How to pass claims and expiration time to a JWE?

257 views Asked by At

I am playing with node-jose (https://github.com/cisco/node-jose) and it's not helping much.

Should I wrap a JWE in a JWT payload (or the opposite) maybe?

This is a sample code I am using to make some tests:

const jwe = await jose.JWE.createEncrypt(standaloneKey).
        update(Buffer.from(JSON.stringify({ somePayloadKey: 'somePayloadValue' }))).
        final();

Generates an object like this:

{ recipients:
   [ { encrypted_key: '...' } ],
  protected: '...',
  iv: '...',
  ciphertext: '...',
  tag: '...' }

Questions

1- How do I pass claims like aud for example to this generated JWE?

2- And how do I make it valid for a period of time, let's say one hour?

3- What should I pass to the client? The whole object with recipients, protected etc?

0

There are 0 answers