Project

jwt-rb

0.0
No commit activity in last 3 years
No release in over 3 years
Ruby gem to encode/ decode JWT
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Development

~> 1.6
>= 0
>= 0

Runtime

>= 0
 Project Readme

Jwt-rb

Code Climate Build Status Gem Version

Installation

Add this line to your application's Gemfile

gem 'jwt-rb'

And then execute:

$ bundle

Or install it yourself as:

$ gem install jwt-rb

Then you just need to require it where needed:

require 'jwt'

Usage

jwt-rb has two methods, one for encoding, one for decoding:

###JWT.encode(payload, key, options)

payload is a hash which contains the data we want to embed into the token.

key could be a secret string to use in HMAC algorithms or a private key for RSA algorithms.

options:

  • algorithm: Algorithm to use, default is HS256.
  • claims (They are optional):
    • exp: Time until the token expires, in seconds.
    • aud: Intended audience of the token.
    • iss: Identifies the issuer of the token.

####Examples:

Basic token:

token = JWT.encode({ hello: 'world' }, 'thisismysecret')

Token with expiration (24 hours):

token = JWT.encode({ hello: 'world' }, 'thisismysecret', claims: { exp: 86400 })

Token with RSA key:

private_key = OpenSSL::PKey::RSA.generate(512)
token = JWT.encode({ hello: 'world' }, key, algorithm: 'RS256')

###JWT.decode(token, key, options)

token is the JWT string we encoded before.

key could be a secret string to use in HMAC algorithms or a private key for RSA algorithms.

options:

  • algorithm : Algorithm to be used to verify the token.
  • claims:
    • aud: Audience of the token to verify if it matches with the token.
    • iss: Issuer of the token to verify if it matches with the token.

####Examples:

Basic decoding:

jwt = 'string containing real jwt token'
payload, header = JWT.decode(jwt, 'thisismysecret')

Decoding with RSA:

# private key used to sign the token
private_key = OpenSSL::PKey::RSA.generate(512)
jwt = 'string containing real jwt token'
payload, header = JWT.decode(jwt, private_key.public_key, algorithm: 'RS256')

Decoding a token with claims:

jwt = 'string containing real jwt token'
payload, header = JWT.decode(jwt, 'thisismysecret', claims: { aud: 'foo' })

###Supported Algorithms

Algorithm parameter Algorithm used
HS256 HMAC using SHA-256 algorithm
HS384 HMAC using SHA-384 algorithm
HS512 HMAC using SHA-512 algorithm
RS256 RSA using SHA-256 algorithm
RS384 RSA using SHA-384 algorithm
RS512 RSA using SHA-512 algorithm

Contributing

  1. Fork it ( https://github.com/chupipandi/jwt-rb/fork )
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create a new Pull Request

License

MIT