libjwt-2.1.0
|
Functions used to create and destroy JWT objects. More...
Functions | |
int | jwt_new (jwt_t **jwt) |
Allocate a new, empty, JWT object. | |
int | jwt_decode (jwt_t **jwt, const char *token, const unsigned char *key, int key_len) |
Decode an existing JWT and allocate a new JWT object from it. | |
int | jwt_decode_2 (jwt_t **jwt, const char *token, jwt_key_p_t key_provider) |
Like jwt_decode(), but the key will be obtained via the key provider. | |
void | jwt_free (jwt_t *jwt) |
Free a JWT object and any other resources it is using. | |
jwt_t * | jwt_dup (jwt_t *jwt) |
Duplicate an existing JWT object. | |
Functions used to create and destroy JWT objects.
Generally, one would use the jwt_new() function to create an object from scratch and jwt_decode() to create and verify and object from an existing token.
Note, when using RSA keys (e.g. with RS256), the key is expected to be a private key in PEM format. If the RSA private key requires a passphrase, the default is to request it on the command line from stdin. However, you can override this using OpenSSL's default_passwd routines. For example, using SSL_CTX_set_default_passwd_cb().
int jwt_decode | ( | jwt_t ** | jwt, |
const char * | token, | ||
const unsigned char * | key, | ||
int | key_len ) |
Decode an existing JWT and allocate a new JWT object from it.
Decodes a JWT string and verifies the signature (if one is supplied). If no signature is used (JWS, alg="none") or key is NULL, then no validation is done other than formatting. It is not suggested to use this on a string that has a signature without passing the key to verify it. If the JWT is encrypted and no key is supplied, an error is returned.
jwt | Pointer to a JWT object pointer. Will be allocated on success. |
token | Pointer to a valid JWT string, nul terminated. |
key | Pointer to the key for validating the JWT signature or for decrypting the token or NULL if no validation is to be performed. |
key_len | The length of the above key. |
int jwt_decode_2 | ( | jwt_t ** | jwt, |
const char * | token, | ||
jwt_key_p_t | key_provider ) |
Like jwt_decode(), but the key will be obtained via the key provider.
Key providers may use all sorts of key management techniques, e.g. can check the "kid" header parameter or download the key pointed to in "x5u"
jwt | Pointer to a JWT object pointer. Will be allocated on success. |
token | Pointer to a valid JWT string, null terminated. |
key_provider | Pointer to a function that will obtain the key for the given JWT. Returns 0 on success or any other value on failure. In the case of an error, the same error value will be returned to the caller. |
Duplicate an existing JWT object.
Copies all grants and algorithm specific bits to a new JWT object.
jwt | Pointer to a JWT object. |
void jwt_free | ( | jwt_t * | jwt | ) |
Free a JWT object and any other resources it is using.
After calling, the JWT object referenced will no longer be valid and its memory will be freed.
jwt | Pointer to a JWT object previously created with jwt_new() or jwt_decode(). |
int jwt_new | ( | jwt_t ** | jwt | ) |
Allocate a new, empty, JWT object.
This is used to create a new object for a JWT. After you have finished with the object, use jwt_free() to clean up the memory used by it.
jwt | Pointer to a JWT object pointer. Will be allocated on success. |