package jwto

  1. Overview
  2. Docs
JWT encoding, decoding and verification

Install

Dune Dependency

Authors

Maintainers

Sources

jwto-0.4.0.tbz
sha256=d77316759763070495e6484eb1226d936eb6d3d1aa1126187f512f2efdc86ca3
sha512=4daa12af774b69bf46fe1d61982c3ceba8c4cef08319926b9f639334f12c1624ea1eebe51208f8d5d8d32ea48935eb48e0db1d8679242479e5565e0b2626dcce

Description

JWT encoding, decoding and verification

Published: 05 Oct 2021

README

Ocaml JWT

Create and encode a signed token

A payload is a list of tuples (string, string):

let payload =
  [
    ("user", "sam");
    ("age", "17");
  ]

For the signature algorithm, Jwto supports HMAC applied to SHA-256 or SHA-512.

We can sign and encode the payload in one go by doing:

Jwto.encode Jwto.HS256 "secret" payload

-->

"eyJhbGciOiJIUzI1NiJ9..."

Decode token

To decode the token without verifying it, and get a Jwto.t:

let signed_token =
  match Jwto.decode "eyJhbGciOiJIUzI1NiJ9..." with
  | Ok t -> t
  | Error err -> failwith err

-->

{ header = ...; payload = [...]; signature = ... }	

Verify token

Jwto.is_valid "secret" signed_token

-->

true

Decode and verify

To decode and verify the token in one go:

Jwto.decode_and_verify "secret" "eyJhbGciOiJIUzI1NiJ9..."

-->

Ok { header = ...; payload = [...]; signature = ... }

If the verification fails, you will get an Error.

Dependencies (8)

  1. ppx_deriving >= "4.2"
  2. re >= "1.8"
  3. base64 >= "3.1"
  4. yojson >= "1.6"
  5. fmt >= "0.8"
  6. digestif >= "1.0.0"
  7. dune >= "2.7"
  8. ocaml >= "4.08.0"

Dev Dependencies (2)

  1. odoc with-doc
  2. alcotest with-test

Used by (2)

  1. sihl < "0.2.0" | >= "0.3.0~rc2"
  2. sihl-core

Conflicts

None