JWT
The JWT module lets you encode, decode and verify Json Web Tokens easily!
start:
do payload = {
"user": "name",
"somekey": {
"somevalue": 42
},
"exp": 1618064023,
"iss": "CSML STUDIO"
}
do jwt = JWT(payload).sign("HS256", "SECRET_KEY")
say jwt
do decoded = JWT(jwt).decode("HS256", "SECRET_KEY")
say "{{decoded}}"
do claims = {
"iss": "CSML STUDIO"
}
do verified = JWT(jwt).verify(claims, "HS256", "SECRET_KEY")
say "{{verified}}"
exemple:
JWT(data).sign(algorithm, secret)
data
: json object to sign and convert to a JWT tokenalgorithm
: see belowsecret
: a secret string used to sign the JWT
This method returns a properly encoded JWT as a string.
exemple:
JWT(token).decode(algorithm, secret)
token
: the token to decode
Note:
decode
does not try to verify that the token is valid. It simply decodes its payload back to the original form.This method returns the full JWT data, in the form:
{ "payload": { ... your data }, "headers": { "alg": ALG, "typ": "JWT" }}
exemple:
JWT(token).verify(claims, algorithm, secret)
claims
: set of claims (in JSON form) to verify the JWT against
This method returns the full JWT data, in the form:
{ "payload": { ... your data }, "headers": { "alg": ALG, "typ": "JWT" }}
JWT supports the following algorithms:
HS256
, HS384
, HS512
(corresponding to HMAC using SHA-256, SHA-384 and SHA-512 respectively).The secret key must be a valid, url-safe string.
When a sign, decode or verify operation fails,
Null
is returned and a say Error(error_message)
is emitted.
Last modified 2yr ago