View Source JWT.Jws (yajwt v1.4.2)
Represent content to be secured with digital signatures or Message Authentication Codes (MACs)
Summary
Functions
Return a JSON Web Signature (JWS), a string representing a digitally signed payload
Return a JWS that provides no integrity protection (i.e. lacks a signature)
Return a tuple {:ok, jws_parts} if the signature is verified, or {:error, exception} otherwise
Return jws parts if the signature is verified, raises error otherwise
Functions
Return a JSON Web Signature (JWS), a string representing a digitally signed payload
Example
iex> key = "gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr9C"
...> JWT.Jws.sign(%{alg: "HS256"}, "payload", key)
"eyJhbGciOiJIUzI1NiJ9.cGF5bG9hZA.uVTaOdyzp_f4mT_hfzU8LnCzdmlVC4t2itHDEYUZym4"
Return a JWS that provides no integrity protection (i.e. lacks a signature)
Example
iex> JWT.Jws.unsecured_message(%{alg: "none"}, "payload")
"eyJhbGciOiJub25lIn0.cGF5bG9hZA."
Return a tuple {:ok, jws_parts} if the signature is verified, or {:error, exception} otherwise
Example
iex> jws = "eyJhbGciOiJIUzI1NiJ9.cGF5bG9hZA.uVTaOdyzp_f4mT_hfzU8LnCzdmlVC4t2itHDEYUZym4"
...> key = "gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr9C"
...> JWT.Jws.verify(jws, "HS256", key)
{:ok, ["eyJhbGciOiJIUzI1NiJ9", "cGF5bG9hZA", "uVTaOdyzp_f4mT_hfzU8LnCzdmlVC4t2itHDEYUZym4"]}
iex> jws = "eyJhbGciOiJIUzI1NiJ9.cGF5bG9hZA.uVTaOdyzp_f4mT_hfzU8LnCzdmlVC4t2itHDEYUZym4"
...> key = "invalid-key-invalid-key-invalid-key"
...> JWT.Jws.verify(jws, "HS256", key)
{:error, JWT.InvalidSignatureError}
iex> jws = "eyJhbGciOiJIUzI1NiJ9.modified-content.uVTaOdyzp_f4mT_hfzU8LnCzdmlVC4t2itHDEYUZym4"
...> key = "gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr9C"
...> JWT.Jws.verify(jws, "HS256", key)
{:error, JWT.InvalidSignatureError}
iex> jws = "eyJhb%%%%%%%%%%%%%%%.cGF5bG9hZA.uVTaOdyzp_f4mT_hfzU8LnCzdmlVC4t2itHDEYUZym4"
...> key = "gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr9C"
...> JWT.Jws.verify(jws, "HS256", key)
{:error, JWT.DecodeError}
iex> jws = "eyJhbGciOiJIUzI1NiJ9.uVTaOdyzp_f4mT_hfzU8LnCzdmlVC4t2itHDEYUZym4"
...> key = nil
...> JWT.Jws.verify(jws, "HS256", key)
{:error, JWT.MissingKeyError}
iex> jws = "eyJhbGciOiJIUzI1NiJ9.cGF5bG9hZA.uVTaOdyzp_f4mT_hfzU8LnCzdmlVC4t2itHDEYUZym4"
...> key = "gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr9C"
...> JWT.Jws.verify(jws, "%%%%%", key)
{:error, JWT.UnmatchedAlgorithmError}
Return jws parts if the signature is verified, raises error otherwise
Example
iex> jws = "eyJhbGciOiJIUzI1NiJ9.cGF5bG9hZA.uVTaOdyzp_f4mT_hfzU8LnCzdmlVC4t2itHDEYUZym4"
...> key = "gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr9C"
...> JWT.Jws.verify!(jws, "HS256", key)
["eyJhbGciOiJIUzI1NiJ9", "cGF5bG9hZA", "uVTaOdyzp_f4mT_hfzU8LnCzdmlVC4t2itHDEYUZym4"]
iex> jws = "eyJhbGciOiJIUzI1NiJ9.cGF5bG9hZA.uVTaOdyzp_f4mT_hfzU8LnCzdmlVC4t2itHDEYUZym4"
...> key = "invalid-key-invalid-key-invalid-key"
...> JWT.Jws.verify!(jws, "HS256", key)
** (JWT.InvalidSignatureError) Invalid Signature
iex> jws = "eyJhbGciOiJIUzI1NiJ9.modified-content.uVTaOdyzp_f4mT_hfzU8LnCzdmlVC4t2itHDEYUZym4"
...> key = "gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr9C"
...> JWT.Jws.verify!(jws, "HS256", key)
** (JWT.InvalidSignatureError) Invalid Signature
iex> jws = "eyJhb%%%%%%%%%%%%%%%.cGF5bG9hZA.uVTaOdyzp_f4mT_hfzU8LnCzdmlVC4t2itHDEYUZym4"
...> key = "gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr9C"
...> JWT.Jws.verify!(jws, "HS256", key)
** (JWT.DecodeError) Failed to decode base64 string
iex> jws = "eyJhbGciOiJIUzI1NiJ9.uVTaOdyzp_f4mT_hfzU8LnCzdmlVC4t2itHDEYUZym4"
...> key = nil
...> JWT.Jws.verify!(jws, "HS256", key)
** (JWT.MissingKeyError) Key is required for all algorithms but 'none'
iex> jws = "eyJhbGciOiJIUzI1NiJ9.cGF5bG9hZA.uVTaOdyzp_f4mT_hfzU8LnCzdmlVC4t2itHDEYUZym4"
...> key = "gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr9C"
...> JWT.Jws.verify!(jws, "%%%%%", key)
** (JWT.UnmatchedAlgorithmError) Algorithm not matching 'alg' header parameter