Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/yglukhov/nim-jwt

JWT implementation for nim-lang
https://github.com/yglukhov/nim-jwt

Last synced: about 1 month ago
JSON representation

JWT implementation for nim-lang

Host: GitHub
URL: https://github.com/yglukhov/nim-jwt
Owner: yglukhov
License: mit
Fork: true (ekarlso/nim-jwt)
Created: 2016-12-04T11:18:59.000Z (almost 8 years ago)
Default Branch: master
Last Pushed: 2023-08-05T21:26:20.000Z (about 1 year ago)
Last Synced: 2024-05-03T00:15:48.981Z (4 months ago)
Language: Nim
Size: 57.6 KB
Stars: 51
Watchers: 7
Forks: 11
Open Issues: 3
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        JWT Implementation for Nim [![Build Status](https://github.com/yglukhov/nim-jwt/workflows/CI/badge.svg?branch=master)](https://github.com/yglukhov/nim-jwt/actions?query=branch%3Amaster)

===============================

This is a implementation of JSON Web Tokens for Nim, it allows for the following operations to be performed:

`proc toJWT*(node: JsonNode): JWT` - parse a JSON object representing a JWT token to create a JWT token object.

`proc toJWT*(s: string): JWT` - parse a base64 string to decode it to a JWT token object

`sign*(token: var JWT, secret: string)` - sign a token. Creates a `signature` property on the given token and assigns the signature to it.

`proc verify*(token: JWT, secret: string, alg: SignatureAlgorithm): bool` - verify a token (typically on your incoming requests)

`proc $*(token: JWT): string` - creates a b64url string from the token

## Installation

After installing nim's package manager `nimble` execute this:

`nimble install jwt`

## Example

An example to demonstrate use with a userId

```nim

import jwt, times, json, tables

var secret = "secret"

proc sign(userId: string): string =

  var token = toJWT(%*{

    "header": {

      "alg": "HS256",

      "typ": "JWT"

    },

    "claims": {

      "userId": userId,

      "exp": (getTime() + 1.days).toUnix()

    }

  })

  token.sign(secret)

  result = $token

proc verify(token: string): bool =

  try:

    let jwtToken = token.toJWT()

    result = jwtToken.verify(secret, HS256)

  except InvalidToken:

    result = false

proc decode(token: string): string =

  let jwt = token.toJWT()

  result = $jwt.claims["userId"].node.str

```

Getting google api oauth2 token:

```nim

import jwt, json, times, httpclient, cgi

const email = "[email protected]" # Acquired from google api console

const scope = "https://www.googleapis.com/auth/androidpublisher" # Define needed scope

const privateKey = """

-----BEGIN PRIVATE KEY-----

The key should be Acquired from google api console

-----END PRIVATE KEY-----

"""

var tok = initJWT(

  header = JOSEHeader(alg: RS256, typ: "JWT"),

  claims = toClaims(%*{

  "iss": email,

  "scope": scope,

  "aud": "https://www.googleapis.com/oauth2/v4/token",

  "exp": int(epochTime() + 60 * 60),

  "iat": int(epochTime())

}))

tok.sign(privateKey)

let postdata = "grant_type=" & encodeUrl("urn:ietf:params:oauth:grant-type:jwt-bearer") & "&assertion=" & $tok

proc request(url: string, body: string): string =

  var client = newHttpClient()

  client.headers = newHttpHeaders({ "Content-Length": $body.len, "Content-Type": "application/x-www-form-urlencoded" })

  result = client.postContent(url, body)

  client.close()

let resp = request("https://www.googleapis.com/oauth2/v4/token", postdata).parseJson()

echo "Access token is: ", resp["access_token"].str

```