{"id":13425393,"url":"https://github.com/robbert229/jwt","last_synced_at":"2025-07-28T19:33:19.074Z","repository":{"id":56141784,"uuid":"60483295","full_name":"robbert229/jwt","owner":"robbert229","description":"This is an implementation of JWT in golang!","archived":false,"fork":false,"pushed_at":"2020-11-24T16:31:55.000Z","size":33,"stargazers_count":105,"open_issues_count":8,"forks_count":28,"subscribers_count":9,"default_branch":"master","last_synced_at":"2024-04-22T00:39:10.384Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/robbert229.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-06-05T22:01:37.000Z","updated_at":"2024-01-09T23:20:05.000Z","dependencies_parsed_at":"2022-08-15T13:30:56.065Z","dependency_job_id":null,"html_url":"https://github.com/robbert229/jwt","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/robbert229%2Fjwt","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/robbert229%2Fjwt/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/robbert229%2Fjwt/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/robbert229%2Fjwt/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/robbert229","download_url":"https://codeload.github.com/robbert229/jwt/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":227952055,"owners_count":17846350,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-31T00:01:11.449Z","updated_at":"2024-12-03T16:14:59.874Z","avatar_url":"https://github.com/robbert229.png","language":"Go","funding_links":[],"categories":["Authentication and OAuth","身份验证和OAuth","Authentication \u0026 OAuth","认证和授权","認證和授權","认证和OAuth授权","Web Framework Hardening","Uncategorized","Libraries","\u003cspan id=\"身份验证和oauth-authentication-and-auth\"\u003e身份验证和OAuth Authentication and Auth\u003c/span\u003e"],"sub_categories":["Contents","Go"],"readme":"[![Build Status](https://travis-ci.org/robbert229/jwt.svg?branch=master)](https://travis-ci.org/robbert229/jwt) [![Coverage Status](https://coveralls.io/repos/github/robbert229/jwt/badge.svg?branch=master)](https://coveralls.io/github/robbert229/jwt?branch=master) [![Go Report Card](https://goreportcard.com/badge/github.com/robbert229/jwt)](https://goreportcard.com/report/github.com/robbert229/jwt) [![GoDoc](https://godoc.org/github.com/robbert229/jwt?status.svg)](https://godoc.org/github.com/robbert229/jwt)\n\n# jwt\nThis is a minimal implementation of JWT designed with simplicity in mind.\n\n# What is JWT?\nJwt is a signed JSON object used for claims based authentication. A good resource on what JWT Tokens are is [jwt.io](https://jwt.io/), and in addition you can always read the [RFC](https://tools.ietf.org/html/rfc7519).\n\nThis implementation doesn't fully follow the specs in that it ignores the algorithm claim on the header. It does this due to the security vulnerability in the JWT specs. Details on the vulnerability can be found [here](https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/)\n\n## What algorithms does it support?\n* HS256\n* HS384\n* HS512\n\n## How does it work?\n\n### How to create a token?\nCreating a token is actually pretty easy.\n\nThe first step is to pick a signing method. For demonstration purposes we will choose HSMAC256.\n\n    algorithm :=  jwt.HmacSha256(\"ThisIsTheSecret\")\n   \nNow we need to the claims, and edit some values\n\n    claims := jwt.NewClaim()\n    claims.Set(\"Role\", \"Admin\")\n    \nThen we will need to sign it!\n\n    token, err := algorithm.Encode(claims)\n    if err != nil {\n        panic(err)    \n    }\n    \n### How to authenticate a token?\nAuthenticating a token is quite simple. All we need to do is...\n\n    if algorithm.Validate(token) == nil {\n        //authenticated\n    } \n    \n### How do we get the claims?\nThe claims are stored in a `Claims` struct. To get the claims from a token simply...\n    \n    claims, err := algorithm.Decode(token)\n    if err != nil {\n        panic(err)\n    }\n    _, role := claims.Get(\"Role\")\n    if strings.Compare(role, \"Admin\") {\n        //user is an admin    \n    }\n    \n    \n### How is it different from golang.org/x/oauth2/jwt?\nThis package contains just the logic for `jwt` encoding, decoding, and verification. The `golang.org/x/oauth2/jwt` package does not implement the `jwt` specifications. Instead it is specifically tied to `oauth2`, requiring a `TokenURL`, `email` and can only use a specific algorithm (RSA).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frobbert229%2Fjwt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frobbert229%2Fjwt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frobbert229%2Fjwt/lists"}