jaguar_jwt library

JWT support for Jaguar.dart web server

This library can be used to generate and process JSON Web Tokens (JWT). For more information about JSON Web Tokens, see RFC 7519.

Currently, only the HMAC SHA-256 algorithm is supported to generate/process a JSON Web Signature (JWS).

To generate a JWT, create a JwtClaim and use issueJwtHS256:

final claimSet = JwtClaim(
     issuer: 'issuer.example.com',
     subject: 'BD4A3FC4-9861-4171-8640-20C3004BD059',
     audience: <String>['client1.example.com', 'client2.example.com'],
     jwtId: _randomString(32),
     otherClaims: <String, dynamic>{
       'typ': 'authnresponse',
       'pld': {'k': 'v'}
     },
     maxAge: const Duration(minutes: 5));

// Generate a JWT from the claim set

final token = issueJwtHS256(claimSet, sharedSecret);

To process a JWT, use verifyJwtHS256Signature to verify its signature and to extract a claim set from it, then verify the claim set using the JwtClaim.validate method before using the claims from it.

const _expectedIssuer = 'issuer.example.com';
const _thisClient = 'client1.example.com';

try {
  final claimSet = verifyJwtHS256Signature(token, sharedSecret);

  claimSet.validate(issuer: _expectedIssuer,  audience: _thisClient);

  final tokenIdentifier = claimSet.jwtId;
  final claimSubject = claimSet.subject;
  if (claimSet.containsKey('typ')) {
    final typValue = claimSet['typ'];
    ...
  }
  ...
} on JwtException {
   ...
}

Classes

B64urlEncRfc7515

Implements "Base64url Encoding" as defined RFC 7515.

JwtClaim

An immutable set of claims for a Java Web Token (JWT).

Functions

defaultJWTHeaderCheck(Map<String, dynamic> h) → bool

Default JOSE Header checker.

issueJwtHS256(JwtClaim claimSet, String hmacKey) → String

Issues a HMAC SHA-256 signed JWT.

verifyJwtHS256Signature(String token, String hmacKey, {JOSEHeaderCheck? headerCheck = defaultJWTHeaderCheck, bool defaultIatExp = true, Duration maxAge = JwtClaim.defaultMaxAge}) → JwtClaim

Verifies the signature and extracts the claim set from a JWT.

Typedefs

JOSEHeaderCheck = bool Function(Map<String, dynamic> joseHeader)

Header checking function type used by verifyJwtHS256Signature.

Exceptions / Errors

JwtException

JWT exception thrown when an invalid token is encountered while parsing JWT token.