Skip to content

rolfscherer/zjwt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
.vscode
.vscode
 
 
certs
certs
 
 
example/src
example/src
 
 
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
build.zig
build.zig
 
 
zig.mod
zig.mod
 
 

Repository files navigation

JSON Web Tokens (JWT) library

This library implement signing and verification of JSON Web Tokens, or JWTs, based on RFC 7159.

The library is implemented in the zig language and only uses the standard libraries.

Features

  • Sign
  • Verify
  • iss check
  • sub check
  • aud check
  • exp check
  • nbf check
  • iat check
  • jti check
  • typ check

Encryption algorithms:

  • HS256
  • HS384
  • HS512
  • PS256
  • PS384

Create Token

fn createToken(alg: zjwt.Algorithm, signatureOptions: zjwt.SignatureOptions, buffer: *std.ArrayList(u8), allocator: Allocator) !void {
    var j = zjwt.ZJwt.init(allocator);

    var token = zjwt.Token.init(allocator);
    defer token.deinit();

    // Builds the header as follows { "typ": "JWT", "alg": "HS256" }
    try token.createDefaultHeader(alg);

    // Builds the payload as follows { "iss": "zjwt", "sub": "username", "iat": 1690702984, "exp": 1690706584 }
    try token.addIssuer(issuer);
    try token.addSubject("username");
    try token.addIssuedAt();
    try token.addExpiresAt(3600);

    // Encodes the header and the token to base64 and creates the signature using the chosen algorithm
    try buffer.appendSlice(try j.encode(alg, signatureOptions, &token));
}

Validate Token

fn vlidateToken(alg: zjwt.Algorithm, signatureOptions: zjwt.SignatureOptions, tokenBase64: []const u8, allocator: Allocator) !void {
    var j = zjwt.ZJwt.init(allocator);
    var token = zjwt.Token.init(allocator);
    defer token.deinit();

    // The default header validator checks the algorithm and the type
    var headerValidator = try zjwt.validator.createDefaultHeaderValidator(allocator, alg.phrase());
    defer headerValidator.deinit();

    // The default payload validator checks the issuer and the expiration time
    var payloadValidator = try zjwt.validator.createDefaultPayloadValidator(allocator, issuer);

    try j.decode(alg, signatureOptions, .{
        .saveHeader = false, // Do not save the header
        .savePayload = true, // Save the payload 
        .headerValidator = headerValidator, // Validate the header
        .payloadValidator = payloadValidator, // Validate the payload
    }, tokenBase64, &token);

    std.debug.print("Token validated for subject: {s}\n", .{token.payload.get(zjwt.Claims.SUBJECT).?.string});
}

Here the whole example github.com/rolfscherer/zjwt/blob/master/example/src/main.zig

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases 2

0.2 Latest
Jul 30, 2023
+ 1 release

Packages

No packages published

Languages