Awesome
redbean-jwt <sub><sup>JSON Web Token for redbean<sup><sub>
Compatible algorithms
none
, HS256
, HS384
and HS512
What is JSON Web Token?
JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object.
This information can be verified and trusted because it is digitally signed.
JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA.
source: jwt.io/introduction
How to use
Read the documentation
Notes
jwt.lua
is possible because redbean 2.0.11 introduced EncodeJson
and DecodeJson
.
Previous versions did not have these functions.
If jwt.lua
is needed for a previous version, a bit of work is required to make jwt.lua
compatible.
json.stringify
and json.parse
in this gist can be used in place of EncodeJson
and DecodeJson
.
Consider the header & payload to be unencrypted and visible for the whole world.
So it is recommended not to use it for unencrypted credentials/personal data.
GetCryptoHash
is used to create the JWT signature segment.
As of writing this, the function expects one of the following strings:
MD5
, SHA1
, SHA224
, SHA256
, SHA384
, SHA512
, BLAKE2B256
.
The SHA256
, SHA384
, SHA512
are equal to HS256
, HS384
, HS512
.
For compatibility’s sake the received HS algo's are renamed to SHA counterpart by a lookup table.
It is possible to use the other algorithms in a JWT, but this breaks compatibility.
More awesome projects
Check out this collection with awesome-cosmopolitan projects
<!-- archive.ph/djKJg --> <!-- archive.ph/xZPJX --> <!-- archive.ph/5leC3 --> <!-- archive.ph/nC7QT -->