Project

jwt_claims

0.0
No commit activity in last 3 years
No release in over 3 years
Modular implementation of JSON Web Token (JWT) Claims
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Development

~> 1.13
~> 0.10
~> 10.0
~> 3.0
~> 0.12
~> 1.3
~> 0.9

Runtime

 Project Readme

JWT Claims travis yard docs code climate

Verification of a JWT (JSON Web Token) Claims Set for Ruby

Description

A Ruby implementation of the JSON Web Token (JWT) registered claims, RFC 7519

Installation

gem install jwt_claims

Usage

JwtClaims.verify(jwt, options)

Returns a hash, either:

  • {:ok, claims}, a JWT claims set hash, if the JWT Message Authentication Code (MAC), or signature, is verified and the registered claims are also verified
  • {:error, [rejected_claims]}, a list of any registered claims that fail validation, if the JWT MAC is verified
  • {:error, 'invalid JWT'} if the JWT MAC is not verified
  • {:error, 'invalid input'} otherwise

jwt (required) is a JSON web token string

options (required) hash

  • alg (optional, default: 'HS256')
  • key (required unless alg is 'none')

Please refer to the JSON Web Token gem for additional guidance regarding JWT options

Example

# An example using the 'Expires' `exp` claim (10 years for this example).
> jwt = JsonWebToken.sign({foo: 'bar', exp: Time.now.to_i + 315360000}, key: 'gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr9C')
#=> "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJmb28iOiJiYXIiLCJleHAiOjE3OTEyMjc1MTl9.7cT7PzsT8Jv0VQIxokjk3sUqzJCxBR4h3W2uACQ-tW0"

# Verify with default algorithm, HMAC SHA256
# Returns a hash of `{:ok, verified_claims}`
> JwtClaims.verify(jwt, key: 'gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr9C')
#=> {:ok=>{:foo=>"bar", :exp=>1475870843}}

Supported registered claims

JWT claim key a valid claim value must
Issuer :iss equal options[:iss]
Subject :sub equal options[:sub]
Audience :aud include options[:aud]
Expiration Time :exp be > current time
Not Before :nbf be <= current time
Issued at :iat be < current time
JWT ID :jti equal options[:jti]

Additional detail about JWT registered claims is found in this section of the JWT RFC

Supported Ruby versions

Ruby 2.0.0 and up