clj-jwt/README.md

# clj-jwt

[![clj-jwt](https://img.shields.io/clojars/v/yogsototh/clj-jwt.svg)](https://clojars.org/yogsototh/clj-jwt)
[![Dependency Status](https://www.versioneye.com/user/projects/53462a37e97a46e756000308/badge.png)](https://www.versioneye.com/user/projects/53462a37e97a46e756000308)
[![Build Status](https://travis-ci.org/yogsototh/clj-jwt.png?branch=master)](https://travis-ci.org/liquidz/clj-jwt)

A Clojure library for JSON Web Token(JWT) [draft-ietf-oauth-json-web-token-19](http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-19)

## Supporting algorithms
 * HS256, HS384, HS512
 * RS256, RS384, RS512
 * ES256, ES384, ES512

## Not supporting
 * JSON Web Encryption (JWE)

## Usage

### Generate

```clojure
(ns foo
  (:require
    [clj-jwt.core  :refer :all]
    [clj-jwt.key   :refer [private-key]]
    [clj-time.core :refer [now plus days]]))

(def claim
  {:iss "foo"
   :exp (plus (now) (days 1))
   :iat (now)})

(def rsa-prv-key (private-key "rsa/private.key" "pass phrase"))
(def ec-prv-key  (private-key "ec/private.key"))

;; plain JWT
(-> claim jwt to-str)

;; HMAC256 signed JWT
(-> claim jwt (sign :HS256 "secret") to-str)

;; RSA256 signed JWT
(-> claim jwt (sign :RS256 rsa-prv-key) to-str)

;; ECDSA256 signed JWT
(-> claim jwt (sign :ES256 ec-prv-key) to-str)
```

### Verify

```clojure
(ns foo
  (:require
    [clj-jwt.core  :refer :all]
    [clj-jwt.key   :refer [private-key public-key]]
    [clj-time.core :refer [now plus days]]))

(def claim
  {:iss "foo"
   :exp (plus (now) (days 1))
   :iat (now)})

(def rsa-prv-key (private-key "rsa/private.key" "pass phrase"))
(def rsa-pub-key (public-key  "rsa/public.key"))
(def ec-prv-key  (private-key "ec/private.key"))
(def ec-pub-key  (public-key  "ec/public.key"))

;; verify plain JWT
(let [token (-> claim jwt to-str)]
  (-> token str->jwt verify))

;; verify HMAC256 signed JWT
(let [token (-> claim jwt (sign :HS256 "secret") to-str)]
  (-> token str->jwt (verify "secret")))

;; verify RSA256 signed JWT
(let [token (-> claim jwt (sign :RS256 rsa-prv-key) to-str)]
  (-> token str->jwt (verify rsa-pub-key)))

;; verify ECDSA256 signed JWT
(let [token (-> claim jwt (sign :ES256 ec-prv-key) to-str)]
  (-> token str->jwt (verify ec-pub-key)))
```

You can specify algorithm name (OPTIONAL) for more secure verification.

```clj
(ns foo
  (:require
    [clj-jwt.core  :refer :all]))

;; verify with specified algorithm
(let [key   "secret"
      token (-> {:foo "bar"} jwt (sign :HS256 key) to-str)]
  (-> token str->jwt (verify :HS256 key)) ;; => true
  (-> token str->jwt (verify :none key))) ;; => false
```

### Decode

```clj
(ns foo
  (:require
    [clj-jwt.core  :refer :all]))

(def claim
  {:iss "foo"
   :exp (plus (now) (days 1))
   :iat (now)})

;; decode plain JWT
(let [token (-> claim jwt to-str)]
  (println (-> token str->jwt :claims)))

;; decode signed JWT
(let [token (-> claim jwt (sign :HS256 "secret") to-str)]
  (println (-> token str->jwt :claims)))
```

## License

Copyright © 2015 [uochan](http://twitter.com/uochan)

Distributed under the Eclipse Public License, the same as Clojure.
first commit 2013-04-29 13:24:41 +00:00			`# clj-jwt`

changed README 2018-02-28 12:09:28 +00:00			`[![clj-jwt](https://img.shields.io/clojars/v/yogsototh/clj-jwt.svg)](https://clojars.org/yogsototh/clj-jwt)`
update for clojure 1.6.0 2014-04-19 12:21:35 +00:00			`[![Dependency Status](https://www.versioneye.com/user/projects/53462a37e97a46e756000308/badge.png)](https://www.versioneye.com/user/projects/53462a37e97a46e756000308)`
changed README 2018-02-28 12:09:28 +00:00			`[![Build Status](https://travis-ci.org/yogsototh/clj-jwt.png?branch=master)](https://travis-ci.org/liquidz/clj-jwt)`
Update README.md 2013-05-02 16:04:34 +00:00
update for clojure 1.6.0 2014-04-19 12:21:35 +00:00			`A Clojure library for JSON Web Token(JWT) [draft-ietf-oauth-json-web-token-19](http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-19)`
first commit 2013-04-29 13:24:41 +00:00
add key tests 2013-05-02 15:47:25 +00:00			`## Supporting algorithms`
			`* HS256, HS384, HS512`
			`* RS256, RS384, RS512`
update README 2013-05-05 16:27:03 +00:00			`* ES256, ES384, ES512`
add key tests 2013-05-02 15:47:25 +00:00
Update README.md 2013-05-02 16:15:27 +00:00			`## Not supporting`
			`* JSON Web Encryption (JWE)`

first commit 2013-04-29 13:24:41 +00:00			`## Usage`

add key tests 2013-05-02 15:47:25 +00:00			`### Generate`

first commit 2013-04-29 13:24:41 +00:00			```clojure
			`(ns foo`
			`(:require`
support ECDSA algorithm 2013-05-05 16:26:11 +00:00			`[clj-jwt.core :refer :all]`
			`[clj-jwt.key :refer [private-key]]`
			`[clj-time.core :refer [now plus days]]))`
first commit 2013-04-29 13:24:41 +00:00
			`(def claim`
			`{:iss "foo"`
			`:exp (plus (now) (days 1))`
see add clj-jwt.intdate which convert joda-time and IntDate value each other 2014-04-20 09:34:15 +00:00			`:iat (now)})`
first commit 2013-04-29 13:24:41 +00:00
support ECDSA algorithm 2013-05-05 16:26:11 +00:00			`(def rsa-prv-key (private-key "rsa/private.key" "pass phrase"))`
			`(def ec-prv-key (private-key "ec/private.key"))`
add key tests 2013-05-02 15:47:25 +00:00
see add clj-jwt.intdate which convert joda-time and IntDate value each other 2014-04-20 09:34:15 +00:00			`;; plain JWT`
first commit 2013-04-29 13:24:41 +00:00			`(-> claim jwt to-str)`

see add clj-jwt.intdate which convert joda-time and IntDate value each other 2014-04-20 09:34:15 +00:00			`;; HMAC256 signed JWT`
add key tests 2013-05-02 15:47:25 +00:00			`(-> claim jwt (sign :HS256 "secret") to-str)`

see add clj-jwt.intdate which convert joda-time and IntDate value each other 2014-04-20 09:34:15 +00:00			`;; RSA256 signed JWT`
support ECDSA algorithm 2013-05-05 16:26:11 +00:00			`(-> claim jwt (sign :RS256 rsa-prv-key) to-str)`

see add clj-jwt.intdate which convert joda-time and IntDate value each other 2014-04-20 09:34:15 +00:00			`;; ECDSA256 signed JWT`
support ECDSA algorithm 2013-05-05 16:26:11 +00:00			`(-> claim jwt (sign :ES256 ec-prv-key) to-str)`
add key tests 2013-05-02 15:47:25 +00:00			```

			`### Verify`

			```clojure
			`(ns foo`
			`(:require`
support ECDSA algorithm 2013-05-05 16:26:11 +00:00			`[clj-jwt.core :refer :all]`
			`[clj-jwt.key :refer [private-key public-key]]`
			`[clj-time.core :refer [now plus days]]))`
add key tests 2013-05-02 15:47:25 +00:00
			`(def claim`
			`{:iss "foo"`
			`:exp (plus (now) (days 1))`
see add clj-jwt.intdate which convert joda-time and IntDate value each other 2014-04-20 09:34:15 +00:00			`:iat (now)})`
add key tests 2013-05-02 15:47:25 +00:00
support ECDSA algorithm 2013-05-05 16:26:11 +00:00			`(def rsa-prv-key (private-key "rsa/private.key" "pass phrase"))`
			`(def rsa-pub-key (public-key "rsa/public.key"))`
			`(def ec-prv-key (private-key "ec/private.key"))`
			`(def ec-pub-key (public-key "ec/public.key"))`
add key tests 2013-05-02 15:47:25 +00:00
see add clj-jwt.intdate which convert joda-time and IntDate value each other 2014-04-20 09:34:15 +00:00			`;; verify plain JWT`
add key tests 2013-05-02 15:47:25 +00:00			`(let [token (-> claim jwt to-str)]`
			`(-> token str->jwt verify))`

see add clj-jwt.intdate which convert joda-time and IntDate value each other 2014-04-20 09:34:15 +00:00			`;; verify HMAC256 signed JWT`
add key tests 2013-05-02 15:47:25 +00:00			`(let [token (-> claim jwt (sign :HS256 "secret") to-str)]`
			`(-> token str->jwt (verify "secret")))`
first commit 2013-04-29 13:24:41 +00:00
see add clj-jwt.intdate which convert joda-time and IntDate value each other 2014-04-20 09:34:15 +00:00			`;; verify RSA256 signed JWT`
support ECDSA algorithm 2013-05-05 16:26:11 +00:00			`(let [token (-> claim jwt (sign :RS256 rsa-prv-key) to-str)]`
			`(-> token str->jwt (verify rsa-pub-key)))`

see add clj-jwt.intdate which convert joda-time and IntDate value each other 2014-04-20 09:34:15 +00:00			`;; verify ECDSA256 signed JWT`
support ECDSA algorithm 2013-05-05 16:26:11 +00:00			`(let [token (-> claim jwt (sign :ES256 ec-prv-key) to-str)]`
			`(-> token str->jwt (verify ec-pub-key)))`
first commit 2013-04-29 13:24:41 +00:00			```

see #13 add tests and update readme 2015-04-02 11:39:21 +00:00			`You can specify algorithm name (OPTIONAL) for more secure verification.`

			```clj
			`(ns foo`
			`(:require`
			`[clj-jwt.core :refer :all]))`

			`;; verify with specified algorithm`
			`(let [key "secret"`
			`token (-> {:foo "bar"} jwt (sign :HS256 key) to-str)]`
			`(-> token str->jwt (verify :HS256 key)) ;; => true`
			`(-> token str->jwt (verify :none key))) ;; => false`
			```

see #14 Add decoding token sample to README 2015-05-02 05:50:33 +00:00			`### Decode`

			```clj
			`(ns foo`
			`(:require`
			`[clj-jwt.core :refer :all]))`

			`(def claim`
			`{:iss "foo"`
			`:exp (plus (now) (days 1))`
			`:iat (now)})`

			`;; decode plain JWT`
			`(let [token (-> claim jwt to-str)]`
			`(println (-> token str->jwt :claims)))`

			`;; decode signed JWT`
			`(let [token (-> claim jwt (sign :HS256 "secret") to-str)]`
			`(println (-> token str->jwt :claims)))`
			```

first commit 2013-04-29 13:24:41 +00:00			`## License`

#10 bugfix: public-key-from-string on invalid key string 2015-02-25 22:43:08 +00:00			`Copyright © 2015 [uochan](http://twitter.com/uochan)`
first commit 2013-04-29 13:24:41 +00:00
			`Distributed under the Eclipse Public License, the same as Clojure.`