Liking cljdoc? Tell your friends :D

jwt-verify-jwks

Validate a JWT based on a JWKS url

Installation

Clojars Project

Usage

Function requires:

  • A string containing the JWT
  • A string containing the url of the JWKS
  • A string containing the algorithm used to sign the JWT (e.g: 'rs256') Returns a the unsigned JWT or an error.
(ns jwt-verify-jwks.test
  (:require [jwt-verify-jwks.core :refer [jwt-validate-jwks]]))
  
(jwt-validate-jwks "xxxx.xxxx.xxxxx" "http://myjwks.com" "rs256")
;; => {:email "xxx@xxx.com",
       :aud "xxx",
       :sub "xxx",
       :iss "https://xxx.com/",
       :name "xxx@xxx.com",
       :nickname "xxx",
       :exp 1111111111,
       :email_verified true,
       :updated_at "xxxx-xx-xxTxx:xx:xx.xxxZ",
       :picture "https://xxx.com/xxx.png",
       :iat 1111111111}

;; "Error with public key: Token is expired (1111111111)"

Supported algorithms

This library relies on Funcool buddy-sign library. Here are the supported algorithms:

Algorithm nameHash algorithmsKeywords
Elliptic Curve DSAsha256, sha512:es256, :es512
RSASSA PSSsha256, sha512:ps256, :ps512
RSASSA PKCS1 v1_5sha256, sha512:rs256, :rs512
HMACsha256*, sha512:hs256, :hs512

Changelog

Contributing

Pull requests are welcome.

License

Can you improve this documentation?Edit on GitHub

cljdoc is a website building & hosting documentation for Clojure/Script libraries

× close