GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → gbrlsnchs → Jwt

gbrlsnchs / Jwt

Licence: mit
Go JWT signing, verifying and validating

Programming Languages

go
31211 projects - #10 most used programming language
golang
3204 projects

Labels

jwtjwt-authenticationjwt-tokensigninghmacjwt-authed25519jws

Projects that are alternatives of or similar to Jwt

Jose2go
Golang (GO) implementation of Javascript Object Signing and Encryption specification
Stars: ✭ 150 (-61.93%)
Mutual labels:  jwt, jwt-authentication, jwt-token, jwt-auth, jws
Jwt Spring Security Jpa
Backend MVP showcasing JWT (Json Web Token) authentication with multiple login, timeout / refresh / logout (with in memory invalidation) using Spring Security & MySQL JPA.
Stars: ✭ 202 (-48.73%)
Mutual labels:  jwt, jwt-authentication, jwt-token, jwt-auth
Jose Jwt
Ultimate Javascript Object Signing and Encryption (JOSE) and JSON Web Token (JWT) Implementation for .NET and .NET Core
Stars: ✭ 692 (+75.63%)
Mutual labels:  jwt, jwt-authentication, jwt-token, jws
Php Storageless Sessions
Sessions handler which stores session data in HMAC-signed and encrypted cookies
Stars: ✭ 29 (-92.64%)
Mutual labels:  jwt, jwt-authentication, jwt-token, hmac
F License
Open Source License Key Generation and Verification Tool written in Go
Stars: ✭ 535 (+35.79%)
Mutual labels:  jwt, jwt-authentication, jwt-token, hmac
React Login
A client side implementation of authentication using react.js for my blog on medium. This is the second part of my previous blog on how to implement scalable node.js server.
Stars: ✭ 105 (-73.35%)
Mutual labels:  jwt, jwt-authentication, jwt-token, jwt-auth
Jwtpermission
基于token验证的Java Web权限控制框架,使用jjwt,支持redis和db多种存储方式,可用于前后端分离项目,功能完善、使用简单、易于扩展。
Stars: ✭ 186 (-52.79%)
Mutual labels:  jwt, jwt-token, jwt-auth
Php Jwt
Ultra lightweight, dependency free and standalone JSON web token (JWT) library for PHP5.6 to PHP8.0. This library makes JWT a cheese.
Stars: ✭ 214 (-45.69%)
Mutual labels:  jwt, jwt-authentication, jwt-auth
Reallysimplejwt
A really simple library to generate JSON Web Tokens in PHP.
Stars: ✭ 218 (-44.67%)
Mutual labels:  jwt, jwt-token, jwt-auth
Jwt
JSON Web Token library
Stars: ✭ 242 (-38.58%)
Mutual labels:  jwt, hmac, ed25519
Go Jose
An implementation of JOSE standards (JWE, JWS, JWT) in Go
Stars: ✭ 1,849 (+369.29%)
Mutual labels:  jwt, signing, jws
Laravel Jwt
Dead simple, plug and play JWT API Authentication for Laravel (5.4+)
Stars: ✭ 225 (-42.89%)
Mutual labels:  jwt, jwt-authentication, jwt-auth
MyAPI
A template to create awesome APIs easily ⚡️
Stars: ✭ 117 (-70.3%)
Mutual labels:  jwt-token, jwt-authentication, jwt-auth
Doorkeeper Jwt
JWT Token support for Doorkeeper
Stars: ✭ 174 (-55.84%)
Mutual labels:  jwt, jwt-token, jwt-auth
Node Express Mongoose Passport Jwt Rest Api Auth
Node, express, mongoose, passport and JWT REST API authentication example
Stars: ✭ 146 (-62.94%)
Mutual labels:  jwt, jwt-authentication, jwt-token
Jwt
Safe, simple and fast JSON Web Tokens for Go
Stars: ✭ 231 (-41.37%)
Mutual labels:  jwt, jwt-token, jws
Nest Angular
NestJS, Angular 6, Server Side Rendering (Angular Universal), GraphQL, JWT (JSON Web Tokens) and Facebook/Twitter/Google Authentication, Mongoose, MongoDB, Webpack, TypeScript
Stars: ✭ 307 (-22.08%)
Mutual labels:  jwt, jwt-authentication, jwt-auth
jwx
JSON/JWK/JWS/JWT/Base64 library in SPARK
Stars: ✭ 15 (-96.19%)
Mutual labels:  jwt-token, jws, jwt-authentication
Jwt Auth Guard
JWT Auth Guard for Laravel and Lumen Frameworks.
Stars: ✭ 319 (-19.04%)
Mutual labels:  jwt, jwt-authentication, jwt-auth
NodeScalableArchitecture
A Scalable Node Architecture/Server. This repository contains a complete implementation of writing scalable nodejs server/architecture on my medium blog.
Stars: ✭ 62 (-84.26%)
Mutual labels:  jwt-token, jwt-authentication, jwt-auth
View All Similar Projects ➔

jwt (JSON Web Token for Go)

JWT compatible

Github Actions Status Go Report Card GoDoc Version compatibility with Go 1.11 onward using modules Join the chat at https://gitter.im/gbrlsnchs/jwt

About

This package is a JWT signer, verifier and validator for Go (or Golang).

Although there are many JWT packages out there for Go, many lack support for some signing, verifying or validation methods and, when they don't, they're overcomplicated. This package tries to mimic the ease of use from Node JWT library's API while following the Effective Go guidelines.

Support for JWE isn't provided (not yet but is in the roadmap, see #17). Instead, JWS is used, narrowed down to the JWT specification.

Supported signing methods

SHA-256 SHA-384 SHA-512
HMAC ✔️ ✔️ ✔️
RSA ✔️ ✔️ ✔️
RSA-PSS ✔️ ✔️ ✔️
ECDSA ✔️ ✔️ ✔️
EdDSA ✔️

Important

Branch master is unstable, always use tagged versions. That way it is possible to differentiate pre-release tags from production ones. In other words, API changes all the time in master. It's a place for public experiment. Thus, make use of the latest stable version via Go modules.

Usage

Full documentation here.

Installing

Important

For Go 1.11, make sure the environment variable GO111MODULE is set as on when running the install command.

$ go get -u github.com/gbrlsnchs/jwt/v3

Signing

import (
	"time"

	"github.com/gbrlsnchs/jwt/v3"
)

type CustomPayload struct {
	jwt.Payload
	Foo string `json:"foo,omitempty"`
	Bar int    `json:"bar,omitempty"`
}

var hs = jwt.NewHS256([]byte("secret"))

func main() {
	now := time.Now()
	pl := CustomPayload{
		Payload: jwt.Payload{
			Issuer:         "gbrlsnchs",
			Subject:        "someone",
			Audience:       jwt.Audience{"https://golang.org", "https://jwt.io"},
			ExpirationTime: jwt.NumericDate(now.Add(24 * 30 * 12 * time.Hour)),
			NotBefore:      jwt.NumericDate(now.Add(30 * time.Minute)),
			IssuedAt:       jwt.NumericDate(now),
			JWTID:          "foobar",
		},
		Foo: "foo",
		Bar: 1337,
	}

	token, err := jwt.Sign(pl, hs)
	if err != nil {
		// ...
	}

	// ...
}

Verifying

import "github.com/gbrlsnchs/jwt/v3"

type CustomPayload struct {
	jwt.Payload
	Foo string `json:"foo,omitempty"`
	Bar int    `json:"bar,omitempty"`
}

var hs = jwt.NewHS256([]byte("secret"))

func main() {
	// ...

	var pl CustomPayload
	hd, err := jwt.Verify(token, hs, &pl)
	if err != nil {
		// ...
	}

	// ...
}

Other use case examples

Setting "cty" and "kid" claims

The "cty" and "kid" claims can be set by passing options to the jwt.Sign function:

import (
	"time"

	"github.com/gbrlsnchs/jwt/v3"
)

var hs = jwt.NewHS256([]byte("secret"))

func main() {
	pl := jwt.Payload{
		Subject:  "gbrlsnchs",
		Issuer:   "gsr.dev",
		IssuedAt: jwt.NumericDate(time.Now()),
	}

	token, err := jwt.Sign(pl, hs, jwt.ContentType("JWT"), jwt.KeyID("my_key"))
	if err != nil {
		// ...
	}

	// ...
}
Validating claims 

import (
	"time"

	"github.com/gbrlsnchs/jwt/v3"
)

type CustomPayload struct {
	jwt.Payload
	Foo string `json:"foo,omitempty"`
	Bar int    `json:"bar,omitempty"`
}

var hs = jwt.NewHS256([]byte("secret"))

func main() {
	// ...

	var (
		now = time.Now()
		aud = jwt.Audience{"https://golang.org"}

		// Validate claims "iat", "exp" and "aud".
		iatValidator = jwt.IssuedAtValidator(now)
		expValidator = jwt.ExpirationTimeValidator(now)
		audValidator = jwt.AudienceValidator(aud)

		// Use jwt.ValidatePayload to build a jwt.VerifyOption.
		// Validators are run in the order informed.
		pl              CustomPayload
		validatePayload = jwt.ValidatePayload(&pl.Payload, iatValidator, expValidator, audValidator)
	)

	hd, err := jwt.Verify(token, hs, &pl, validatePayload)
	if err != nil {
		// ...
	}

	// ...
}
Validating "alg" before verifying

For validating the "alg" field in a JOSE header before verification, the jwt.ValidateHeader option must be passed to jwt.Verify.

import "github.com/gbrlsnchs/jwt/v3"

var hs = jwt.NewHS256([]byte("secret"))

func main() {
	// ...

	var pl jwt.Payload
	if _, err := jwt.Verify(token, hs, &pl, jwt.ValidateHeader); err != nil {
		// ...
	}

	// ...
}
Using an Algorithm resolver 

import (
	"errors"

	"github.com/gbrlsnchs/jwt/v3"
	"github.com/gbrlsnchs/jwt/v3/jwtutil"
)

var (
	// ...

	rs256 = jwt.NewRS256(jwt.RSAPublicKey(myRSAPublicKey))
	es256 = jwt.NewES256(jwt.ECDSAPublicKey(myECDSAPublicKey))
)

func main() {
	rv := &jwtutil.Resolver{New: func(hd jwt.Header) (jwt.Algorithm, error) {
		switch hd.KeyID {
		case "foo":
			return rs256, nil
		case "bar":
			return es256, nil
		default:
			return nil, errors.New(`invalid "kid"`)
		}
	}}
	var pl jwt.Payload
	if _, err := jwt.Verify(token, rv, &pl); err != nil {
		// ...
	}

	// ...
}

Contributing

How to help

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].