Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add 'iat/ aud/ sub/ jti' support for ruby-jwt #62

Merged
merged 3 commits into from
Mar 9, 2015
Merged

Add 'iat/ aud/ sub/ jti' support for ruby-jwt #62

merged 3 commits into from
Mar 9, 2015

Conversation

ZhangHanDong
Copy link
Contributor

for iat check support:

example_payload = {"hello" => "world", "iat" => 1425917209}
example_secret = 'secret'
example_jwt = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJoZWxsbyI6IndvcmxkIiwiaWF0IjoxNDI1OTE3MjA5fQ.m4F-Ugo7aLnLunBBO3BeDidyWMx8T9eoJz6FW2rgQhU'
decoded_payload = JWT.decode(example_jwt, example_secret, true, {iat: true})

or

begin
   example_payload = {"hello" => "world", "iat" => 1425917209}
rescue JWT::InvalidIatError
   # do something
end

aud check support

example_payload = {"hello" => "world", "aud" => "url:pnd"}
example_payload2 = {"hello" => "world", "aud" => ["url:pnd", "aud:yes"]}
example_secret = 'secret'

example_jwt = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJoZWxsbyI6IndvcmxkIiwiYXVkIjoidXJsOnBuZCJ9._gT5veUtNiZD7wLEC6Gd0-nkQV3cl1z8G0zXq8qcd-8'
example_jwt2 = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJoZWxsbyI6IndvcmxkIiwiYXVkIjpbInVybDpwbmQiLCJhdWQ6eWVzIl19.qNPNcT4X9B5uI91rIwbW2bIPTsp8wbRYW3jkZkrmqbQ"

decoded_payload = JWT.decode(example_jwt, example_secret, true, {aud: "url:pnd"})
decoded_payload2 = JWT.decode(example_jwt2, example_secret, true, {aud: "url:pnd"})

for sub support

example_payload = {"hello" => "world", "sub" => 'subject'}
example_secret = 'secret'
example_jwt = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJoZWxsbyI6IndvcmxkIiwic3ViIjoic3ViamVjdCJ9.QUnNVZm4SPB4vP2zY9m1LoUSOx-5oGXBhj7R89D_UtA'
decoded_payload = JWT.decode(example_jwt, example_secret, true, {sub: 'subject'})

for jti support

In order to ensure jti uniq for every jwt:

  1. Use the current timestamp (iat) as the nonce.
  2. Use the md5 hash of the jwt.
example_payload = {"hello" => "world", "iat" => 1425917209, "jti" => Digest::MD5.hexdigest("secret:1425917209")}
example_secret = 'secret'
example_jwt = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJoZWxsbyI6IndvcmxkIiwiaWF0IjoxNDI1OTE3MjA5LCJqdGkiOiI1NWM3NzZlMjFmN2NiZDg3OWMwNmZhYzAxOGRhYzQwMiJ9.ET0hb-VTUOL3M22oG13ofzvGPLMAncbF8rdNDIqo8tg'

 decoded_payload = JWT.decode(example_jwt, example_secret, true, {jti: Digest::MD5.hexdigest("secret:1425917209")})

excpt added a commit that referenced this pull request Mar 9, 2015
@excpt
Merge pull request #62 from Ruby-Study/master
094f5ea 
Add  iat, aud, sub, jti  support for ruby-jwt
@excpt excpt merged commit 094f5ea into jwt:master Mar 9, 2015
@excpt
Copy link
Member

excpt commented Mar 9, 2015

Awesome!

Thanks a lot! 🎉

@ZhangHanDong
Copy link
Contributor Author

no problem, i love json web token and i 'll be used it in my project.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ZhangHanDong @excpt