Skip to content
🔑 Paseto.NET, a Paseto (Platform-Agnostic Security Tokens) implementation for .NET
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github
src
.editorconfig
.gitignore
.travis.yml
LICENSE
README.md
appveyor.yml

README.md

Paseto.NET, a Paseto (Platform-Agnostic Security Tokens) implementation for .NET

Build status Build Status NuGet MyGet Dependabot Status Maintenance License contributions welcome

Features

v1.local v1.public v2.local v2.public
✔️ ✔️ ✔️

Usage

Building a Paseto

var token = new PasetoBuilder<Version2>()
		.WithKey(secret)
		.AddClaim("example", "Hello Paseto!")
		.Expiration(DateTime.UtcNow.AddHours(24))
		.AsPublic() // Purpose
		.Build();
var encoder = new PasetoEncoder(cfg => cfg.Use<Version2>(secret)); // default is public purpose
var token = encoder.Encode(new PasetoPayload
{
	{ "example", "Hello Paseto!" },
	{ "exp", DateTime.UtcNow.AddHours(24) }
});

Encoded Token:

v2.public.eyJleGFtcGxlIjoiSGVsbG8gUGFzZXRvISIsImV4cCI6IjIwMTgtMDQtMDdUMDU6MDQ6MDcuOTE5NjM3NVoifTuR3EYYCG12DjhIqPKiVmTkKx2ewCDrYNZHcoewiF-lpFeaFqKW3LkEgnW28UZxrBWA5wrLFCR5FP1qUlMeqQA

Decoding a Paseto

var payload = new PasetoBuilder<Version2>()
		.WithKey(publicKey)
		.AsPublic() // Purpose
		.Decode(token);
var decoder = new PasetoDecoder(cfg => cfg.Use<Version2>(publicKey)); // default is public purpose
var payload = decoder.Decode(token);

Decrypted Payload:

{
  "example": "Hello Paseto!",
  "exp": "2018-04-07T05:04:07.9196375Z"
}

Roadmap

  • Switch from Unix DateTime to ISO 8601 compliant to adhere to Paseto registered claims
  • Add support for local authentication for v2
  • Add support for local authentication for v1
  • Add support for version detection when decoding
  • Add payload validation rules
  • Improve protocol versioning
  • Add more documentation on the usage
  • Extend the fluent builder API
  • Add more tests

Cryptography

  • Uses Ed25519 algorithm from CodesInChaos Chaos.NaCl cryptography library.
  • Uses Blake2b cryptographic hash function from metadings repository.
  • Uses XChaCha20-Poly1305 AEAD from NaCl.Core repository.
You can’t perform that action at this time.