-
-
Save tridungle/f6f06395ba78f59997a92f4ba210aef0 to your computer and use it in GitHub Desktop.
Simple JWT example for k6 load testing tool
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import crypto from "k6/crypto"; | |
import encoding from "k6/encoding"; | |
const algToHash = { | |
HS256: "sha256", | |
HS384: "sha384", | |
HS512: "sha512" | |
}; | |
function sign(data, hashAlg, secret) { | |
let hasher = crypto.createHMAC(hashAlg, secret); | |
hasher.update(data); | |
// Some manual base64 rawurl encoding as `Hasher.digest(encodingType)` | |
// doesn't support that encoding type yet. | |
return hasher.digest("base64").replace(/\//g, "_").replace(/\+/g, "-").replace(/=/g, ""); | |
} | |
function encode(payload, secret, algorithm) { | |
algorithm = algorithm || "HS256"; | |
let header = encoding.b64encode(JSON.stringify({ typ: "JWT", alg: algorithm }), "rawurl"); | |
payload = encoding.b64encode(JSON.stringify(payload), "rawurl"); | |
let sig = sign(header + "." + payload, algToHash[algorithm], secret); | |
return [header, payload, sig].join("."); | |
} | |
function decode(token, secret, algorithm) { | |
let parts = token.split('.'); | |
let header = JSON.parse(encoding.b64decode(parts[0], "rawurl")); | |
let payload = JSON.parse(encoding.b64decode(parts[1], "rawurl")); | |
algorithm = algorithm || algToHash[header.alg]; | |
if (sign(parts[0] + "." + parts[1], algorithm, secret) != parts[2]) { | |
throw Error("JWT signature verification failed"); | |
} | |
return payload; | |
} | |
export default function() { | |
let message = { key2: "value2" }; | |
let token = encode(message, "secret"); | |
console.log("encoded", token); | |
let payload = decode(token, "secret"); | |
console.log("decoded", JSON.stringify(payload)); | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment