jwto

JWT encoding, decoding and verification
README

Create and encode a signed token

A payload is a list of tuples (string, string):

let payload =
  [
    ("user", "sam");
    ("age", "17");
  ]

For the signature algorithm, Jwto supports HMAC applied to SHA-256 or SHA-512.

We can sign and encode the payload in one go by doing:

Jwto.encode Jwto.HS256 "secret" payload

-->

"eyJhbGciOiJIUzI1NiJ9..."

Decode token

To decode the token without verifying it, and get a Jwto.t:

let signed_token =
  match Jwto.decode "eyJhbGciOiJIUzI1NiJ9..." with
  | Ok t -> t
  | Error err -> failwith err

-->

{ header = ...; payload = [...]; signature = ... }	

Verify token

Jwto.is_valid "secret" signed_token

-->

true

Decode and verify

To decode and verify the token in one go:

Jwto.decode_and_verify "secret" "eyJhbGciOiJIUzI1NiJ9..."

-->

Ok { header = ...; payload = [...]; signature = ... }

If the verification fails, you will get an Error.

Install
Published
05 Oct 2021
Maintainers
Sources
jwto-0.4.0.tbz
sha256=d77316759763070495e6484eb1226d936eb6d3d1aa1126187f512f2efdc86ca3
sha512=4daa12af774b69bf46fe1d61982c3ceba8c4cef08319926b9f639334f12c1624ea1eebe51208f8d5d8d32ea48935eb48e0db1d8679242479e5565e0b2626dcce
Dependencies
odoc
with-doc
alcotest
with-test
re
>= "1.8"
base64
>= "3.1"
yojson
>= "1.6"
fmt
>= "0.8"
digestif
>= "1.0.0"
dune
>= "2.7"
ocaml
>= "4.08.0"
Reverse Dependencies
sihl
< "0.2.0" | >= "0.3.0~rc2"