Home

Awesome

JSON Web Token travis hex docs

A JSON Web Token (JWT) implementation for Elixir

Description

An Elixir implementation of the JSON Web Token (JWT) standard RFC 7519

Philosophy & design goals

Usage

Add JsonWebToken as a dependency in your mix.exs file:

defp deps do
  [{:json_web_token, "~> 0.2"}]
end

JsonWebToken.sign(claims, options)

Returns a JSON Web Token string

claims (required) string or map

options (required) map

Include any JWS JOSE header parameters (RFC 7515) in the options map

Example


# sign with default algorithm, HMAC SHA256
jwt = JsonWebToken.sign(%{foo: "bar"}, %{key: "gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr9C"})

# sign with RSA SHA256 algorithm
private_key = JsonWebToken.Algorithm.RsaUtil.private_key("path/to/", "key.pem")
opts = %{
  alg: "RS256",
  key: private_key
}

jwt = JsonWebToken.sign(%{foo: "bar"}, opts)

# unsecured token (algorithm is "none")
jwt = JsonWebToken.sign(%{foo: "bar"}, %{alg: "none"})

JsonWebToken.verify(jwt, options)

Returns a tuple, either:

"jwt" (required) is a JSON web token string

options (required) map

Example


secure_jwt_example = "eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt.cGxlLmNvbS9pc19yb290Ijp0cnVlfQ.dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk"

# verify with default algorithm, HMAC SHA256
{:ok, claims} = JsonWebToken.verify(secure_jwt_example, %{key: "gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr9C"})

# verify with RSA SHA256 algorithm
opts = %{
  alg: "RS256",
  key: < RSA public key >
}

{:ok, claims} = JsonWebToken.verify(jwt, opts)

# unsecured token (algorithm is "none")
unsecured_jwt_example = "eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt."

{:ok, claims} = JsonWebToken.verify(unsecured_jwt_example, %{alg: "none"})

Supported encryption algorithms

alg Param ValueDigital Signature or MAC Algorithm
HS256HMAC using SHA-256 per RFC 2104
HS384HMAC using SHA-384
HS512HMAC using SHA-512
RS256RSASSA-PKCS-v1_5 using SHA-256 per RFC3447
RS384RSASSA-PKCS-v1_5 using SHA-384
RS512RSASSA-PKCS-v1_5 using SHA-512
ES256ECDSA using P-256 and SHA-256 per DSS
ES384ECDSA using P-384 and SHA-384
ES512ECDSA using P-521 and SHA-512
noneNo digital signature or MAC performed (unsecured)

Registered claim names

A companion Hex package, JWT Claims, provides support for verifying these optional, registered claim names:

Supported Elixir versions

Elixir 1.4 and up

Limitations

Future implementation may include these features: