libjwt-2.1.0
jwt.h
Go to the documentation of this file.
1/* Copyright (C) 2015-2024 Ben Collins <bcollins@maclara-llc.com>
2 This file is part of the JWT C Library
3
4 SPDX-License-Identifier: MPL-2.0
5 This Source Code Form is subject to the terms of the Mozilla Public
6 License, v. 2.0. If a copy of the MPL was not distributed with this
7 file, You can obtain one at http://mozilla.org/MPL/2.0/. */
8
14#ifndef JWT_H
15#define JWT_H
16
17#include <stdio.h>
18#include <time.h>
19
20#ifdef _MSC_VER
21
22 #define DEPRECATED(func) __declspec(deprecated) func
23
24 #define alloca _alloca
25 #define strcasecmp _stricmp
26 #define strdup _strdup
27
28 #ifdef JWT_DLL_CONFIG
29 #ifdef JWT_BUILD_SHARED_LIBRARY
30 #define JWT_EXPORT __declspec(dllexport)
31 #else
32 #define JWT_EXPORT __declspec(dllimport)
33 #endif
34 #else
35 #define JWT_EXPORT
36 #endif
37
38#else
39
40 #define DEPRECATED(func) func __attribute__ ((deprecated))
41 #define JWT_EXPORT
42
43#endif
44
45#ifdef __cplusplus
46extern "C" {
47#endif
48
50typedef struct jwt jwt_t;
51
53typedef struct jwt_valid jwt_valid_t;
54
74
75#define JWT_ALG_INVAL JWT_ALG_TERM
76
78#define JWT_VALIDATION_SUCCESS 0x0000
79#define JWT_VALIDATION_ERROR 0x0001 /* General failures */
80#define JWT_VALIDATION_ALG_MISMATCH 0x0002
81#define JWT_VALIDATION_EXPIRED 0x0004
82#define JWT_VALIDATION_TOO_NEW 0x0008
83#define JWT_VALIDATION_ISS_MISMATCH 0x0010
84#define JWT_VALIDATION_SUB_MISMATCH 0x0020
85#define JWT_VALIDATION_AUD_MISMATCH 0x0040
86#define JWT_VALIDATION_GRANT_MISSING 0x0080
87#define JWT_VALIDATION_GRANT_MISMATCH 0x0100
88
90typedef void *(*jwt_malloc_t)(size_t);
91typedef void *(*jwt_realloc_t)(void *, size_t);
92typedef void (*jwt_free_t)(void *);
93
95typedef struct {
96 const unsigned char *jwt_key;
98} jwt_key_t;
99
101typedef int (*jwt_key_p_t)(const jwt_t *, jwt_key_t *);
102
103
126const char *jwt_get_crypto_ops(void);
127
137int jwt_set_crypto_ops(const char *opname);
138
168
196JWT_EXPORT int jwt_decode(jwt_t **jwt, const char *token,
197 const unsigned char *key, int key_len);
198
215JWT_EXPORT int jwt_decode_2(jwt_t **jwt, const char *token, jwt_key_p_t key_provider);
216
227
238
264JWT_EXPORT const char *jwt_get_grant(jwt_t *jwt, const char *grant);
265
282JWT_EXPORT long jwt_get_grant_int(jwt_t *jwt, const char *grant);
283
300JWT_EXPORT int jwt_get_grant_bool(jwt_t *jwt, const char *grant);
301
315JWT_EXPORT char *jwt_get_grants_json(jwt_t *jwt, const char *grant);
316
335JWT_EXPORT int jwt_add_grant(jwt_t *jwt, const char *grant, const char *val);
336
354JWT_EXPORT int jwt_add_grant_int(jwt_t *jwt, const char *grant, long val);
355
373JWT_EXPORT int jwt_add_grant_bool(jwt_t *jwt, const char *grant, int val);
374
387JWT_EXPORT int jwt_add_grants_json(jwt_t *jwt, const char *json);
388
401JWT_EXPORT int jwt_del_grants(jwt_t *jwt, const char *grant);
402
428JWT_EXPORT const char *jwt_get_header(jwt_t *jwt, const char *header);
429
446JWT_EXPORT long jwt_get_header_int(jwt_t *jwt, const char *header);
447
464JWT_EXPORT int jwt_get_header_bool(jwt_t *jwt, const char *header);
465
479JWT_EXPORT char *jwt_get_headers_json(jwt_t *jwt, const char *header);
480
499JWT_EXPORT int jwt_add_header(jwt_t *jwt, const char *header, const char *val);
500
518JWT_EXPORT int jwt_add_header_int(jwt_t *jwt, const char *header, long val);
519
537JWT_EXPORT int jwt_add_header_bool(jwt_t *jwt, const char *header, int val);
538
551JWT_EXPORT int jwt_add_headers_json(jwt_t *jwt, const char *json);
552
565JWT_EXPORT int jwt_del_headers(jwt_t *jwt, const char *header);
566
596JWT_EXPORT int jwt_dump_fp(jwt_t *jwt, FILE *fp, int pretty);
597
616JWT_EXPORT char *jwt_dump_str(jwt_t *jwt, int pretty);
617
630JWT_EXPORT char *jwt_dump_grants_str(jwt_t *jwt, int pretty);
631
643JWT_EXPORT int jwt_encode_fp(jwt_t *jwt, FILE *fp);
644
657
664JWT_EXPORT void jwt_free_str(char *str);
665
693JWT_EXPORT int jwt_set_alg(jwt_t *jwt, jwt_alg_t alg, const unsigned char *key, int len);
694
704
715
728
762
771
798JWT_EXPORT unsigned int jwt_validate(jwt_t *jwt, jwt_valid_t *jwt_valid);
799
813
824
836
844
852
866JWT_EXPORT int jwt_valid_add_grant(jwt_valid_t *jwt_valid, const char *grant, const char *val);
867
884JWT_EXPORT const char *jwt_valid_get_grant(jwt_valid_t *jwt_valid, const char *grant);
885
898JWT_EXPORT int jwt_valid_add_grant_int(jwt_valid_t *jwt_valid, const char *grant, long val);
899
916JWT_EXPORT long jwt_valid_get_grant_int(jwt_valid_t *jwt_valid, const char *grant);
917
935JWT_EXPORT int jwt_valid_add_grant_bool(jwt_valid_t *jwt_valid, const char *grant, int val);
936
953JWT_EXPORT int jwt_valid_get_grant_bool(jwt_valid_t *jwt_valid, const char *grant);
954
965JWT_EXPORT int jwt_valid_add_grants_json(jwt_valid_t *jwt_valid, const char *json);
966
979JWT_EXPORT char* jwt_valid_get_grants_json(jwt_valid_t *jwt_valid, const char *grant);
980
993JWT_EXPORT int jwt_valid_del_grants(jwt_valid_t *jwt_valid, const char *grant);
994
1005JWT_EXPORT int jwt_valid_set_now(jwt_valid_t *jwt_valid, const time_t now);
1006
1015JWT_EXPORT int jwt_valid_set_nbf_leeway(jwt_valid_t *jwt_valid, const time_t nbf_leeway);
1016
1025JWT_EXPORT int jwt_valid_set_exp_leeway(jwt_valid_t *jwt_valid, const time_t exp_leeway);
1026
1041
1055JWT_EXPORT char *jwt_exception_str(unsigned int exceptions);
1056
1059#ifdef __cplusplus
1060}
1061#endif
1062
1063#endif /* JWT_H */
jwt_alg_t jwt_get_alg(const jwt_t *jwt)
Get the jwt_alg_t set for this JWT object.
int jwt_set_alg(jwt_t *jwt, jwt_alg_t alg, const unsigned char *key, int len)
Set an algorithm from jwt_alg_t for this JWT object.
const char * jwt_alg_str(jwt_alg_t alg)
Convert alg type to it's string representation.
jwt_alg_t jwt_str_alg(const char *alg)
Convert alg string to type.
const char * jwt_get_crypto_ops(void)
Retrieve the name of the current crypto operations being used.
int jwt_set_crypto_ops(const char *opname)
Set the crypto operations to the named set.
char * jwt_encode_str(jwt_t *jwt)
Fully encode a JWT object and return as a string.
char * jwt_dump_str(jwt_t *jwt, int pretty)
Return plain text representation as a string.
void jwt_free_str(char *str)
Free a string returned from the library.
char * jwt_dump_grants_str(jwt_t *jwt, int pretty)
Return plain text representation of grants as a string.
int jwt_encode_fp(jwt_t *jwt, FILE *fp)
Fully encode a JWT object and write it to FILE.
int jwt_dump_fp(jwt_t *jwt, FILE *fp, int pretty)
Output plain text representation to a FILE pointer.
int jwt_add_grants_json(jwt_t *jwt, const char *json)
Add grants from a JSON encoded object string.
int jwt_del_grants(jwt_t *jwt, const char *grant)
Delete a grant from this JWT object.
const char * jwt_get_grant(jwt_t *jwt, const char *grant)
Return the value of a string grant.
int jwt_get_grant_bool(jwt_t *jwt, const char *grant)
Return the value of an boolean grant.
int jwt_add_grant(jwt_t *jwt, const char *grant, const char *val)
Add a new string grant to this JWT object.
char * jwt_get_grants_json(jwt_t *jwt, const char *grant)
Return the value of a grant as JSON encoded object string.
int jwt_add_grant_bool(jwt_t *jwt, const char *grant, int val)
Add a new boolean grant to this JWT object.
long jwt_get_grant_int(jwt_t *jwt, const char *grant)
Return the value of an integer grant.
int jwt_add_grant_int(jwt_t *jwt, const char *grant, long val)
Add a new integer grant to this JWT object.
int jwt_add_header(jwt_t *jwt, const char *header, const char *val)
Add a new string header to this JWT object.
int jwt_add_header_int(jwt_t *jwt, const char *header, long val)
Add a new integer header to this JWT object.
int jwt_add_headers_json(jwt_t *jwt, const char *json)
Add headers from a JSON encoded object string.
int jwt_add_header_bool(jwt_t *jwt, const char *header, int val)
Add a new boolean header to this JWT object.
int jwt_get_header_bool(jwt_t *jwt, const char *header)
Return the value of an boolean header.
char * jwt_get_headers_json(jwt_t *jwt, const char *header)
Return the value of a header as JSON encoded object string.
const char * jwt_get_header(jwt_t *jwt, const char *header)
Return the value of a string header.
long jwt_get_header_int(jwt_t *jwt, const char *header)
Return the value of an integer header.
int jwt_del_headers(jwt_t *jwt, const char *header)
Delete a header from this JWT object.
int jwt_set_alloc(jwt_malloc_t pmalloc, jwt_realloc_t prealloc, jwt_free_t pfree)
Set functions to be used for allocating and freeing memory.
void jwt_get_alloc(jwt_malloc_t *pmalloc, jwt_realloc_t *prealloc, jwt_free_t *pfree)
Get functions used for allocating and freeing memory.
int jwt_decode(jwt_t **jwt, const char *token, const unsigned char *key, int key_len)
Decode an existing JWT and allocate a new JWT object from it.
int jwt_decode_2(jwt_t **jwt, const char *token, jwt_key_p_t key_provider)
Like jwt_decode(), but the key will be obtained via the key provider.
int jwt_new(jwt_t **jwt)
Allocate a new, empty, JWT object.
jwt_t * jwt_dup(jwt_t *jwt)
Duplicate an existing JWT object.
void jwt_free(jwt_t *jwt)
Free a JWT object and any other resources it is using.
const char * jwt_valid_get_grant(jwt_valid_t *jwt_valid, const char *grant)
Return the value of a string required grant.
time_t jwt_valid_get_exp_leeway(jwt_valid_t *jwt_valid)
Return the exp_leeway value set.
int jwt_valid_set_exp_leeway(jwt_valid_t *jwt_valid, const time_t exp_leeway)
Set the exp_leeway value as defined in: https://www.rfc-editor.org/rfc/rfc7519#section-4....
int jwt_valid_add_grant_int(jwt_valid_t *jwt_valid, const char *grant, long val)
Add a new integer grant requirement to this JWT validation object.
int jwt_valid_set_nbf_leeway(jwt_valid_t *jwt_valid, const time_t nbf_leeway)
Set the nbf_leeway value as defined in: https://www.rfc-editor.org/rfc/rfc7519#section-4....
void jwt_valid_free(jwt_valid_t *jwt_valid)
Free a JWT validation object and any other resources it is using.
unsigned int jwt_valid_get_status(jwt_valid_t *jwt_valid)
Return the status string for the validation object.
int jwt_valid_del_grants(jwt_valid_t *jwt_valid, const char *grant)
Delete a grant from this JWT object.
int jwt_valid_add_grants_json(jwt_valid_t *jwt_valid, const char *json)
Add required grants from a JSON encoded object string.
long jwt_valid_get_grant_int(jwt_valid_t *jwt_valid, const char *grant)
Return the value of an integer required grant.
char * jwt_exception_str(unsigned int exceptions)
Parses exceptions and returns a comma delimited and human-readable string.
int jwt_valid_set_headers(jwt_valid_t *jwt_valid, int hdr)
Set validation for replicated claims in headers.
int jwt_valid_add_grant(jwt_valid_t *jwt_valid, const char *grant, const char *val)
Add a new string grant requirement to this JWT validation object.
int jwt_valid_get_grant_bool(jwt_valid_t *jwt_valid, const char *grant)
Return the value of an boolean required grant.
char * jwt_valid_get_grants_json(jwt_valid_t *jwt_valid, const char *grant)
Return the value of a grant as JSON encoded object string.
int jwt_valid_set_now(jwt_valid_t *jwt_valid, const time_t now)
Set the time for which expires and not-before claims should be evaluated.
int jwt_valid_new(jwt_valid_t **jwt_valid, jwt_alg_t alg)
Allocate a new, JWT validation object.
unsigned int jwt_validate(jwt_t *jwt, jwt_valid_t *jwt_valid)
Validate a JWT object with a validation object.
int jwt_valid_add_grant_bool(jwt_valid_t *jwt_valid, const char *grant, int val)
Add a new boolean required grant to this JWT validation object.
time_t jwt_valid_get_nbf_leeway(jwt_valid_t *jwt_valid)
Return the nbf_leeway value set.
#define JWT_EXPORT
Definition jwt.h:41
jwt_alg
JWT algorithm types.
Definition jwt.h:56
@ JWT_ALG_NONE
Definition jwt.h:57
@ JWT_ALG_PS384
Definition jwt.h:68
@ JWT_ALG_RS384
Definition jwt.h:62
@ JWT_ALG_HS512
Definition jwt.h:60
@ JWT_ALG_PS512
Definition jwt.h:69
@ JWT_ALG_ES256K
Definition jwt.h:70
@ JWT_ALG_ES256
Definition jwt.h:64
@ JWT_ALG_ES512
Definition jwt.h:66
@ JWT_ALG_TERM
Definition jwt.h:72
@ JWT_ALG_RS256
Definition jwt.h:61
@ JWT_ALG_HS256
Definition jwt.h:58
@ JWT_ALG_EDDSA
Definition jwt.h:71
@ JWT_ALG_RS512
Definition jwt.h:63
@ JWT_ALG_PS256
Definition jwt.h:67
@ JWT_ALG_ES384
Definition jwt.h:65
@ JWT_ALG_HS384
Definition jwt.h:59
int(* jwt_key_p_t)(const jwt_t *, jwt_key_t *)
Key provider - inspects the JWT to obtain the key used to verify the signature.
Definition jwt.h:101
struct jwt jwt_t
Opaque JWT object.
Definition jwt.h:50
struct jwt_valid jwt_valid_t
Opaque JWT validation object.
Definition jwt.h:53
void(* jwt_free_t)(void *)
Definition jwt.h:92
enum jwt_alg jwt_alg_t
JWT algorithm types.
void *(* jwt_malloc_t)(size_t)
JWT Memory allocation overrides.
Definition jwt.h:90
void *(* jwt_realloc_t)(void *, size_t)
Definition jwt.h:91
Structure used by key provider to return a key.
Definition jwt.h:95
const unsigned char * jwt_key
Definition jwt.h:96
int jwt_key_len
Definition jwt.h:97