Skip to content
This repository has been archived by the owner on Jul 4, 2018. It is now read-only.

liquidz/clj-jwt

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

44 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

clj-jwt

Build Status Dependency Status

A Clojure library for JSON Web Token(JWT) draft-ietf-oauth-json-web-token-19

Supporting algorithms

  • HS256, HS384, HS512
  • RS256, RS384, RS512
  • ES256, ES384, ES512

Not supporting

  • JSON Web Encryption (JWE)

Usage

Leiningen

clj-jwt

Generate

(ns foo
  (:require
    [clj-jwt.core  :refer :all]
    [clj-jwt.key   :refer [private-key]]
    [clj-time.core :refer [now plus days]]))

(def claim
  {:iss "foo"
   :exp (plus (now) (days 1))
   :iat (now)})

(def rsa-prv-key (private-key "rsa/private.key" "pass phrase"))
(def ec-prv-key  (private-key "ec/private.key"))

;; plain JWT
(-> claim jwt to-str)

;; HMAC256 signed JWT
(-> claim jwt (sign :HS256 "secret") to-str)

;; RSA256 signed JWT
(-> claim jwt (sign :RS256 rsa-prv-key) to-str)

;; ECDSA256 signed JWT
(-> claim jwt (sign :ES256 ec-prv-key) to-str)

Verify

(ns foo
  (:require
    [clj-jwt.core  :refer :all]
    [clj-jwt.key   :refer [private-key public-key]]
    [clj-time.core :refer [now plus days]]))

(def claim
  {:iss "foo"
   :exp (plus (now) (days 1))
   :iat (now)})

(def rsa-prv-key (private-key "rsa/private.key" "pass phrase"))
(def rsa-pub-key (public-key  "rsa/public.key"))
(def ec-prv-key  (private-key "ec/private.key"))
(def ec-pub-key  (public-key  "ec/public.key"))

;; verify plain JWT
(let [token (-> claim jwt to-str)]
  (-> token str->jwt verify))

;; verify HMAC256 signed JWT
(let [token (-> claim jwt (sign :HS256 "secret") to-str)]
  (-> token str->jwt (verify "secret")))

;; verify RSA256 signed JWT
(let [token (-> claim jwt (sign :RS256 rsa-prv-key) to-str)]
  (-> token str->jwt (verify rsa-pub-key)))

;; verify ECDSA256 signed JWT
(let [token (-> claim jwt (sign :ES256 ec-prv-key) to-str)]
  (-> token str->jwt (verify ec-pub-key)))

You can specify algorithm name (OPTIONAL) for more secure verification.

(ns foo
  (:require
    [clj-jwt.core  :refer :all]))

;; verify with specified algorithm
(let [key   "secret"
      token (-> {:foo "bar"} jwt (sign :HS256 key) to-str)]
  (-> token str->jwt (verify :HS256 key)) ;; => true
  (-> token str->jwt (verify :none key))) ;; => false

Decode

(ns foo
  (:require
    [clj-jwt.core  :refer :all]))

(def claim
  {:iss "foo"
   :exp (plus (now) (days 1))
   :iat (now)})

;; decode plain JWT
(let [token (-> claim jwt to-str)]
  (println (-> token str->jwt :claims)))

;; decode signed JWT
(let [token (-> claim jwt (sign :HS256 "secret") to-str)]
  (println (-> token str->jwt :claims)))

License

Copyright © 2015 uochan

Distributed under the Eclipse Public License, the same as Clojure.

About

Clojure library for JSON Web Token(JWT)

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published