token expiration (for TTL calculation)
Returns
Promise<void>
verifyToken()
verifyToken(
token):Promise<VerifiedToken>
Defined in: src/auth/jwt/jwt-service.ts:284
Verifies a token and returns its claims.
Parameters
token
string
JWT string to verify
Returns
Promise<VerifiedToken>
Verified token with claims
Throws
TokenValidationError if token is invalid
Throws
TokenExpiredError if token has expired