package jwto

You can search for identifiers within the package.

in-package search v0.2.0

JWT encoding, decoding and verification

Install

Dune Dependency

github.com Readme Changelog MIT License Edit opam file Versions (5)

Authors

S

Sebastian Porto

Maintainers

S

Sebastian Porto

Sources

jwto-0.4.0.tbz

sha256=d77316759763070495e6484eb1226d936eb6d3d1aa1126187f512f2efdc86ca3

sha512=4daa12af774b69bf46fe1d61982c3ceba8c4cef08319926b9f639334f12c1624ea1eebe51208f8d5d8d32ea48935eb48e0db1d8679242479e5565e0b2626dcce

Description

JWT encoding, decoding and verification

Published: 05 Oct 2021

README

Ocaml JWT

Create and encode a signed token

A payload is a list of tuples (string, string):

let payload =
  [
    ("user", "sam");
    ("age", "17");
  ]

For the signature algorithm, Jwto supports HMAC applied to SHA-256 or SHA-512.

We can sign and encode the payload in one go by doing:

Jwto.encode Jwto.HS256 "secret" payload

-->

"eyJhbGciOiJIUzI1NiJ9..."

Decode token

To decode the token without verifying it, and get a Jwto.t:

let signed_token =
  match Jwto.decode "eyJhbGciOiJIUzI1NiJ9..." with
  | Ok t -> t
  | Error err -> failwith err

-->

{ header = ...; payload = [...]; signature = ... }

Verify token

Jwto.is_valid "secret" signed_token

-->

true

Decode and verify

To decode and verify the token in one go:

Jwto.decode_and_verify "secret" "eyJhbGciOiJIUzI1NiJ9..."

-->

Ok { header = ...; payload = [...]; signature = ... }

If the verification fails, you will get an Error.

Dependencies (8)

ppx_deriving >= "4.2"
re >= "1.8"
base64 >= "3.1"
yojson >= "1.6"
fmt >= "0.8"
digestif >= "1.0.0"
dune >= "2.7"
ocaml >= "4.08.0"

Dev Dependencies (2)

odoc with-doc
alcotest with-test

Used by (2)

sihl < "0.2.0" | >= "0.3.0~rc2"
sihl-core

Conflicts

None

On This Page

Description
Readme
Dependencies (8)
Dev Dependencies (2)
Used by (2)
Conflicts