JwtDecoder
1.2.0
Offline JSON Web Token decoder and signature verifier. Never makes network calls. Sensitive buffers are zeroed before release. Guards against the JWT algorithm-confusion attack. Cmdlets: ConvertFrom-JsonWebToken, Test-JsonWebTokenSignature, Get-JsonWebTokenClaim.
Minimum PowerShell version
7.4
Installation Options
Owners
Copyright
(c) JwtDecoder contributors. All rights reserved.
Package Details
Author(s)
- JwtDecoder contributors
Tags
JWT JsonWebToken Security Crypto Offline HMAC RSA ECDsa
Cmdlets
ConvertFrom-JsonWebToken Test-JsonWebTokenSignature Get-JsonWebTokenClaim
PSEditions
Dependencies
This module has no dependencies.
Release Notes
1.1.0
- New cmdlet Get-JsonWebTokenClaim for one-shot retrieval of specific claim(s) by query path.
- Path syntax: dot/bracket notation (e.g. payload.sub, header.alg, payload.roles[0]).
- Bare names default to payload.<name>; explicit header./payload. prefix overrides the scope.
- Quoted segments allow claim names containing dots or other special characters: payload."x5t#S256".
1.0.0
- Initial release.
- Cmdlets: ConvertFrom-JsonWebToken, Test-JsonWebTokenSignature.
- Supports HS256/384/512, RS256/384/512, PS256/384/512, ES256/384/512.
- Algorithm-confusion guard (refuses PEM as HMAC secret).
- Private-key PEM refused for verification.
- Sensitive buffers zeroed on dispose.
- Fully offline; no network calls.
FileList
- JwtDecoder.nuspec
- JwtDecoder.Core.dll
- JwtDecoder.PowerShell.deps.json
- JwtDecoder.psd1
- README.md
- JwtDecoder.PowerShell.dll