Swift implementation of JSON Web Token.
CocoaPods is the recommended installation method.
pod 'JSONWebToken'
import JWT
JWT.encode(claims: ["my": "payload"], algorithm: .hs256("secret".data(using: .utf8)!))
var claims = ClaimSet()
claims.issuer = "fuller.li"
claims.issuedAt = Date()
claims["custom"] = "Hi"
JWT.encode(claims: claims, algorithm, algorithm: .hs256("secret".data(using: .utf8)))
JWT.encode(.hs256("secret".data(using: .utf8))) { builder in
builder.issuer = "fuller.li"
builder.issuedAt = Date()
builder["custom"] = "Hi"
}
When decoding a JWT, you must supply one or more algorithms and keys.
do {
let claims: ClaimSet = try JWT.decode("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.e30.2_8pWJfyPup0YwOXK7g9Dn0cF1E3pdn299t4hSeJy5w", algorithm: .hs256("secret".data(using: .utf8)!))
print(claims)
} catch {
print("Failed to decode JWT: \(error)")
}
When the JWT may be signed with one out of many algorithms or keys:
try JWT.decode("eyJh...5w", algorithms: [
.hs256("secret".data(using: .utf8)!),
.hs256("secret2".data(using: .utf8)!),
.hs512("secure".data(using: .utf8)!)
])
You might also want to give your iat, exp and nbf checks some kind of leeway to account for skewed clocks. You can do this by passing a leeway
parameter like this:
try JWT.decode("eyJh...5w", algorithm: .hs256("secret".data(using: .utf8)!), leeway: 10)
The library supports validating the following claims:
- Issuer (
iss
) Claim - Expiration Time (
exp
) Claim - Not Before (
nbf
) Claim - Issued At (
iat
) Claim - Audience (
aud
) Claim
This library supports the following algorithms:
none
- Unsecured JWTshs256
- HMAC using SHA-256 hash algorithm (default)hs384
- HMAC using SHA-384 hash algorithmhs512
- HMAC using SHA-512 hash algorithm
JSONWebToken is licensed under the BSD license. See LICENSE for more info.