Skip to content
EMQ X JWT Authentication Plugin
Erlang Makefile
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
doc Fix issue #13 - Add supports for RSA/ECDSA public key Dec 18, 2017
etc [Feature] Support to verify the specified claims fields (#69) Apr 4, 2019
priv [Feature] Support to verify the specified claims fields (#69) Apr 4, 2019
src Rename 'client_id' field to 'clientid' Sep 26, 2019
test Rename 'client_id' field to 'clientid' Sep 26, 2019
.gitignore Update default dependency branch to develop May 15, 2019
.travis.yml
LICENSE
Makefile Add travis ci and support branch transition May 8, 2019
README.md [Feature] Support to verify the specified claims fields (#69) Apr 4, 2019
TODO.md Add TODO.md Jul 16, 2018
rebar.config Update rebar.config Sep 3, 2019
rebar.config.script Support branch transition for release Jun 10, 2019

README.md

emqx-auth-jwt

EMQ X JWT Authentication Plugin

Build

make && make tests

Configure the Plugin

File: etc/plugins/emqx_auth_jwt.conf

## HMAC Hash Secret.
##
## Value: String
auth.jwt.secret = emqxsecret

## From where the JWT string can be got
##
## Value: username | password
## Default: password
auth.jwt.from = password

## RSA or ECDSA public key file.
##
## Value: File
## auth.jwt.pubkey = etc/certs/jwt_public_key.pem

## Enable to verify claims fields
##
## Value: on | off
auth.jwt.verify_claims = off

## The checklist of claims to validate
##
## Value: String
## auth.jwt.verify_claims.$name = expected
##
## Variables:
##  - %u: username
##  - %c: clientid
# auth.jwt.verify_claims.username = %u

Load the Plugin

./bin/emqx_ctl plugins load emqx_auth_jwt

Example

mosquitto_pub -t 'pub' -m 'hello' -i test -u test -P eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuYW1lIjoiYm9iIiwiYWdlIjoyOX0.bIV_ZQ8D5nQi0LT8AVkpM4Pd6wmlbpR9S8nOLJAsA8o

Algorithms

The JWT spec supports several algorithms for cryptographic signing. This plugin currently supports:

  • HS256 - HMAC using SHA-256 hash algorithm

  • HS384 - HMAC using SHA-384 hash algorithm

  • HS512 - HMAC using SHA-512 hash algorithm

  • RS256 - RSA with the SHA-256 hash algorithm

  • RS384 - RSA with the SHA-384 hash algorithm

  • RS512 - RSA with the SHA-512 hash algorithm

  • ES256 - ECDSA using the P-256 curve

  • ES384 - ECDSA using the P-384 curve

  • ES512 - ECDSA using the P-512 curve

License

Apache License Version 2.0

Author

EMQ X Team.

You can’t perform that action at this time.