[ Feature 🚀 ] Implemented Asymetric encryption algorithm RSA256 when signing and verifying JWT tokens.

Divinewill ZERO · Divinewill ZERO · commit 0ca8830c8049 · 2022-01-24T14:45:07.000+01:00
diff --git a/README.md b/README.md
@@ -92,6 +92,7 @@
 | 78. |[How to generate and verify checksum of the given string in Nodejs](#q-how-to-generate-and-verify-checksum-of-the-given-string-in-nodejs)|
 | 79. |[What is Callback function in node.js?](#q-what-is-callback-function-in-nodejs)|
 | 80. |[What is asynchronous programming in node.js?](#q-what-is-asynchronous-programming-in-nodejs)|
+| 81. |[How to implement asymmetric cryptography when signing and verify JSON Web Token (JWT) for authentication in node js?](#q-how-to-implement-asymmetric-cryptography-when-signing-and-verifying-json-web-token-jwt-for-authentication-in-node-js) |
 
 <br/>
 
@@ -3389,6 +3390,127 @@ The `jwt.sign()` method takes a payload and the secret key defined in `config.js
     <b><a href="#">↥ back to top</a></b>
 </div>
 
+## Q. **_How to implement asymmetric cryptography when signing and verify JSON Web Token (JWT) for authentication in node js?_**
+
+JSON Web Token (JWT) is an open standard that defines a compact and self-contained way of securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed.
+
+There are some advantages of using JWT for authorization:
+
+- Purely stateless. No additional server or infra required to store session information.
+- It can be easily shared among services.
+
+JSON Web Tokens consist of three parts separated by dots (.), which are:
+
+```js
+jwt.sign(payload, secretOrPrivateKey, [options, callback]);
+```
+
+- **Header** - Consists of two parts: the type of token (i.e., JWT) and the signing algorithm (i.e., HS512)
+- **Payload** - Contains the claims that provide information about a user who has been authenticated along with other information such as token expiration time.
+- **Signature** - Final part of a token that wraps in the encoded header and payload, along with the algorithm and a secret
+
+**Installation**
+
+```bash
+npm install jsonwebtoken bcryptjs --save
+```
+
+**Ussage**
+
+1. `mkdir certs` then run `cd certs`
+
+**Inside the certs folder generate public and private key pairs**
+
+```bash
+// Private Key
+
+>> openssl genrsa -out accessTokenPrivatekey.pem 4096
+
+// Public Key
+
+>> openssl rsa -pubout -in accessTokenPrivatekey.pem -out accessTokenPublickey.pem
+
+```
+
+**Example**: AuthController.js
+
+```js
+const express = require('express');
+const router = express.Router();
+const bodyParser = require('body-parser');
+const { readFileSync } = require('fs');
+const User = require('../user/User');
+
+const jwt = require('jsonwebtoken');
+const bcrypt = require('bcryptjs');
+const config = require('../config');
+
+router.use(bodyParser.urlencoded({ extended: false }));
+router.use(bodyParser.json());
+
+router.post('/register', function (req, res) {
+  const hashedPassword = bcrypt.hashSync(req.body.password, 8);
+
+  User.create(
+    {
+      name: req.body.name,
+      email: req.body.email,
+      password: hashedPassword,
+    },
+    (err, user) => {
+      if (err)
+        return res
+          .status(500)
+          .send('There was a problem registering the user.');
+
+      //Using the fs module get the private key of the accesstoken you created.
+      const ACCESS_TOKEN_PRIV_KEY = readFileSync(
+        './certs/accessTokenPrivateKey.pem',
+        'utf8'
+      );
+
+      // create an access token using the private key pair, and specify the algorithm you will use.
+      const token = jwt.sign({ id: user._id }, ACCESS_TOKEN_PRIV_KEY, {
+        algorithm: 'RS256',
+        expiresIn: 86400, // expires in 24 hours
+      });
+      res.status(200).send({ auth: true, token: token });
+    }
+  );
+});
+```
+
+**To verify a token use the public key**
+
+```js
+const ACCESS_TOKEN_PUB_KEY = readFileSync(
+  './certs/accessTokenPubliKey.pem',
+  'utf-8'
+);
+
+/** Use the Access token Public Key to verify the JWT access token */
+jwt.verify(
+  token,
+  ACCESS_TOKEN_PUB_KEY,
+  { algorithms: ['RS256'] },
+  (err, user) => {
+    console.log(err);
+    if (err) res.status(403);
+    console.log(user);
+  }
+);
+```
+
+The `jwt.sign()` method takes a payload, private key defined in `./certs/accessTokenPrivateKey.pem` and an object which contains other information about the token, this includes the algorithm `{ algorithm: 'RS256'}`(NB: You can also use `HS256` || `HS384` as algorithm values), that will be used in signing as parameters. It creates a unique string of characters representing the payload. In our case, the payload is an object containing only the id of the user.
+
+**Reference:**
+
+- **[https://www.npmjs.com/package/jsonwebtoken](https://www.npmjs.com/package/jsonwebtoken)**
+
+<div align="right">
+    <b><a href="#">↥ back to top</a></b>
+</div>
+
 ## Q. ***How to build a microservices architecture with Node.js?***
 
 **Microservices**
diff --git a/jwt-asymmetric-cryptography-authentication/.gitignore b/jwt-asymmetric-cryptography-authentication/.gitignore
@@ -0,0 +1,2 @@
+.env
+node_modules
diff --git a/jwt-asymmetric-cryptography-authentication/README.md b/jwt-asymmetric-cryptography-authentication/README.md
@@ -0,0 +1,28 @@
+# Express and JSON Web Token Authentication Using Asymetric Encryption Algorithm (RSA256)
+
+When creating jsonwebtoken rather than signing and verifying tokens with a secret key use Asymetric encryption instead using pubic and private key pairs
+
+<br>
+
+- `cd` into jwt-authentication folder in your terminal run `mkdir certs`, then type `cd certs`.
+- Generate a public and private key for both access and refresh tokens:
+
+```bash
+/** To generate a public and private key for access tokens */
+
+// Private Key
+>> openssl genrsa -out accessTokenPrivatekey.pem 4096
+
+// Public Key
+>> openssl rsa -pubout -in accessTokenPrivatekey.pem -out accessTokenPublickey.pem
+```
+
+```bash
+/** To generate a public and private key for refresh tokens */
+
+// Private Key
+>> openssl genrsa -out refreshTokenPrivatekey.pem 4096
+
+// Public Key
+>> openssl rsa -pubout -in refreshTokenPrivatekey.pem -out refreshTokenPublickey.pem
+```
diff --git a/jwt-asymmetric-cryptography-authentication/authServer.js b/jwt-asymmetric-cryptography-authentication/authServer.js
@@ -0,0 +1,89 @@
+require('dotenv').config();
+
+const express = require('express');
+const app = express();
+const jwt = require('jsonwebtoken');
+const { readFileSync } = require('fs');
+const { promisify } = require('util');
+
+app.use(express.json());
+
+let refreshTokens = [];
+
+app.post('/token', async (req, res, next) => {
+  try {
+    const refreshToken = req.body.token;
+    if (refreshToken === null)
+      res.sendStatus(401).json({ error: 'Provide a token' });
+    console.log(refreshTokens);
+    if (!refreshTokens.includes(refreshToken)) return res.sendStatus(403);
+
+    const REFRESH_TOKEN_PUB_KEY = readFileSync(
+      './certs/refreshTokenPubliKey.pem',
+      'utf8'
+    );
+
+    /** use the refresh Token public key to verify the JWT refresh token that was signed with the private key */
+    jwt.verify(
+      refreshToken,
+      REFRESH_TOKEN_PUB_KEY,
+      {
+        algorithms: ['RS256'],
+      },
+      (err, user) => {
+        if (err) res.sendStatus(403).json({ message: err.message });
+        const accessToken = generateAccessToken(user.name);
+        res.json({ accessToken: accessToken });
+      }
+    );
+  } catch (error) {
+    console.log(error.message);
+  }
+});
+
+app.delete('/logout', (req, res) => {
+  refreshTokens = refreshTokens.filter((token) => token !== req.body.token);
+  res.sendStatus(204);
+});
+
+app.post('/login', async (req, res) => {
+  try {
+    // Authenticate User
+    const username = req.body.username;
+    const user = { name: username };
+
+    const REFRESH_TOKEN_PRIV_KEY = readFileSync(
+      './certs/refreshTokenPrivateKey.pem',
+      'utf8'
+    );
+
+    const accessToken = generateAccessToken(user);
+
+    /** Use the Refresh Token Private Key to sign a JWT refresh token*/
+    const refreshToken = jwt.sign({ user }, REFRESH_TOKEN_PRIV_KEY, {
+      algorithm: 'RS256',
+      expiresIn: '60s',
+    });
+
+    refreshTokens.push(refreshToken);
+    console.log(refreshTokens);
+    res.json({ accessToken: accessToken, refreshToken: refreshToken });
+  } catch (err) {
+    console.log(err.message);
+  }
+});
+
+function generateAccessToken(user) {
+  const ACCESS_TOKEN_PRIV_KEY = readFileSync(
+    './certs/accessTokenPrivateKey.pem',
+    'utf8'
+  );
+
+  /** Use the Access Token Private Key to sign a JWT access token*/
+  return jwt.sign({ user }, ACCESS_TOKEN_PRIV_KEY, {
+    algorithm: 'RS256',
+    expiresIn: '1hr',
+  });
+}
+
+app.listen(4000, () => console.log(`App is running at http://localhost:4000`));
diff --git a/jwt-asymmetric-cryptography-authentication/certs/accessTokenPrivateKey.pem b/jwt-asymmetric-cryptography-authentication/certs/accessTokenPrivateKey.pem
@@ -0,0 +1,51 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIJKAIBAAKCAgEArt44dqQGQIQpXm3GcQaoyeRL8mIfN3ob8kyNwZfSPSLnDV29
+cYfRo6WG7jEnV5ehFwGD5KD0LEP4SlUbs5UjfLstl58B9vVrdlo/Q7oevkcLNion
+MjFLURjBtLjDZztCpcpJBIB1cFR45w77k/hEozMKwNutZP5Jm6QtGMFnc3jGlcY/
+tar3/AP779SquclE0v6H7mLbxZidHyHICd395Xoe4Q648ERds5bfYWorUpBLmdzr
+IUt2M6OV/YITHr/cF8TpDI/6KMjZkboUYm+w/V8uO/Gcz2KUkQqP5jzCjVoRvT0y
+/HQ4ZtHnX7P6qZ9ApgyQrrWZIYS1bw6odBJBda+C0kbSuCHnTE+XdIcep/1HKAX7
+5Z9Z9XD6oyjxO82QrBAZ27e3Tk0f/lzIppGHWmihzjVXzQoU1/YDy/K9VPl11ze4
+Z/XPwu3P90B9e/bUhIezDHLYiGjGdOELJ4V+f+xtnuP87glFYWQ3btJesnkp4UpW
+uJfMvpLwgZnzyiglwGKj+/d7SqeF8D5bhdi/ewRo96lqL4/UzDjg0bGNCy7wNKaP
+6LQfhkeSFWyw4/u73n1Xot9Tvbf5/sQia1tlwhZWKzcWdEXnZb/dBK3bT9XYRcgs
+tXwUODkc7cpJ20iIM1rLBpFu7SqQLuEIDVuqnIdcNg52P8GpQ2Bnicq1ZyMCAwEA
+AQKCAgEAnHBFRy46QaF6ePXwH9F7UxKgNvk9QB5Hvh5qexTdisAcwEJqZpTBIYvG
+CHWE4sHN5Yz/d5velXNBPw6gt6nmk4HIqeogkdTBDKJ0Ep0BP+zCxPQ1GJws6yIg
+uRLKDSJg33z2kcZyScnoV515x8jFbtMM/bgJiV5Mb6cSiSEM8arMzdULzfRj4duW
+mdpB2e+LWM9IwCVEw6NifSV1lg45RABae7D2FkyzHyUMNlQK6dQZLk8LM0AVQOFK
+H/8sJ8gwmDsa2pg7jh0RN2OnNOEDD8kEza+7P3TLwG4Yijs1OcuoLwn/AQbgJmwG
+eAHFb9X+ug5nqUTg97GHtxD/9scWMz0iIFYMizpFwi/BuCAKtwnaJbDsQDDGlYct
+A0ALw5ZjKlw2+KM09tKn9vUZ08lWoi7VXZwLs8q5YkYMIQbMUZhThyYoyOS/OdrI
+Z/KlW9p9/BV6CpoA6tr2k1pn6hGzdRxuG9bjhQzTR1OCOWNizaX11RyOAdkA9kzS
+Yx/Q6ynszBZ7CP87SwfAcjSckQM9aa/ZYOKU6qi0wDuMrGm48D6SdQnJLSgqGOin
+EQlyofK9f2O65qpU588+uiWUjzI5Nl0/a790pnaGpEWuJYkkGIHhfKQvTdUGjbGq
+i1mZZ5POOcjNTu095NW7K67sevfFH0n6jlA6bNuIBkDSz5r8ZVECggEBAOJLDDUr
+7OcxJe8/HBukcoacc0qhZpT60kXzz8zdKLzstiFTl10lIQIg3BggNBjWe/Wa0mlF
+1fm0ML6LaxmAzkOFiSxmy6OR1Q3LjMuzN+fMdeGrUXsngCPNq2wpV5m0MviuYCvt
+IZf2Utn37VKmtpkD2T07/4Cr72pG14K2x7Np3HG07tRXSvXEvWmI04St1HOCAWRX
+iNjuUBlVrlPdWhlI6FZgwLyby0iVKuCyfaS0ETxkWjXBbLVYW0qjFNxj7GAic2rE
+/AP8r04DkjsrAH2vT3VrHUAyPhPe0fPDhBIUbBsrw7NixjSXwhTS/R0i4Q5ndgy2
+YssrnGozMOl7xBcCggEBAMXS8qqOzKqraBna20flhUl2Bf50wC6k3e1jgRWBOfo2
+Ju0Q1z8ME7UsqMYXUqB3dkmi1+q72jNP5AZxYy9V1Pq2eGP9wR1CiZaeFR/FcXX5
+PnZtcuekk1+k4ajPYlF3rTshvYON+mSKRdUN+ocLa61p5cYGGDPs2AGLvNJUAeA+
+JdLzDZ3MnjKVC8qaNMmZ1WKqnZkMM3hiok0oylELTFiPhURb8TKzFVdzXA15syfi
+h6g/n6cIPhyriRDDP7n6PlYpD0dekbeM9pyGQPZ1X9B9AzAhlbMyQ0FD0MVTpFxw
+xG6d7SCEdnKhT1DJcRbSdCOEBJccYbWTm3LDdRHmwNUCggEAFOyzmEcThN06kMDZ
+LIUsQd49mu0Ju0TmJKnC0UKx/aY1wSclm+tO/g9jyqdPqexLUg6a3jki7BAJYdUq
+dhU+/Wdfo8dtlRZrCPeFcWCFDt4NGGzq/+RLKQRfkYTRINlUzUHyip1GufKA/r66
+JyZbRBLjB5KAsbk0TjN2whN8q85iH/GHFANuXwNuMFACnwYj2vpufoTJlqWSqoUN
+tZuGNUhUk4gmykntpiyE5noavBwaa+croETedHZTGrexuh9TQCBvY7QLSaMX4rLZ
+1rbHONf5FPZuof0DWHsGFvBBShqxVGHbmr7LbRmLTLmlxgfvn5FZjRtgT0EdGYTa
+RPy4yQKCAQBlfo0yJIGtLrQCT98hTAjOX9dDbfML+1pBaUPZHKv6S7488t78Yd3a
+nkcZGu4xlhkCPqI4tJiGqv56r8ILjyXuW5/47UAfGvwsYn7EBjDoLjB14kGJx041
+TAra6UuwMI6YP/9Td4x3+NlLLhjTIHDmT+araoUQXvuUD3WZE7DCtCAD0t+xjkG8
+AexCzks3A84PCSpCU5g0s6ZBoCPs4LcS2M+u+t0M/gR9EZqw7zeTxw2CrOHkeL4l
+R3zTNNmFOXayDe7g1ww79/6u39KEoEPAW+M+1nxPrAIFgh2in/87zj954Vy/yjZb
+KZfgAvoak28yqZERVmZrGoguoUl3HcThAoIBAEoib+EB2Qjt7UMwIkUGC4/NKOzB
+vQE4P5qhTMFQEPn5b3ea048YSIwok9aiEIasj6Mu29yqFoAQ7UaI1aj1UAi9qFzb
+amTTYrlcK6AiN7jebodX3y8rXnBwZMs/qdwqoCp/jUk12k6rAML8/e0CautMUMKu
+fm2xTBCHp3SzEoWv5FkZsGuWTUqNBclV5wvjYGaYgxFUyt2e0J/2gUTy9O7SdubY
+s4nFqfTVjZqHQzHx7FqFUw3qWYl8LsorctMpV2xvqVOfycTDIBsoXa6EwbUUgxta
+BBkfLvkkXLUS+Y8GcYkIyztzcigAYUe8/p/w0Py5YHBk7yCq0ZMtJSMxpoc=
+-----END RSA PRIVATE KEY-----
diff --git a/jwt-asymmetric-cryptography-authentication/certs/accessTokenPubliKey.pem b/jwt-asymmetric-cryptography-authentication/certs/accessTokenPubliKey.pem
@@ -0,0 +1,14 @@
+-----BEGIN PUBLIC KEY-----
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArt44dqQGQIQpXm3GcQao
+yeRL8mIfN3ob8kyNwZfSPSLnDV29cYfRo6WG7jEnV5ehFwGD5KD0LEP4SlUbs5Uj
+fLstl58B9vVrdlo/Q7oevkcLNionMjFLURjBtLjDZztCpcpJBIB1cFR45w77k/hE
+ozMKwNutZP5Jm6QtGMFnc3jGlcY/tar3/AP779SquclE0v6H7mLbxZidHyHICd39
+5Xoe4Q648ERds5bfYWorUpBLmdzrIUt2M6OV/YITHr/cF8TpDI/6KMjZkboUYm+w
+/V8uO/Gcz2KUkQqP5jzCjVoRvT0y/HQ4ZtHnX7P6qZ9ApgyQrrWZIYS1bw6odBJB
+da+C0kbSuCHnTE+XdIcep/1HKAX75Z9Z9XD6oyjxO82QrBAZ27e3Tk0f/lzIppGH
+WmihzjVXzQoU1/YDy/K9VPl11ze4Z/XPwu3P90B9e/bUhIezDHLYiGjGdOELJ4V+
+f+xtnuP87glFYWQ3btJesnkp4UpWuJfMvpLwgZnzyiglwGKj+/d7SqeF8D5bhdi/
+ewRo96lqL4/UzDjg0bGNCy7wNKaP6LQfhkeSFWyw4/u73n1Xot9Tvbf5/sQia1tl
+whZWKzcWdEXnZb/dBK3bT9XYRcgstXwUODkc7cpJ20iIM1rLBpFu7SqQLuEIDVuq
+nIdcNg52P8GpQ2Bnicq1ZyMCAwEAAQ==
+-----END PUBLIC KEY-----
diff --git a/jwt-asymmetric-cryptography-authentication/certs/refreshTokenPrivateKey.pem b/jwt-asymmetric-cryptography-authentication/certs/refreshTokenPrivateKey.pem
@@ -0,0 +1,51 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIJKQIBAAKCAgEAqzeDd8smeUebrYfgDqvawROpzP5Pe/xJo97UHAYj8Fg7K1CI
+VC3fNbUxPT6BrRFyb/TOJwRw9lvkfffRUoW/skheEaZf7db+6rgk1OTWsULzPLbo
+/AjIPgKRepzWj5STq56ZEbnpdrYmzcWtIlUz9Op/sPdxpUvbioSH0x9gHVU8Poso
+lv64h1kehajeC/QN1YUXxKq/IF/p383/RZOULV+7IkWOFsrKxZ5KJ6oNsqvKoa0B
+G0zVZ1MX7AbsRCm6FM4ddJMaHFAiSchOFOoB7heqN4Mi/iVJWq084Irc+N64OPB6
+2A9OKWsGmTcm9NtZLa3aicI+7LqS8oMVwUM9ZeOYGbMXVrOHxkPFbI8JM7uz4pg3
+sYazyG7nir9bsAXqTDs0l1v0DXhRoAKEV4dJTJE9IHpiJGeIi1ykBbXXV0oW2meE
+9vHMIHiT92C+w33zA7uuZjDk6s9yGWc8LBAdlsD/YfIr5U6A1Ma3weHzcyAcHBtZ
+O+1Ao/nZvTsH2EWdZx35Xit2+l6kx0MJs3Db2CIoRoJpvvoEv1ns5jHMYscgXt07
+YSwAWKOSSA9aYPQxfa/OBT9qWaDBNK0esJJun03LHf30dT/gJI9MkB0Cn/c/yuaC
+w04aDKYVk+AHIXlKLcjTr7M8l3R5J8IlRgT//WAw9Qk8OjGW6tBxs8kY8oECAwEA
+AQKCAgEAjx/YxksL3lX9zRHIOntuYfgN+U6dIwfChzm+Fa8MW91lmM+5JqUx8bOF
+dazKueHbx7rcmcEcrNQkLSj70f/8Pww/loF9r1QJxCwqncytq4BL1HUSTZ0Jxsxe
+0CBLO7r3tn7ddfPzNUkPJvQXxpty00kzdLtkRMkkvKYM5G9V6S9XLPEm/RHxLzNQ
+UGrZMyTQa6zWMZCKNIX4+x04RvEW7NcZl4yNOoBLAOdRFdcRnEn/GSeFxUx1F+pe
+FO+0kUZQRxQFi21sZj6WaxcGLnVvJ5igscbteYWxzBsEyK9MCL4lQXPFPNeOfxD4
+cxundQfnhEfQZ1f5Qeq07ASoKuYKa8OfvdxSrnQ5F6DgTSeVXukajZM4vJhEOXeV
+fKIUI8qfoqb8kSLErZmPjdwvFMeXu8T7JY9LY3LYwZBNDX3fiJXImXQvMiIJtt+d
+zhtRb5DypmZq3Kf6bWJga6FGL942hC4p6cvrh7Ri3rI+xcKF1Gu15Y3u8MyMDdEu
+eyQZ3SFhibxvN6AExU+RSRdix5HuizJ4ja/LKCaXIWMGdrhQUzJH+dv+vhIQajXI
+al29Q+ub3knvCYglm/tqHcN8ZOehWRA0PiJo4fK6lcySBu8cqGcq4EUdA9yHk+EI
+Ew6Wylb2ZjGS2lWDNeLZJyHlcobU5VR4ZioU1NKsZ9NcWtk5AAECggEBANhM4SM2
+Nd8LkphMv9xwR+ZOc2Bh239mrYlkw7uKW0QpKu5ksEWAK1s/Z/rZgm+2Fmh8w9Lf
+FgA9lvW+7AXpU3T2GPibeGza0EhZSTkUWOBa3BtRyJzWGNV4WOnc5wA1Gmx49E+h
+zaZ/L+gKxOGRy9PBb9dFKNdGOOCNHHujhjK7H70IjOe+8/pFMaEnHov8TmOSVe3m
+fUiaVYTIbrTNkkgKQZAu8iOiXmRv9r3tGzK3XvjPaftbV+Qs502r3IkWzTKXqIwM
+35+HxAZiYV2uweDqpYSYYTxVOugeEWaF+1iT/sWiB0cGuQJ8WUHkqy/V/vOnW4z8
+GI2gNF81DKLSmRECggEBAMqkVeOKWVI0+AjRSCzA9zSHkks+u+4tBa62RY8akx4m
+TTtSCG/Fc537TkFmtzqoIWO1siNlNi/7wasDdz5foTDcWRMO/1YCPlmz4x8k+4Bs
+1KsMJw92y4++LCU20NrLUMtWd0ClNzVD8oc1/2NRZZJJi6ZgCwg8Y3xOqe6Lyp6N
+vaskT/8/7OBhQ3+WLN88tdoVCrWXx72uQ5RbrG21yeeh3u1h2DmlLCldYeMvgfna
+Et/nfM1ojr2/QAA5OA4ZUBSPNHEfydVyDo61wUi7O/nUz+yx0VoW1gnMf/noNcOy
+6D8KICjIW5Npnqx0i/i31/NG7ttgb4MPj5Ceh8vdQnECggEBAKvdAjJBO7K69kLv
+EK9tw6NaCFC30Hk9M3vsxZ05BOV2tHbxKCJBAbIiAlOOChcLHmjtYYcm3MtaJJ2k
+ktLrnvVbKWI33grYHhCuaQDiiu/RIfzPEdCUSO0tD7DaZe2DRDiWLsErNkUp3/3G
+uMLmXocltuDcQeQzFrRNSyluOA4NIt3HcnYdAqyD2DhM5feihQKW3pIFxtwuTO8R
+du1QPf/hrlCLDLiFpey2Dd7BDBBTJTIbVAF1hbN2fl73xGZk6KxfVnvZKsIOVRIh
+j22pksFMkDF4BiKzMfgHFBpbMOgjx5Zu9MtZqx0vgphZwi9jII2nF5ZBJJ07gwF3
+HFAvd5ECggEAYWueCxVRGc9zSzHqA/IFJpDiyR/w03F7oOHqEQFSpxT83j7y5WFE
+0zelCJYsEpwP6VLJwHCBG5JqKiAxbKAm60mT3TDBmoTbmt57m1Z5PuWTXGQsRyfy
+dzmTGZT/1aAXSJpaHI8ROp9e8pgIHqRcM3b+F09nHl+B6Joc4hz8nTtBawy7FNiT
+tc+s1qLJEc2rE5w4GNNOaKdlv+ZOwDO8TIqqlO8MN7Jrx7soO0N0tjycBF7SxiG1
+Ng3C5BieFVEgCbJLIPOKYf5Cd2Nz99Zj4BjqmT1ni2sdHXreL7PuXRYex2fDzDd+
+pyEI8pnZTQp9XGzGmlsDYTvS5lEAsga+UQKCAQBdEkewEx5ITgvoZwaVoOZ613XA
+wmIvHZnOf13TYCFXsQQAZDZdMNeABqWEKU5pKm30OJL1tRUPximgCA9ypYfHf/g3
+wwimXzjTOGIQbVG/TBT5SMDYrLOu/5h5N5H/6bj5MWwcGAJIErZuHA8a1g8x/+Fl
+20EZOnEmHVECVGFDDMRGR22ZWB+gwuF3MCBA+I4KxPr1Js0YrrQ8rn3GXe1S7UwV
+R6XHN8aMn8qiGctsOluV22wmKVfr3z6gWru0E2bBQ5BalUxIlgKPyn7h+O/v3hE9
+X/2ec0UZ4G/dovhYL/US+sYtiRxfgFUh771Z7zAIiSkJeDxwhLePNQ4ges6v
+-----END RSA PRIVATE KEY-----
diff --git a/jwt-asymmetric-cryptography-authentication/certs/refreshTokenPubliKey.pem b/jwt-asymmetric-cryptography-authentication/certs/refreshTokenPubliKey.pem
@@ -0,0 +1,14 @@
+-----BEGIN PUBLIC KEY-----
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqzeDd8smeUebrYfgDqva
+wROpzP5Pe/xJo97UHAYj8Fg7K1CIVC3fNbUxPT6BrRFyb/TOJwRw9lvkfffRUoW/
+skheEaZf7db+6rgk1OTWsULzPLbo/AjIPgKRepzWj5STq56ZEbnpdrYmzcWtIlUz
+9Op/sPdxpUvbioSH0x9gHVU8Posolv64h1kehajeC/QN1YUXxKq/IF/p383/RZOU
+LV+7IkWOFsrKxZ5KJ6oNsqvKoa0BG0zVZ1MX7AbsRCm6FM4ddJMaHFAiSchOFOoB
+7heqN4Mi/iVJWq084Irc+N64OPB62A9OKWsGmTcm9NtZLa3aicI+7LqS8oMVwUM9
+ZeOYGbMXVrOHxkPFbI8JM7uz4pg3sYazyG7nir9bsAXqTDs0l1v0DXhRoAKEV4dJ
+TJE9IHpiJGeIi1ykBbXXV0oW2meE9vHMIHiT92C+w33zA7uuZjDk6s9yGWc8LBAd
+lsD/YfIr5U6A1Ma3weHzcyAcHBtZO+1Ao/nZvTsH2EWdZx35Xit2+l6kx0MJs3Db
+2CIoRoJpvvoEv1ns5jHMYscgXt07YSwAWKOSSA9aYPQxfa/OBT9qWaDBNK0esJJu
+n03LHf30dT/gJI9MkB0Cn/c/yuaCw04aDKYVk+AHIXlKLcjTr7M8l3R5J8IlRgT/
+/WAw9Qk8OjGW6tBxs8kY8oECAwEAAQ==
+-----END PUBLIC KEY-----
diff --git a/jwt-asymmetric-cryptography-authentication/example.env b/jwt-asymmetric-cryptography-authentication/example.env
@@ -0,0 +1,3 @@
+ACCESS_TOKEN_SECRET=some_secret_key
+
+REFRESH_TOKEN_SECRET=some_secret_key
diff --git a/jwt-asymmetric-cryptography-authentication/package-lock.json b/jwt-asymmetric-cryptography-authentication/package-lock.json
diff --git a/jwt-asymmetric-cryptography-authentication/package.json b/jwt-asymmetric-cryptography-authentication/package.json
diff --git a/jwt-asymmetric-cryptography-authentication/requests.rest b/jwt-asymmetric-cryptography-authentication/requests.rest
diff --git a/jwt-asymmetric-cryptography-authentication/server.js b/jwt-asymmetric-cryptography-authentication/server.js

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+ACCESS_TOKEN_SECRET=some_secret_key`
	`2`	`+`
	`3`	`+REFRESH_TOKEN_SECRET=some_secret_key`