Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/kylef/jsonwebtoken.swift

Swift implementation of JSON Web Token (JWT).
https://github.com/kylef/jsonwebtoken.swift

Last synced: 5 days ago
JSON representation

Swift implementation of JSON Web Token (JWT).

Host: GitHub
URL: https://github.com/kylef/jsonwebtoken.swift
Owner: kylef
License: bsd-2-clause
Created: 2015-04-03T01:48:07.000Z (almost 10 years ago)
Default Branch: master
Last Pushed: 2021-06-03T04:10:13.000Z (over 3 years ago)
Last Synced: 2024-12-29T10:05:22.931Z (13 days ago)
Language: Swift
Homepage: http://jwt.io
Size: 179 KB
Stars: 762
Watchers: 22
Forks: 225
Open Issues: 29
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE

Awesome Lists containing this project

README

        # JSON Web Token

[![Build Status](http://img.shields.io/travis/kylef/JSONWebToken.swift/master.svg?style=flat)](https://travis-ci.org/kylef/JSONWebToken.swift)

Swift implementation of [JSON Web Token](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).

## Installation

Swift Pacakage Manager is the recommended installation method for JSONWebToken, [CocoaPods](http://cocoapods.org/) is also supported.

```ruby

pod 'JSONWebToken'

```

**NOTE:** *Carthage may be supported, however support will not be provided for this installation method, use at your own risk if you know how it works.*

## Usage

```swift

import JWT

```

### Encoding a claim

```swift

JWT.encode(claims: ["my": "payload"], algorithm: .hs256("secret".data(using: .utf8)!))

```

#### Encoding a claim set

```swift

var claims = ClaimSet()

claims.issuer = "fuller.li"

claims.issuedAt = Date()

claims["custom"] = "Hi"

JWT.encode(claims: claims, algorithm: .hs256("secret".data(using: .utf8)!))

```

#### Building a JWT with the builder pattern

```swift

JWT.encode(.hs256("secret".data(using: .utf8))) { builder in

  builder.issuer = "fuller.li"

  builder.issuedAt = Date()

  builder["custom"] = "Hi"

}

```

### Decoding a JWT

When decoding a JWT, you must supply one or more algorithms and keys.

```swift

do {

  let claims: ClaimSet = try JWT.decode("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.e30.2_8pWJfyPup0YwOXK7g9Dn0cF1E3pdn299t4hSeJy5w", algorithm: .hs256("secret".data(using: .utf8)!))

  print(claims)

} catch {

  print("Failed to decode JWT: \(error)")

}

```

When the JWT may be signed with one out of many algorithms or keys:

```swift

try JWT.decode("eyJh...5w", algorithms: [

  .hs256("secret".data(using: .utf8)!),

  .hs256("secret2".data(using: .utf8)!),

  .hs512("secure".data(using: .utf8)!)

])

```

You might also want to give your iat, exp and nbf checks some kind of leeway to account for skewed clocks. You can do this by passing a `leeway` parameter like this:

```swift

try JWT.decode("eyJh...5w", algorithm: .hs256("secret".data(using: .utf8)!), leeway: 10)

```

#### Supported claims

The library supports validating the following claims:

- Issuer (`iss`) Claim

- Expiration Time (`exp`) Claim

- Not Before (`nbf`) Claim

- Issued At (`iat`) Claim

- Audience (`aud`) Claim

### Algorithms

This library supports the following algorithms:

- `none` - Unsecured JWTs

- `hs256` - HMAC using SHA-256 hash algorithm (default)

- `hs384` - HMAC using SHA-384 hash algorithm

- `hs512` - HMAC using SHA-512 hash algorithm

## License

JSONWebToken is licensed under the BSD license. See [LICENSE](LICENSE) for more info.