jose-jwt-0.4.1: JSON Object Signing and Encryption Library

Safe HaskellNone
LanguageHaskell2010

Jose.Jws

Description

JWS HMAC and RSA signed token support.

Example usage with HMAC:

>>> import Jose.Jws
>>> import Jose.Jwa
>>> let Right (Jwt jwt) = hmacEncode HS256 "secretmackey" "public claims"
>>> jwt
"eyJhbGciOiJIUzI1NiJ9.cHVibGljIGNsYWltcw.GDV7RdBrCYfCtFCZZGPy_sWry4GwfX3ckMywXUyxBsc"
>>> hmacDecode "wrongkey" jwt
Left BadSignature
>>> hmacDecode "secretmackey" jwt
Right (JwsHeader {jwsAlg = HS256, jwsTyp = Nothing, jwsCty = Nothing, jwsKid = Nothing},"public claims")

Synopsis

Documentation

jwkEncode Source

Arguments

:: CPRG g 
=> g 
-> JwsAlg

The algorithm to use

-> Jwk

The key to sign with

-> Payload

The public JWT claims

-> (Either JwtError Jwt, g)

The encoded token, if successful

Create a JWS signed with a JWK. The key and algorithm must be consistent or an error will be returned.

hmacEncode Source

Arguments

:: JwsAlg

The MAC algorithm to use

-> ByteString

The MAC key

-> ByteString

The public JWT claims (token content)

-> Either JwtError Jwt

The encoded JWS token

Create a JWS with an HMAC for validation.

hmacDecode Source

Arguments

:: ByteString

The HMAC key

-> ByteString

The JWS token to decode

-> Either JwtError Jws

The decoded token if successful

Decodes and validates an HMAC signed JWS.

rsaEncode Source

Arguments

:: CPRG g 
=> g 
-> JwsAlg

The RSA algorithm to use

-> PrivateKey

The key to sign with

-> ByteString

The public JWT claims (token content)

-> (Either JwtError Jwt, g)

The encoded JWS token

Creates a JWS with an RSA signature.

rsaDecode Source

Arguments

:: PublicKey

The key to check the signature with

-> ByteString

The encoded JWS

-> Either JwtError Jws

The decoded token if successful

Decode and validate an RSA signed JWS.

ecDecode Source

Arguments

:: PublicKey

The key to check the signature with

-> ByteString

The encoded JWS

-> Either JwtError Jws

The decoded token if successful

Decode and validate an EC signed JWS