jose-jwt-0.7: JSON Object Signing and Encryption Library

Safe HaskellNone



High-level JWT encoding and decoding.

Example usage:

>>> import Jose.Jwe
>>> import Jose.Jwa
>>> import Jose.Jwk
>>> import Data.ByteString
>>> import Data.Aeson (decodeStrict)
>>> import Crypto.Random
>>> g <- drgNew
>>> let jsonJwk = "{\"kty\":\"RSA\", \"kid\":\"mykey\", \"n\":\"ofgWCuLjybRlzo0tZWJjNiuSfb4p4fAkd_wWJcyQoTbji9k0l8W26mPddxHmfHQp-Vaw-4qPCJrcS2mJPMEzP1Pt0Bm4d4QlL-yRT-SFd2lZS-pCgNMsD1W_YpRPEwOWvG6b32690r2jZ47soMZo9wGzjb_7OMg0LOL-bSf63kpaSHSXndS5z5rexMdbBYUsLA9e-KXBdQOS-UTo7WTBEMa2R2CapHg665xsmtdVMTBQY4uDZlxvb3qCo5ZwKh9kG4LT6_I5IhlJH7aGhyxXFvUK-DWNmoudF8NAco9_h9iaGNj8q2ethFkMLs91kzk2PAcDTW9gb54h4FRWyuXpoQ\", \"e\":\"AQAB\", \"d\":\"Eq5xpGnNCivDflJsRQBXHx1hdR1k6Ulwe2JZD50LpXyWPEAeP88vLNO97IjlA7_GQ5sLKMgvfTeXZx9SE-7YwVol2NXOoAJe46sui395IW_GO-pWJ1O0BkTGoVEn2bKVRUCgu-GjBVaYLU6f3l9kJfFNS3E0QbVdxzubSu3Mkqzjkn439X0M_V51gfpRLI9JYanrC4D4qAdGcopV_0ZHHzQlBjudU2QvXt4ehNYTCBr6XCLQUShb1juUO1ZdiYoFaFQT5Tw8bGUl_x_jTj3ccPDVZFD9pIuhLhBOneufuBiB4cS98l2SR_RQyGWSeWjnczT0QU91p1DhOVRuOopznQ\"}" :: ByteString
>>> let Just jwk = decodeStrict jsonJwk :: Maybe Jwk
>>> let (Right (Jwt jwtEncoded), g') = withDRG g $ encode [jwk] (JwsEncoding RS256) (Claims "public claims")
>>> let (Right jwtDecoded, g'') = withDRG g' $ Jose.Jwt.decode [jwk] (Just (JwsEncoding RS256)) jwtEncoded
>>> jwtDecoded
Jws (JwsHeader {jwsAlg = RS256, jwsTyp = Nothing, jwsCty = Nothing, jwsKid = Just (KeyId "mykey")},"public claims")



newtype Jwt Source

An encoded JWT.




unJwt :: ByteString

type Jwe = (JweHeader, ByteString) Source

The header and claims of a decoded JWE.

type Jws = (JwsHeader, ByteString) Source

The header and claims of a decoded JWS.

data JwtClaims Source

Registered claims defined in section 4 of the JWT spec.




jwtIss :: !(Maybe Text)
jwtSub :: !(Maybe Text)
jwtAud :: !(Maybe [Text])
jwtExp :: !(Maybe IntDate)
jwtNbf :: !(Maybe IntDate)
jwtIat :: !(Maybe IntDate)
jwtJti :: !(Maybe Text)

data JwtContent Source

A decoded JWT which can be either a JWE or a JWS, or an unsecured JWT.


Unsecured !ByteString 
Jws !Jws 
Jwe !Jwe 

data JwtEncoding Source

Defines the encoding information for a JWT.

Used for both encoding new JWTs and validating existing ones.

data JwtError Source

Decoding errors.


KeyError Text

No suitable key or wrong key type

BadAlgorithm Text

The supplied algorithm is invalid

BadDots Int

Wrong number of "." characters in the JWT

BadHeader Text

Header couldn't be decoded or contains bad data


Claims part couldn't be decoded or contains bad data


Signature is invalid


A cryptographic operation failed

Base64Error String

A base64 decoding error

data Payload Source

The payload to be encoded in a JWT.


Nested Jwt 
Claims ByteString 

encode Source


:: MonadRandom m 
=> [Jwk]

The key or keys. At least one must be consistent with the chosen algorithm

-> JwtEncoding

The encoding algorithm(s) used to encode the payload

-> Payload

The payload (claims)

-> m (Either JwtError Jwt)

The encoded JWT, if successful

Use the supplied JWKs to create a JWT. The list of keys will be searched to locate one which is consistent with the chosen encoding algorithms.

decode Source


:: MonadRandom m 
=> [Jwk]

The keys to use for decoding

-> Maybe JwtEncoding

The expected encoding information

-> ByteString

The encoded JWT

-> m (Either JwtError JwtContent)

The decoded JWT payload, if successful

Uses the supplied keys to decode a JWT. Locates a matching key by header kid value where possible or by suitable key type for the encoding algorithm.

The algorithm(s) used can optionally be supplied for validation by setting the JwtEncoding parameter, in which case an error will be returned if they don't match. If you expect the tokens to use a particular algorithm, then you should set this parameter.

For unsecured tokens (with algorithm "none"), the expected algorithm must be set to Just (JwsEncoding None) or an error will be returned.

decodeClaims :: ByteString -> Either JwtError (JwtHeader, JwtClaims) Source

Convenience function to return the claims contained in a JWT. This is required in situations such as client assertion authentication, where the contents of the JWT may be required in order to work out which key should be used to verify the token. Obviously this should not be used by itself to decode a token since no integrity checking is done and the contents may be forged.