Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/w13b3/redbean-jwt

JSON Web Token for redbean
https://github.com/w13b3/redbean-jwt

cosmopolitan jwt redbean

Last synced: 3 months ago
JSON representation

JSON Web Token for redbean

Host: GitHub
URL: https://github.com/w13b3/redbean-jwt
Owner: w13b3
License: isc
Created: 2022-07-10T07:42:35.000Z (over 2 years ago)
Default Branch: main
Last Pushed: 2022-11-13T17:50:51.000Z (about 2 years ago)
Last Synced: 2024-05-20T12:33:35.831Z (6 months ago)
Topics: cosmopolitan, jwt, redbean
Language: Lua
Homepage:
Size: 39.1 KB
Stars: 18
Watchers: 2
Forks: 1
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-cosmopolitan - redbean-jwt - JSON Web Token for redbean (Redbean / Projects)

README

        # redbean-jwt  _{^{_JSON Web Token for redbean_}}

[![jwt.io badge-compatible](https://jwt.io/img/badge-compatible.svg)](https://jwt.io/)

##### Compatible algorithms

`none`, `HS256`, `HS384` and `HS512`

### What is JSON Web Token?

> JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object.  

> This information can be verified and trusted because it is digitally signed.  

> JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA.  

> _source: [jwt.io/introduction][1]_  

### How to use

Read the [documentation](./doc/)  

### Notes

`jwt.lua` is possible because [redbean][2] 2.0.11 introduced `EncodeJson` and `DecodeJson`.  

Previous versions did not have these functions.  

If `jwt.lua` is needed for a previous version, a bit of work is required to make `jwt.lua` compatible.  

`json.stringify` and `json.parse` in [this gist][3] can be used in place of `EncodeJson` and `DecodeJson`.  

Consider the header & payload to be unencrypted and visible for the whole world.  

So it is recommended not to use it for unencrypted credentials/personal data.  

[`GetCryptoHash`][4] is used to create the JWT signature segment.  

As of writing this, the function expects one of the following strings:  

`MD5`, `SHA1`, `SHA224`, `SHA256`, `SHA384`, `SHA512`, `BLAKE2B256`.  

The `SHA256`, `SHA384`, `SHA512` are equal to `HS256`, `HS384`, `HS512`.  

For compatibility’s sake the received HS algo's are renamed to SHA counterpart by a lookup table.  

It is possible to use the other algorithms in a JWT, but this breaks compatibility.  

### More awesome projects

Check out this collection with [awesome-cosmopolitan][5] projects  

[1]: https://jwt.io/introduction

  

[2]: https://redbean.dev 

  

[3]: https://gist.github.com/tylerneylon/59f4bcf316be525b30ab "tylerneylon"

  

[4]: https://redbean.dev/#GetCryptoHash "redbean.dev"

[5]: https://github.com/shmup/awesome-cosmopolitan "shmup"