HarbourJwt
JWT Implementation for Harbour
A simple library to work with JSON Web Token and JSON Web Signature for Harbour language. You can find more information about JWT on the official website.
Harbour JWT supports the following algorithms:
- HS256
- HS384
- HS512
Installation
Package is available on GitHub,
wget https://raw.githubusercontent.com/matteobaccan/HarbourJwt/main/lib/jwt.hrb
Documentation
JWT is a class library that can allow you to generate and validate JWT tokens
Token generation
To create a token you must
-
Load jwt.hrb library
LOCAL handle := hb_hrbLoad( "jwt.hrb" )
-
Create an empty JWT object
LOCAL oJWT LOCAL cToken // Object oJWT := &("JWT():new()")
-
Configure a valid header, setting Type = JWT and an available Algorithm. At the moment the Algorithms available are: HS256, HS384, and HS512
// Header oJWT:setAlgorithm("HS256") oJWT:setType("JWT")
-
Load a payload. The properties permitted in a payload are:
METHOD SetIssuer( cIssuer ) METHOD SetSubject( cSubject ) METHOD SetAudience( cAudience ) METHOD SetExpration( nExpiration ) METHOD SetNotBefore( nNotBefore ) METHOD SetIssuedAt( nIssuedAt ) METHOD SetJWTId( cJWTId )
A simple payload can be formed by: Subject, Name, and IssueAt
// Payload oJWT:setSubject("1234567890") oJWT:setPayloadData("name", "John Doe") oJWT:setIssuedAt(1516239022)
-
Finally you must indicate a secret
// Secret oJWT:setSecret("your-256-bit-secret")
-
Now you can get a token
// Get Token cToken = oJWT:Encode()
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c
Token verification
Token verifications are also simple
-
Load jwt.hrb library
LOCAL handle := hb_hrbLoad( "jwt.hrb" )
-
Create an empty JWT object
LOCAL oJWT // Object oJWT := &("JWT():new()")
-
Verify the token
oJWT:SetSecret("MySecret") oJWT:Verify("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6Ik1hdHRlbyBCYWNjYW4iLCJpYXQiOjE1MTYyMzkwMjJ9.YR8QF52kgj0owYlP9TkEy_lNhC-Qdq38tqNNNqpvpK0")
Verify return a .T. if the token is valid. Otherwise with
oJWT:GetError()
you can get the decode error
Contribution
Feel free to update this code with a new PR