Skip to content

Latest commit

 

History

History
203 lines (170 loc) · 4.9 KB

README.md

File metadata and controls

203 lines (170 loc) · 4.9 KB

LazJWT

Lazarus implementation of JWT - https://jwt.io/

Claims

Algorithms Supported
iss ✔️
sub ✔️
aud ✔️
exp ✔️
nbf ✔️
iat ✔️
jti ✔️

Signing algorithms

Algorithms Supported
HS256 ✔️
HS384 ✔️
HS512 ✔️
RS256
RS384
RS512
ES256
ES384
ES512
ES256K

⭕ Prerequisites

  • hashlib4pascal - is an Object Pascal hashing library released under the permissive MIT License which provides an easy to use interface for computing hashes and checksums of data. It also supports state based (incremental) hashing.

⚙️ Installation

Installation is done using the boss install command:

boss install https://github.com/andre-djsystem/LazJWT

Manual installation

If you choose to install manually, simply add the following folders to your project, in Project > Project Options > Paths > Other unit files (-Fu) > Include file search path

../LazJWT/src
../HashLib/src/Base
../HashLib/src/Checksum
../HashLib/src/Crypto
../HashLib/src/Hash128
../HashLib/src/Hash32
../HashLib/src/Hash64
../HashLib/src/Include
../HashLib/src/Interfaces
../HashLib/src/KDF
../HashLib/src/NullDigest
../HashLib/src/Nullable
../HashLib/src/Packages
../HashLib/src/Utils

⚡️ Quickstart

Creating a token

  • With default Claims
uses
  LazJWT;
  
var
  LResult: String;
begin
  LResult := TLazJWT
               .New
               .SecretJWT('your-256-bit-secret')
               .Iss('1234567890')
               .Sub('1234567890')
               .Aud('123456')
               .Exp(1516239022)
               .Nbf(1516239022)
               .Iat(1516239022)
               .JTI('123456')
               .Token; 
end;   
  • With Custom Claims
uses
  LazJWT;
  
var
  LResult: String;
begin
  LResult := TLazJWT
               .New
               .SecretJWT('your-256-bit-secret')
               .Iss('1234567890')
               .Sub('1234567890')
               .Aud('123456')
               .Exp(1516239022)
               .Nbf(1516239022)
               .Iat(1516239022)
               .JTI('123456')
               .AddClaim('Validated', True)
               .AddClaim('Name', 'Andre')  
               .AddClaim('Level', 10)  
               .AddClaim('Limit', 100.00) 
               .Token; 
end;   
  • Custom PayLoad
uses
  LazJWT;
  
var
  LCustomPayLoad: TJSONData;
  LResult: String;
begin
  LCustomPayLoad := GetJSON('{"Fld1" : "Hello", "Fld2" : 42, "Colors" : ["Red", "Green", "Blue"]}');
  LResult := TLazJWT
               .New
               .SecretJWT('your-256-bit-secret')
               .CustomPayLoad(LCustomPayLoad)
               .Token;
end;   

Validating a token

Note: With Custom PayLoad, only signature is validate

uses
  LazJWT;
  
var
  LResult: String;
begin
  try
    TLazJWT
      .New
      .UseCustomPayLoad(False) //Set before Token
      .Token('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c')
      .SecretJWT('your-256-bit-secret')
      .ValidateToken;
    LResult := 'Token Verified';
  except
    On E: Exception do
    begin
      LResult := E.Message;
    end;
  end;
end;  

Config Validations

uses
  LazJWT;
  
var
  LResult: String;
begin
  try
    TLazJWT
      .New(TLazJWTConfig
             .New
             .IsRequiredSubject(False)
             .IsRequiredIssuedAt(False)
             .IsRequiredNotBefore(False)
             .IsRequiredExpirationTime(False)
             .IsRequireAudience(True)
             .ExpectedAudience(['lazarus','djsystem'])
             ) 
      .UseCustomPayLoad(False) //Set before Token
      .Token('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c')
      .SecretJWT('your-256-bit-secret')
      .ValidateToken;
    LResult := 'Token Verified';
  except
    On E: Exception do
    begin
      LResult := E.Message;
    end;
  end;
end;  

Inspired in Delphi JOSE and JWT Library

⚠️ License

LazJWT is free and open-source library licensed under the MIT License.