[1.0.8] JWT Forger

Author: looorent

CHANGELOG.md

@@ -5,6 +5,10 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.0.8] - 2026-03-24
+
+* [Feature] JWT Forger
+
 ## [1.0.7] - 2026-03-09
 
 * [Technical] Replace the use of Parquet files with smaller JSON files. Otherwise, a resource limitation error occurs on Cloudflare Workers (free tier) when decoding Parquet files (even with read stream)

package.json

@@ -1,7 +1,7 @@
 {
   "name": "toolbox",
   "private": true,
-  "version": "1.0.7",
+  "version": "1.0.8",
   "type": "module",
   "scripts": {
     "dev": "vite",

pnpm-lock.yaml

@@ -1,13 +1,17 @@
 <script setup lang="ts">
 import { TbButton, TbFieldInput } from '@components'
 import { computed, ref } from 'vue'
+import { useRoute } from 'vue-router'
 import JwtClaimSection from './JwtClaimSection.vue'
 import JwtExpirationBanner from './JwtExpirationBanner.vue'
 import JwtSignatureSection from './JwtSignatureSection.vue'
+import JwtSignatureVerifier from './JwtSignatureVerifier.vue'
 import JwtTokenDisplay from './JwtTokenDisplay.vue'
 import { CLAIM_LABELS, decodeJwt, formatClaimValue, formatHeaderValue, HEADER_LABELS, SAMPLE_JWT } from './logic'
 
-const token = ref('')
+const route = useRoute()
+const initialToken = typeof route.query.token === 'string' ? route.query.token : ''
+const token = ref(initialToken)
 
 const decoded = computed(() => decodeJwt(token.value))
 
@@ -61,6 +65,11 @@ function loadSample() {
         />
 
         <JwtSignatureSection v-if="decoded.signature" :signature="decoded.signature" />
+
+        <JwtSignatureVerifier
+          :token="token.trim()"
+          :algorithm="String(decoded.header.alg || 'none')"
+        />
       </template>
     </template>
   </div>

src/modules/jwt/JwtDecoder.vue

@@ -0,0 +1,116 @@
+<script setup lang="ts">
+import { computed, ref, watch } from 'vue'
+import {
+  algorithmFamily,
+  applyPreset,
+  buildHeaderJson,
+  buildPayloadJson,
+  generateDefaultClaims,
+  OPTIONAL_HEADER_CLAIMS,
+  signToken,
+} from './forger-logic'
+import type { ClaimEntry, SigningAlgorithm, TokenPreset } from './forger-types'
+import JwtForgerAlgorithmSection from './JwtForgerAlgorithmSection.vue'
+import JwtForgerHeaderEditor from './JwtForgerHeaderEditor.vue'
+import JwtForgerKeyInput from './JwtForgerKeyInput.vue'
+import JwtForgerOutput from './JwtForgerOutput.vue'
+import JwtForgerPayloadEditor from './JwtForgerPayloadEditor.vue'
+import JwtForgerPresetBar from './JwtForgerPresetBar.vue'
+
+const algorithm = ref<SigningAlgorithm>('HS256')
+const standardClaims = ref<ClaimEntry[]>(generateDefaultClaims())
+const customClaims = ref<ClaimEntry[]>([])
+const headerExtraClaims = ref<ClaimEntry[]>(
+  OPTIONAL_HEADER_CLAIMS.map(claim => ({ key: claim.key, value: '', enabled: false })),
+)
+const secret = ref('your-256-bit-secret')
+const privateKey = ref('')
+
+const kidValue = computed(() => {
+  const kidClaim = headerExtraClaims.value.find(claim => claim.key === 'kid')
+  return kidClaim?.enabled && kidClaim.value.trim() ? kidClaim.value.trim() : null
+})
+
+function loadPreset(preset: TokenPreset) {
+  const result = applyPreset(preset)
+  algorithm.value = result.algorithm
+  standardClaims.value = result.standardClaims
+  customClaims.value = result.customClaims
+}
+
+const generatedToken = ref('')
+const signingError = ref<string | null>(null)
+
+let debounceTimer: ReturnType<typeof setTimeout> | null = null
+
+watch(
+  [algorithm, standardClaims, customClaims, headerExtraClaims, secret, privateKey],
+  () => {
+    if (debounceTimer) {
+      clearTimeout(debounceTimer)
+    }
+    debounceTimer = setTimeout(() => {
+      regenerateToken()
+    }, 150)
+  },
+  { deep: true },
+)
+
+async function regenerateToken() {
+  try {
+    const headerJson = buildHeaderJson(algorithm.value, headerExtraClaims.value)
+    const payloadJson = buildPayloadJson(standardClaims.value, customClaims.value)
+    const family = algorithmFamily(algorithm.value)
+
+    const key = family === 'hmac' ? secret.value : privateKey.value
+
+    if (family !== 'none' && family !== 'hmac' && !key.trim()) {
+      generatedToken.value = ''
+      signingError.value = null
+      return
+    }
+
+    const token = await signToken(headerJson, payloadJson, algorithm.value, key)
+    generatedToken.value = token
+    signingError.value = null
+  } catch (error: unknown) {
+    const message = error instanceof Error ? error.message : 'Unknown signing error'
+    signingError.value = message
+    generatedToken.value = ''
+  }
+}
+
+regenerateToken()
+</script>
+
+<template>
+  <div class="tb-stack-6">
+    <JwtForgerPresetBar @select="loadPreset" />
+
+    <JwtForgerAlgorithmSection v-model="algorithm" />
+
+    <JwtForgerHeaderEditor
+      :algorithm="algorithm"
+      :extra-claims="headerExtraClaims"
+      @update:extra-claims="headerExtraClaims = $event"
+    />
+
+    <JwtForgerPayloadEditor
+      :standard-claims="standardClaims"
+      :custom-claims="customClaims"
+      @update:standard-claims="standardClaims = $event"
+      @update:custom-claims="customClaims = $event"
+    />
+
+    <JwtForgerKeyInput
+      :algorithm="algorithm"
+      :secret="secret"
+      :private-key="privateKey"
+      :kid="kidValue"
+      @update:secret="secret = $event"
+      @update:private-key="privateKey = $event"
+    />
+
+    <JwtForgerOutput :token="generatedToken" :error="signingError" />
+  </div>
+</template>

src/modules/jwt/JwtForger.vue

@@ -0,0 +1,58 @@
+<script setup lang="ts">
+import { TbCard, TbOptionGroup } from '@components'
+import { computed } from 'vue'
+import { ALGORITHM_CATALOG, ALGORITHM_FAMILIES, algorithmFamily, familyVariants } from './forger-logic'
+import type { AlgorithmFamily, SigningAlgorithm } from './forger-types'
+
+const algorithm = defineModel<SigningAlgorithm>({ required: true })
+
+const selectedFamily = computed(() => algorithmFamily(algorithm.value))
+
+const familyOptions = ALGORITHM_FAMILIES.map(family => ({
+  value: family.value,
+  label: family.label,
+}))
+
+const variantOptions = computed(() =>
+  familyVariants(selectedFamily.value).map(info => ({
+    value: info.value,
+    label: info.label,
+  })),
+)
+
+const selectedInfo = computed(() => ALGORITHM_CATALOG.find(entry => entry.value === algorithm.value))
+
+function onFamilyChange(value: string) {
+  const family = value as AlgorithmFamily
+  const variants = familyVariants(family)
+  if (variants.length > 0) {
+    algorithm.value = variants[0].value
+  }
+}
+</script>
+
+<template>
+  <TbCard sectioned title="Algorithm">
+    <div class="tb-stack-4">
+      <TbOptionGroup
+        :model-value="selectedFamily"
+        :options="familyOptions"
+        variant="pill"
+        label="Family"
+        @update:model-value="onFamilyChange"
+      />
+
+      <TbOptionGroup
+        v-if="variantOptions.length > 1"
+        v-model="algorithm"
+        :options="variantOptions"
+        variant="segmented"
+        label="Variant"
+      />
+
+      <p v-if="selectedInfo" class="tb-text-description tb-leading-relaxed">
+        {{ selectedInfo.description }}
+      </p>
+    </div>
+  </TbCard>
+</template>

src/modules/jwt/JwtForgerAlgorithmSection.vue

@@ -0,0 +1,86 @@
+<script setup lang="ts">
+import { TbCard, TbCodeEditor, TbExpandable, TbInput } from '@components'
+import { computed } from 'vue'
+import { buildHeaderJson, OPTIONAL_HEADER_CLAIMS } from './forger-logic'
+import type { ClaimEntry, SigningAlgorithm } from './forger-types'
+
+const props = defineProps<{
+  algorithm: SigningAlgorithm
+  extraClaims: ClaimEntry[]
+}>()
+
+const emit = defineEmits<{
+  'update:extraClaims': [value: ClaimEntry[]]
+}>()
+
+const headerJson = computed(() => buildHeaderJson(props.algorithm, props.extraClaims))
+
+function toggleClaim(key: string, checked: boolean) {
+  const updated = props.extraClaims.map(claim => {
+    if (claim.key === key) {
+      return { ...claim, enabled: checked }
+    } else {
+      return claim
+    }
+  })
+  emit('update:extraClaims', updated)
+}
+
+function updateClaimValue(key: string, value: string) {
+  const updated = props.extraClaims.map(claim => {
+    if (claim.key === key) {
+      return { ...claim, value }
+    } else {
+      return claim
+    }
+  })
+  emit('update:extraClaims', updated)
+}
+
+function getDefinition(key: string) {
+  return OPTIONAL_HEADER_CLAIMS.find(claim => claim.key === key)
+}
+</script>
+
+<template>
+  <TbCard sectioned title="Header" title-class="tb-text-jwt-header">
+    <div class="tb-stack-4">
+      <TbCodeEditor
+        :model-value="headerJson"
+        readonly
+        copyable
+        language="json"
+      />
+
+      <TbExpandable chevron="right">
+        <template #header>
+          <span class="tb-text-sm tb-text-secondary">Optional header claims</span>
+        </template>
+        <div class="tb-stack-3">
+          <div v-for="claim in extraClaims" :key="claim.key" class="tb-stack-1">
+            <div class="tb-row tb-row--gap-3">
+              <label class="tb-checkbox">
+                <input
+                  type="checkbox"
+                  class="tb-checkbox__input"
+                  :checked="claim.enabled"
+                  @change="toggleClaim(claim.key, ($event.target as HTMLInputElement).checked)"
+                >
+                <span class="tb-checkbox__label tb-font-semibold tb-font-mono">{{ claim.key }}</span>
+              </label>
+              <span class="tb-text-secondary tb-text-sm">{{ getDefinition(claim.key)?.label }}</span>
+            </div>
+            <template v-if="claim.enabled">
+              <TbInput
+                :model-value="claim.value"
+                :placeholder="getDefinition(claim.key)?.placeholder"
+                @update:model-value="updateClaimValue(claim.key, String($event))"
+              />
+              <p class="tb-hint">{{ getDefinition(claim.key)?.description }}</p>
+            </template>
+          </div>
+        </div>
+      </TbExpandable>
+    </div>
+  </TbCard>
+</template>