jose_utils v0.1.0 JOSEUtils.JWS View Source
Convenience functions to work with signed JWTs
Link to this section Summary
Types
Serialized JWS signed token
Functions
Verifies the signature of a JWS, and returns its content and the signature key
Link to this section Types
Serialized JWS signed token
For instance:
"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
Link to this section Functions
Link to this function
verify(jws, jwk, allowed_algs)
View Sourceverify( jws :: serialized(), jwk_or_jwks :: JOSEUtils.JWK.t() | [JOSEUtils.JWK.t()], allowed_algs :: [JOSEUtils.JWA.sig_alg()] ) :: {:ok, {verified_content :: binary(), JOSEUtils.JWK.t()}} | :error
Verifies the signature of a JWS, and returns its content and the signature key
The function also filters the key using JOSEUtils.JWKS.verification_keys/2
with the
whitelisted signature algorithms. If the JWS has an identifier ("kid"
), it only uses
that specific key.
Example
iex> JOSE.crypto_fallback(true)
iex> jwk_ed25519 = JOSE.JWK.generate_key({:okp, :Ed25519})
iex> jwk_ed25519_map = jwk_ed25519 |> JOSE.JWK.to_map() |> elem(1)
iex> signed_ed25519 = JOSE.JWS.sign(jwk_ed25519, "{}", %{ "alg" => "Ed25519" }) |> JOSE.JWS.compact |> elem(1)
iex> JOSEUtils.JWS.verify(signed_ed25519, jwk_ed25519_map, ["RS256"])
:error
iex> JOSEUtils.JWS.verify(signed_ed25519, jwk_ed25519_map, ["Ed25519"]) |> elem(0)
:ok