jaguar_jwt library

JWT support for Jaguar.dart web server

This library can be used to generate and process JSON Web Tokens (JWT). For more information about JSON Web Tokens, see RFC 7519.

Currently, only the HMAC SHA-256 algorithm is supported to generate/process a JSON Web Signature (JWS).

To generate a JWT, create a JwtClaim and use issueJwtHS256:

final claimSet = new JwtClaim(
     issuer: 'issuer.example.com',
     subject: 'BD4A3FC4-9861-4171-8640-20C3004BD059',
     audience: <String>['client1.example.com', 'client2.example.com'],
     jwtId: _randomString(32),
     otherClaims: <String, Object>{
       'typ': 'authnresponse',
       'pld': {'k': 'v'}
     },
     maxAge: const Duration(minutes: 5));

// Generate a JWT from the claim set

final token = issueJwtHS256(claimSet, sharedSecret);

To process a JWT, use verifyJwtHS256Signature to verify its signature and to extract a claim set from it, then verify the claim set using the JwtClaim.validate method before using the claims from it.

const _expectedIssuer = 'issuer.example.com';
const _thisClient = 'client1.example.com';

try {
  final claimSet = verifyJwtHS256Signature(token, sharedSecret);

  claimSet.validate(issuer: _expectedIssuer,  audience: _thisClient);

  final tokenIdentifier = claimSet.jwtId;
  final claimSubject = claimSet.subject;
  if (claimSet.containsKey('typ')) {
    final typValue = claimSet['typ'];
    ...
  }
  ...
} on JwtException {
   ...
}

Classes

B64urlEncRfc7515
Implements "Base64url Encoding" as defined RFC 7515. [...]
JwtClaim
An immutable set of claims for a Java Web Token (JWT). [...]

Functions

defaultJWTHeaderCheck(Map<Object, Object> h) → bool
Default JOSE Header checker. [...]
issueJwtHS256(JwtClaim claimSet, String hmacKey) → String
Issues a HMAC SHA-256 signed JWT. [...]
verifyJwtHS256Signature(String token, String hmacKey, { JOSEHeaderCheck headerCheck: defaultJWTHeaderCheck, bool defaultIatExp: true, Duration maxAge: JwtClaim.defaultMaxAge }) JwtClaim
Verifies the signature and extracts the claim set from a JWT. [...]

Typedefs

JOSEHeaderCheck(Map<Object, Object> joseHeader) → bool
Header checking function type used by verifyJwtHS256Signature.

Exceptions / Errors

JwtException
JWT exception thrown when an invalid token is encountered while parsing JWT token.