Helper functions to create, sign and verify JSON Web Tokens for testing purposes.
To generate a private RSA key:
openssl genrsa -out mykey.pem 2048
To derive a public key from the private key:
openssl rsa -in mykey.pem -pubout -out pubkey.pem
Start an IEx session with the Mix project as the context:
iex -S mix
To generate valid JWT claims, use Signature.Claims.valid:
claims = Signatures.Claims.validYou can then modify specific claims with Signature.Claims.put
modified_claims =
claims
|> Signatures.Claims.put(:scp, "my.custom.scope")Helpers are provided to invalidate claims exp (with an expiration date in the past) and nbf (with a not before date in the future):
claims_with_invalid_expiration =
claims
|> Signatures.Claims.invalidate(:exp)
claims_with_invalid_not_before =
claims
|> Signatures.Claims.invalidate(:nbf)To generate a signed JWT from a claims struct with a key from the resources folder (replace idam_stub.pem with the key you want to use to sign the token):
Signatures.sign(claims, "idam_stub.pem")To verify a JWT was signed with a public key from the resources folder:
Signatures.verify("eyJ0e...zTVTA", "idam_stub_pub.pem")To generate a JWK from a PEM in the resources folder:
Signatures.extract_jwk("primary.pem")