in verify-jwt/index.js [78:80]
function _sign(input, key, method) { return crypto.createHmac(method, key).update(input).digest('base64url'); }