PhilJay / Jwt
Licence: apache-2.0
Kotlin JWT 🔑 implementation (Json Web Token) as required by APNs 🔔 (Apple Push Notifications) or Sign in with Apple 🍏
Stars: ✭ 31
Programming Languages
kotlin
9241 projects
Projects that are alternatives of or similar to Jwt
Apns2
⚡ HTTP/2 Apple Push Notification Service (APNs) push provider for Go — Send push notifications to iOS, tvOS, Safari and OSX apps, using the APNs HTTP/2 protocol.
Stars: ✭ 2,569 (+8187.1%)
Mutual labels: apple, apns, jwt, jwt-token
Node Express Mongoose Passport Jwt Rest Api Auth
Node, express, mongoose, passport and JWT REST API authentication example
Stars: ✭ 146 (+370.97%)
Mutual labels: jwt, jwt-authentication, jwt-token
Jwt
Go JWT signing, verifying and validating
Stars: ✭ 394 (+1170.97%)
Mutual labels: jwt, jwt-authentication, jwt-token
F License
Open Source License Key Generation and Verification Tool written in Go
Stars: ✭ 535 (+1625.81%)
Mutual labels: jwt, jwt-authentication, jwt-token
Jwt Cli
A super fast CLI tool to decode and encode JWTs built in Rust
Stars: ✭ 336 (+983.87%)
Mutual labels: jwt, jwt-token, json-web-token
Httpie Jwt Auth
JWTAuth (JSON Web Tokens) auth plugin for HTTPie
Stars: ✭ 140 (+351.61%)
Mutual labels: jwt, jwt-authentication, jwt-token
Jwt Spring Security Jpa
Backend MVP showcasing JWT (Json Web Token) authentication with multiple login, timeout / refresh / logout (with in memory invalidation) using Spring Security & MySQL JPA.
Stars: ✭ 202 (+551.61%)
Mutual labels: jwt, jwt-authentication, jwt-token
React Login
A client side implementation of authentication using react.js for my blog on medium. This is the second part of my previous blog on how to implement scalable node.js server.
Stars: ✭ 105 (+238.71%)
Mutual labels: jwt, jwt-authentication, jwt-token
Reallysimplejwt
A really simple library to generate JSON Web Tokens in PHP.
Stars: ✭ 218 (+603.23%)
Mutual labels: jwt, jwt-token, json-web-token
Jose Jwt
Ultimate Javascript Object Signing and Encryption (JOSE) and JSON Web Token (JWT) Implementation for .NET and .NET Core
Stars: ✭ 692 (+2132.26%)
Mutual labels: jwt, jwt-authentication, jwt-token
Go Book Store Api
Go Sample project to understand Mysql CRUD operation with best practises Includes logging, JWT, Swagger and Transactions
Stars: ✭ 18 (-41.94%)
Mutual labels: jwt, jwt-authentication, jwt-token
Laravel Vue Starter
Well Documented Laravel Starter App From Development to Production. For Full Blown RESTFUL API and SPA with Beautiful UI Using Buefy / ElementUi For Reusable Vue Components
Stars: ✭ 76 (+145.16%)
Mutual labels: jwt, jwt-authentication, jwt-token
Jose2go
Golang (GO) implementation of Javascript Object Signing and Encryption specification
Stars: ✭ 150 (+383.87%)
Mutual labels: jwt, jwt-authentication, jwt-token
Php Jwt
Ultra lightweight, dependency free and standalone JSON web token (JWT) library for PHP5.6 to PHP8.0. This library makes JWT a cheese.
Stars: ✭ 214 (+590.32%)
Mutual labels: jwt, jwt-authentication, json-web-token
Laravel Jwt
Dead simple, plug and play JWT API Authentication for Laravel (5.4+)
Stars: ✭ 225 (+625.81%)
Mutual labels: jwt, jwt-authentication, json-web-token
Php Storageless Sessions
Sessions handler which stores session data in HMAC-signed and encrypted cookies
Stars: ✭ 29 (-6.45%)
Mutual labels: jwt, jwt-authentication, jwt-token
Apns4erl
Apple Push Notification Server for Erlang
Stars: ✭ 352 (+1035.48%)
Mutual labels: apple, apns
Apnotic
A Ruby APNs HTTP/2 gem able to provide instant feedback.
Stars: ✭ 360 (+1061.29%)
Mutual labels: apple, apns
Aspnetcore Webapi Course
Professional REST API design with ASP.NET Core 3.1 WebAPI
Stars: ✭ 323 (+941.94%)
Mutual labels: jwt, jwt-authentication
Cerberus
A demonstration of a completely stateless and RESTful token-based authorization system using JSON Web Tokens (JWT) and Spring Security.
Stars: ✭ 482 (+1454.84%)
Mutual labels: jwt, json-web-token
JWT
Lightweight Kotlin JWT implementation (Json Web Token) designed for Apple, as required by APNs (Apple Push Notification Service) or Sign in with Apple (including JWT verification via JWK), for use on Kotlin powered backend servers. Eases the process of creating & verifying the token based on your credentials.
No other dependencies required.
Dependency
Add the following to your build.gradle file:
allprojects {
repositories {
maven { url 'https://jitpack.io' }
}
}
dependencies {
implementation 'com.github.PhilJay:JWT:1.1.5'
}
Or add the following to your pom.xml:
<repositories>
<repository>
<id>jitpack.io</id>
<url>https://jitpack.io</url>
</repository>
</repositories>
<dependency>
<groupId>com.github.PhilJay</groupId>
<artifactId>JWT</artifactId>
<version>1.1.5</version>
</dependency>
Creating JWT
Create required encoders, decoders and JSON Mapper (e.g. Gson or equivalent). These are later used to properly encode or decode the token header and payload.
val gson = GsonBuilder().create()
// generic JSON encoder
val jsonEncoder = object : JsonEncoder<JWTAuthHeader, JWTAuthPayload> {
override fun toJson(header: JWTAuthHeader): String {
return gson.toJson(header, JWTAuthHeader::class.java)
}
override fun toJson(payload: JWTAuthPayload): String {
return gson.toJson(payload, JWTAuthPayload::class.java)
}
}
// Base64 encoder using apache commons
private val encoder = object : Base64Encoder {
override fun encodeURLSafe(bytes: ByteArray): String {
return Base64.encodeBase64URLSafeString(bytes)
}
override fun encode(bytes: ByteArray): String {
return Base64.encodeBase64String(bytes)
}
}
// Base64 decoder using apache commons
private val decoder = object : Base64Decoder {
override fun decode(bytes: ByteArray): ByteArray {
return Base64.decodeBase64(bytes)
}
override fun decode(string: String): ByteArray {
return Base64.decodeBase64(string)
}
}
Create the token by providing your teamId, keyId and secret (private key excluding header and footer). The teamId can be obtained from the developer member center. The keyId can be obtained when you create your secret (private key).
val token = JWT.token("teamId", "keyId", "secret", jsonEncoder, encoder, decoder)
// or...
val header = JWTAuthHeader(...)
val payload = JWTAuthPayload(...)
val token = JWT.token(header, payload, "secret", jsonEncoder, encoder, decoder)
Decoding JWT
If you want to decode a JWT String, create a JSON decoder:
private val jsonDecoder = object : JsonDecoder<JWTAuthHeader, JWTAuthPayload> {
override fun headerFrom(json: String): JWTAuthHeader {
return gson.fromJson(json, JWTAuthHeader::class.java)
}
override fun payloadFrom(json: String): JWTAuthPayload {
return gson.fromJson(json, JWTAuthPayload::class.java)
}
}
Use the json decoder to decode your token String:
val tokenString = "ey..." // a valid JWT as a String
val t: JWTToken<JWTAuthHeader, JWTAuthPayload>? = JWT.decode(tokenString, jsonDecoder, decoder)
// conveniently access properties of the token...
val issuer = t?.payload?.iss
Verifying
In order to verify a JWT received from Sign in with Apple, securely transmit it to your backend, then obtain a JWK (Json Web Key) from Apple and use it as a public key for verification:
val jwk: JWKObject = ... // fetch current JWK (public key) from Apple endpoint
val tokenString = "ey..." // the token to validate / verify (obtained from Sign in with Apple)
// turns JWK into RSA public key, returns true if validation is successful
val valid = JWT.verify(tokenString, jwk, decoder)
Usage with APNs
Include the token in the authentication header when you make yor push notification request to APNs:
'authentication' 'bearer $token'
If you are sending pushes to iOS 13+ devices, also include the apns-push-type header:
'apns-push-type' 'alert' // possible values are 'alert' or 'background'
Documentation
For a detailed guide, please visit the APNs documentation page by Apple as well as the verifying users and generating tokens pages for Sign in with Apple. jwt.io is a good page for "debugging" tokens.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].