2013-04-29 13:24:41 +00:00
|
|
|
# clj-jwt
|
|
|
|
|
2013-05-02 16:04:34 +00:00
|
|
|
[![Build Status](https://travis-ci.org/liquidz/clj-jwt.png?branch=master)](https://travis-ci.org/liquidz/clj-jwt)
|
|
|
|
|
2013-05-02 16:15:27 +00:00
|
|
|
A Clojure library for JSON Web Token(JWT) [draft-jones-json-web-token-10](http://tools.ietf.org/html/draft-jones-json-web-token-10)
|
2013-04-29 13:24:41 +00:00
|
|
|
|
2013-05-02 15:47:25 +00:00
|
|
|
## Supporting algorithms
|
|
|
|
* HS256, HS384, HS512
|
|
|
|
* RS256, RS384, RS512
|
|
|
|
|
2013-05-02 16:15:27 +00:00
|
|
|
## Not supporting
|
|
|
|
* ECDSA algorithm
|
|
|
|
* JSON Web Encryption (JWE)
|
|
|
|
|
2013-04-29 13:24:41 +00:00
|
|
|
## Usage
|
|
|
|
|
2013-05-02 15:47:25 +00:00
|
|
|
### Leiningen
|
|
|
|
```
|
|
|
|
[clj-jwt "0.0.1"]
|
|
|
|
```
|
|
|
|
|
|
|
|
### Generate
|
|
|
|
|
2013-04-29 13:24:41 +00:00
|
|
|
```clojure
|
|
|
|
(ns foo
|
|
|
|
(:require
|
2013-05-02 15:52:40 +00:00
|
|
|
[clj-jwt.core :refer :all]
|
|
|
|
[clj-jwt.rsa.key :refer [rsa-private-key]]
|
|
|
|
[clj-time.core :refer [now plus days]]))
|
2013-04-29 13:24:41 +00:00
|
|
|
|
|
|
|
(def claim
|
|
|
|
{:iss "foo"
|
|
|
|
:exp (plus (now) (days 1))
|
|
|
|
:nbf (now)})
|
|
|
|
|
2013-05-02 15:47:25 +00:00
|
|
|
(def prv-key (rsa-private-key "private.key" "pass phrase"))
|
|
|
|
|
2013-04-29 13:24:41 +00:00
|
|
|
; plain JWT
|
|
|
|
(-> claim jwt to-str)
|
|
|
|
|
2013-05-02 15:47:25 +00:00
|
|
|
; HMAC256 signed JWT
|
|
|
|
(-> claim jwt (sign :HS256 "secret") to-str)
|
|
|
|
|
|
|
|
; RSA256 signed JWT
|
|
|
|
(-> claim jwt (sign :RS256 prv-key) to-str)
|
|
|
|
```
|
|
|
|
|
|
|
|
### Verify
|
|
|
|
|
|
|
|
```clojure
|
|
|
|
(ns foo
|
|
|
|
(:require
|
2013-05-02 15:52:40 +00:00
|
|
|
[clj-jwt.core :refer :all]
|
|
|
|
[clj-jwt.rsa.key :refer [rsa-private-key rsa-public-key]]
|
|
|
|
[clj-time.core :refer [now plus days]]))
|
2013-05-02 15:47:25 +00:00
|
|
|
|
|
|
|
(def claim
|
|
|
|
{:iss "foo"
|
|
|
|
:exp (plus (now) (days 1))
|
|
|
|
:nbf (now)})
|
|
|
|
|
|
|
|
(def prv-key (rsa-private-key "private.key" "pass phrase"))
|
|
|
|
(def pub-key (rsa-public-key "public.key"))
|
|
|
|
|
|
|
|
(let [token (-> claim jwt to-str)]
|
|
|
|
(-> token str->jwt verify))
|
|
|
|
|
|
|
|
(let [token (-> claim jwt (sign :HS256 "secret") to-str)]
|
|
|
|
(-> token str->jwt (verify "secret")))
|
2013-04-29 13:24:41 +00:00
|
|
|
|
2013-05-02 15:47:25 +00:00
|
|
|
(let [token (-> claim jwt (sign :RS256 prv-key) to-str)]
|
|
|
|
(-> token str->jwt (verify pub-key)))
|
2013-04-29 13:24:41 +00:00
|
|
|
```
|
|
|
|
|
|
|
|
## License
|
|
|
|
|
|
|
|
Copyright © 2013 [uochan](http://twitter.com/uochan)
|
|
|
|
|
|
|
|
Distributed under the Eclipse Public License, the same as Clojure.
|