I am trying to generate an accessToken with algorithm ES256 and I use the following code:
const jwt = require('jsonwebtoken')
const accessToken = jwt.sign(
{ name: 'John' },
'testsecret',
{ expiresIn: '24h' },
{ algorithm: 'ES256' }
)
console.log(accessToken)
And I got a token as below:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoiSm9obiIsImlhdCI6MTYxNDY4MzUxNCwiZXhwIjoxNjE0NzY5OTE0fQ.Q9quAufyTQvPvKrTUXzRDUo-o0M4yXSXjqU4vZ9nvvA
I tried pasting this to jwt.io and it seems that it is a HS256 token instead of ES256, did I miss anything?
There is something that I did not do correctly. You can always paste the above code to nodejs and you will see.
You just need to combine the expiresIn and algorithm arguments - the module takes a single options object:
const jwt = require('jsonwebtoken');
const privatekey = `-----BEGIN EC PRIVATE KEY-----
MHcCAQEEICXoLhGdD6jzX5ePTY9O9YBgv0ZZ6oBWDRsjKaeASXp6oAoGCCqGSM49
AwEHoUQDQgAELCnuRSU9Vf+bx65i3Vbibj123RQFrIEaXuMuXunzPXGURKge07fy
FoiMucdGZ2MZGsm37JdlnVGd5yU1h4D4Rg==
-----END EC PRIVATE KEY-----`
const payload = {"id":1}
const accessToken = jwt.sign(payload, privatekey, {
expiresIn: "24h",
algorithm: "ES256",
});