corsac_jwt library

Lightweight JSON Web Token (JWT) implementation.

Usage

void main() {
  var builder = new JWTBuilder();
  var token = builder
    ..issuer = 'https://api.foobar.com'
    ..expiresAt = new DateTime.now().add(new Duration(minutes: 3))
    ..setClaim('data', {'userId': 836})
    ..getToken(); // returns token without signature

  var signer = new JWTHmacSha256Signer();
  var signedToken = builder.getSignedToken(signer, 'sharedSecret');
  print(signedToken); // prints encoded JWT
  var stringToken = signedToken.toString();

  var decodedToken = new JWT.parse(stringToken);
  // Verify signature:
  print(decodedToken.verify(signer, 'sharedSecret')); // true

  // Validate claims:
  var validator = new JWTValidator() // uses DateTime.now() by default
    ..issuer = 'https://api.foobar.com'; // set claims you wish to validate
  Set<String> errors = validator.validate(decodedToken);
  print(errors); // (empty list)
}

Classes

JWT

JSON Web Token.

JWTBuilder

Builder for JSON Web Tokens.

JWTHmacSha256Signer

Signer implementing HMAC encryption using SHA256 hashing.

JWTRsaSha256Signer

JWTSigner

Signer interface for JWT.

JWTValidator

Validator for JSON Web Tokens.

Exceptions / Errors

JWTError

Error thrown by JWT when parsing tokens from string.