A Clojure library designed to create and verify Json Web Tokens (JWT).
[jerks-whistling-tunes "0.2.4"]
(ns my-app
(:require [jerks-whistling-tunes.core :as core]
[jerks-whistling-tunes.sign :as sign])
There are two main validation functions:
(valid? "header.claims.signature") ; Returns true/false
(validate "header.claims.signature") ; Returns decoded claims if valid, nil otherwise
By default, only the structure of the JWT is validated. Checks can be included by adding them to the validate function.
(def sign-hs256 (sign/hs256 "secret"))
(valid? "header.claims.signature" (signature sign-hs256)
exp
nbf))
(validate "header.claims." (signature sign/none))
(validate "header.claims.signature" exp)
(validate "header.claims.signature" nbf)
(validate "header.claims.signature" (iss "issuer"))
(validate "header.claims.signature" (sub "subject"))
(validate "header.claims.signature" (aud "audience"))
(validate "header.claims.signature" iat)
(encode {:super_admin true} (sign/hs256 "secret"))
All algorithms are under in the jerks-whistling-tunes.sign
namespace.
(ns my-app
(:require [jerks-whistling-tunes.sign :as sign]
[jerks-whistling-tunes.utils :refer [decode-base-64]]))
(sign/hs256 "secret")
(sign/hs384 "secret")
(sign/hs512 (decode-base-64 "my-encoded-secret"))
; Supports either a java.security.KeyPair or a java.security.PublicKey
; KeyPairs support all operations, while a Public can only be used for verification
(sign/rs256 public-key)
(sign/rs384 key-pair)
(sign/rs512 key-pair)
(sign/ec256 public-key)
(sign/ec384 key-pair)
(sign/ec512 key-pair)
sign/none
Copyright © 2015 Aaron Probus
Distributed under the Eclipse Public License either version 1.0 or (at your option) any later version.
Can you improve this documentation?Edit on GitHub
cljdoc is a website building & hosting documentation for Clojure/Script libraries
× close