jose-jwt-0.9.0: JSON Object Signing and Encryption Library
Safe HaskellNone
LanguageHaskell2010

Jose.Jws

Description

JWS HMAC and RSA signed token support.

Example usage with HMAC:

>>> import Jose.Jws
>>> import Jose.Jwa
>>> let Right (Jwt jwt) = hmacEncode HS256 "secretmackey" "public claims"
>>> jwt
"eyJhbGciOiJIUzI1NiJ9.cHVibGljIGNsYWltcw.GDV7RdBrCYfCtFCZZGPy_sWry4GwfX3ckMywXUyxBsc"
>>> hmacDecode "wrongkey" jwt
Left BadSignature
>>> hmacDecode "secretmackey" jwt
Right (JwsHeader {jwsAlg = HS256, jwsTyp = Nothing, jwsCty = Nothing, jwsKid = Nothing},"public claims")
Synopsis

Documentation

jwkEncode Source #

Arguments

:: MonadRandom m 
=> JwsAlg

The algorithm to use

-> Jwk

The key to sign with

-> Payload

The public JWT claims

-> m (Either JwtError Jwt)

The encoded token, if successful

Create a JWS signed with a JWK. The key and algorithm must be consistent or an error will be returned.

hmacEncode Source #

Arguments

:: JwsAlg

The MAC algorithm to use

-> ByteString

The MAC key

-> ByteString

The public JWT claims (token content)

-> Either JwtError Jwt

The encoded JWS token

Create a JWS with an HMAC for validation.

hmacDecode Source #

Arguments

:: ByteString

The HMAC key

-> ByteString

The JWS token to decode

-> Either JwtError Jws

The decoded token if successful

Decodes and validates an HMAC signed JWS.

rsaEncode Source #

Arguments

:: MonadRandom m 
=> JwsAlg

The RSA algorithm to use

-> PrivateKey

The key to sign with

-> ByteString

The public JWT claims (token content)

-> m (Either JwtError Jwt)

The encoded JWS token

Creates a JWS with an RSA signature.

rsaDecode Source #

Arguments

:: PublicKey

The key to check the signature with

-> ByteString

The encoded JWS

-> Either JwtError Jws

The decoded token if successful

Decode and validate an RSA signed JWS.

ecDecode Source #

Arguments

:: PublicKey

The key to check the signature with

-> ByteString

The encoded JWS

-> Either JwtError Jws

The decoded token if successful

Decode and validate an EC signed JWS