Helper functions to create, sign and verify JSON Web Tokens for testing purposes.
To generate a private RSA key:
openssl genrsa -out mykey.pem 2048
To derive a public key from the private key:
openssl rsa -in mykey.pem -pubout -out pubkey.pem
Start an IEx session with the Mix project as the context:
iex -S mix
To generate valid JWT claims, use Signature.Claims.valid
:
claims = Signatures.Claims.valid
You can then modify specific claims with Signature.Claims.put
modified_claims =
claims
|> Signatures.Claims.put(:scp, "my.custom.scope")
Helpers are provided to invalidate claims exp
(with an expiration date in the past) and nbf
(with a not before date in the future):
claims_with_invalid_expiration =
claims
|> Signatures.Claims.invalidate(:exp)
claims_with_invalid_not_before =
claims
|> Signatures.Claims.invalidate(:nbf)
To generate a signed JWT from a claims struct with a key from the resources
folder (replace idam_stub.pem
with the key you want to use to sign the token):
Signatures.sign(claims, "idam_stub.pem")
To verify a JWT was signed with a public key from the resources
folder:
Signatures.verify("eyJ0e...zTVTA", "idam_stub_pub.pem")
To generate a JWK from a PEM in the resources
folder:
Signatures.extract_jwk("primary.pem")