Skip to content
This repository has been archived by the owner on Mar 27, 2018. It is now read-only.

zolamk/jwt

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 

Dub version

JWT

A Simple D implementation of JSON Web Tokens.

Supported Algorithms

  • none
  • HS256
  • HS384
  • HS512

This library uses semantic versioning 2.0.0

What's New

  • added support for arrays and objects in claims
  • removed verify function that doesn't take algorithm type, see why here
  • changed verify function to take an array of algorithms to support multiple algorithms
  • renamed InvalidSignature to InvalidSignatureException

How To Use

Encoding

import jwt.jwt;
import jwt.algorithms;
import std.json;

void main() {

    JSONValue user = ["id": JSONValue(60119), "uri": JSONValue("https://api.we.are/60119")];

    Token token = new Token(JWTAlgorithm.HS512);

    token.claims.exp = Clock.currTime.toUnixTime();

    token.claims.set("user", user);

    token.claims.set("data", [JSONValue("zm"), JSONValue(58718)]);

    string encodedToken = token.encode("supersecret");

    // work with the encoded token

}

Verifying

import jwt.jwt;
import jwt.exceptions;
import jwt.algorithms;

void main() {

    // get encoded token from header or ...

    try {

        Token token = verify(encodedToken, "supersecret", [JWTAlgorithm.HS512, JWTAlgorithm.HS256]);

        writeln(token.claims.getInt("id"));

        JSONValue user = token.claims.getObject("user");

        JSONValue[] a = token.claims.getArray("data");

        long userID = user["id"].integer();

        string uri = user["uri"].str();

        writeln(userID);

        writeln(uri);

        writeln(a[0].str());

        writeln(a[1].integer());

    } catch (InvalidAlgorithmException e) {

        writeln("token has an invalid algorithm");

    } catch (InvalidSignatureException e) {

        writeln("This token has been tampered with");

    } catch (NotBeforeException e) {

        writeln("Token is not valid yet");

    } catch (ExpiredException e) {

        writeln("Token has expired");

    }

}

Encoding without signature

import jwt.jwt;
import jwt.algorithms;

void main() {

    Token token = new Token(JWTAlgorithm.NONE);

    token.claims.exp = Clock.currTime.toUnixTime();

    token.claims.set("id", 60119);

    string encodedToken = token.encode();

    // work with the encoded token

}

Verifying without signature

import jwt.jwt;
import jwt.exceptions;
import jwt.algorithms;

void main() {

    // get encoded token from header or ...

    try {

        Token token = verify(encodedToken);

        writeln(token.claims.getInt("id"));

    } catch (NotBeforeException e) {

        writeln("Token is not valid yet");

    } catch (ExpiredException e) {

        writeln("Token has expired");

    }

}

Limitations

  • Since Phobos doesn't(hopefully yet) support RSA algorithms this library only provides HMAC signing.

Note

this library uses code and ideas from jwtd and jwt-go

About

A Simple D Implementation of JSON Web Tokens.

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages