Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add jwt.Parse() Function #25

Closed
KendallWeihe opened this issue Feb 5, 2024 · 2 comments · Fixed by #43
Closed

Add jwt.Parse() Function #25

KendallWeihe opened this issue Feb 5, 2024 · 2 comments · Fixed by #43
Assignees
@KendallWeihe

Comments

@KendallWeihe
Copy link
Contributor

Originally from this PR

  1. Create a new type JWT which includes both the jws.Header and jwt.Claims
  2. Take in a full signed JWT as input
  3. Run jwt.Verify()
  4. Parse out the header and claims parts
  5. Decode the base64 URL encoded header and claims
  6. Return both the decoded header and claims

Motivation

Rather than having the developer first do this...

parts := strings.Split(signedJwt, ".")
// todo error handle
base64UrlEncodedHeader := parts[0]
base64UrlEncodedClaims := parts[1]

...we may want to embed that in a function, as well as also executing a call to jwt.Verify(). I originally had the idea that we could create a function like this...

type JWT struct {
	Header jws.Header
	Claims jwt.Claims
}

func ParseJWT(signedJwt string) (JWT, error) {
	verified, err := jwt.Verify(signedJwt)
	if err != nil {
		// TODO handle error
	}
	if !verified {
		// TODO handle error
	}
	
	parts := strings.Split(signedJwt, ".")
	if len(parts) != 3 {
		// TODO handle error
	}
	
	base64UrlEncodedHeader := parts[0]
	base64UrlEncodedClaims := parts[1]
	// TODO check if base64UrlEncodedHeader & base64UrlEncodedClaims are proper base64 URL encoded strings?

	header, err := jws.DecodeJWSHeader(base64UrlEncodedHeader)
	if err != nil {
		// TODO handle error
	}

	claims, err := jwt.DecodeJWTClaims(base64UrlEncodedClaims)
	if err != nil {
		// TODO handle error
	}

	return JWT{Header: header, Claims: claims}, nil
}
This was referenced Feb 5, 2024
Merged
Open
@mistermoe
Copy link
Member

good idea @KendallWeihe ! i think we can have jwt.Parse return a ParsedJWT which is a struct that:

  • contains Header Claims and Signature fields
  • has a Verify() receiver method

we can also keep jwt.Verify as a conveniece which just calls internally Parse and then parsedJWT.Verify().

q4u: does Parse simply decode? or does it also check for things whether exp has passed? i vote for decode in which case might make the most sense to call it jwt.Decode

@KendallWeihe KendallWeihe self-assigned this Feb 9, 2024
@KendallWeihe
Copy link
Contributor Author

@mistermoe yeah I agree with all of that. Started fleshing it out here earlier, but there are implications with the jws package which relies on the string JWT... so I'm still thinking through how it'll fit together.

@mistermoe mistermoe linked a pull request Feb 12, 2024 that will close this issue
JW* Decode #43
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@KendallWeihe KendallWeihe

Labels
None yet
Projects
SDK Development
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

JW* Decode TBD54566975/web5-go
2 participants
@KendallWeihe @mistermoe