package jwto

  1. Overview
  2. Docs
JWT encoding, decoding and verification

Install

Dune Dependency

Authors

Maintainers

Sources

jwto-0.4.0.tbz
sha256=d77316759763070495e6484eb1226d936eb6d3d1aa1126187f512f2efdc86ca3
sha512=4daa12af774b69bf46fe1d61982c3ceba8c4cef08319926b9f639334f12c1624ea1eebe51208f8d5d8d32ea48935eb48e0db1d8679242479e5565e0b2626dcce

README.md.html

Ocaml JWT

Create and encode a signed token

A payload is a list of tuples (string, string):

let payload =
  [
    ("user", "sam");
    ("age", "17");
  ]

For the signature algorithm, Jwto supports HMAC applied to SHA-256 or SHA-512.

We can sign and encode the payload in one go by doing:

Jwto.encode Jwto.HS256 "secret" payload

-->

"eyJhbGciOiJIUzI1NiJ9..."

Decode token

To decode the token without verifying it, and get a Jwto.t:

let signed_token =
  match Jwto.decode "eyJhbGciOiJIUzI1NiJ9..." with
  | Ok t -> t
  | Error err -> failwith err

-->

{ header = ...; payload = [...]; signature = ... }	

Verify token

Jwto.is_valid "secret" signed_token

-->

true

Decode and verify

To decode and verify the token in one go:

Jwto.decode_and_verify "secret" "eyJhbGciOiJIUzI1NiJ9..."

-->

Ok { header = ...; payload = [...]; signature = ... }

If the verification fails, you will get an Error.

OCaml

Innovation. Community. Security.