Safe Haskell | None |
---|---|
Language | Haskell2010 |
JWS HMAC and RSA signed token support.
Example usage with HMAC:
>>>
import Jose.Jws
>>>
import Jose.Jwa
>>>
let Right (Jwt jwt) = hmacEncode HS256 "secretmackey" "public claims"
>>>
jwt
"eyJhbGciOiJIUzI1NiJ9.cHVibGljIGNsYWltcw.GDV7RdBrCYfCtFCZZGPy_sWry4GwfX3ckMywXUyxBsc">>>
hmacDecode "wrongkey" jwt
Left BadSignature>>>
hmacDecode "secretmackey" jwt
Right (JwsHeader {jwsAlg = HS256, jwsTyp = Nothing, jwsCty = Nothing, jwsKid = Nothing},"public claims")
- jwkEncode :: CPRG g => g -> JwsAlg -> Jwk -> Payload -> (Either JwtError Jwt, g)
- hmacEncode :: JwsAlg -> ByteString -> ByteString -> Either JwtError Jwt
- hmacDecode :: ByteString -> ByteString -> Either JwtError Jws
- rsaEncode :: CPRG g => g -> JwsAlg -> PrivateKey -> ByteString -> (Either JwtError Jwt, g)
- rsaDecode :: PublicKey -> ByteString -> Either JwtError Jws
- ecDecode :: PublicKey -> ByteString -> Either JwtError Jws
Documentation
:: CPRG g | |
=> g | |
-> JwsAlg | The algorithm to use |
-> Jwk | The key to sign with |
-> Payload | The public JWT claims |
-> (Either JwtError Jwt, g) | The encoded token, if successful |
Create a JWS signed with a JWK. The key and algorithm must be consistent or an error will be returned.
:: JwsAlg | The MAC algorithm to use |
-> ByteString | The MAC key |
-> ByteString | The public JWT claims (token content) |
-> Either JwtError Jwt | The encoded JWS token |
Create a JWS with an HMAC for validation.
:: ByteString | The HMAC key |
-> ByteString | The JWS token to decode |
-> Either JwtError Jws | The decoded token if successful |
Decodes and validates an HMAC signed JWS.
:: CPRG g | |
=> g | |
-> JwsAlg | The RSA algorithm to use |
-> PrivateKey | The key to sign with |
-> ByteString | The public JWT claims (token content) |
-> (Either JwtError Jwt, g) | The encoded JWS token |
Creates a JWS with an RSA signature.
:: PublicKey | The key to check the signature with |
-> ByteString | The encoded JWS |
-> Either JwtError Jws | The decoded token if successful |
Decode and validate an RSA signed JWS.