nimble install quickjwt
This library has no dependencies other than the Nim standard library.
This is a implementation of JSON Web Tokens for Nim. This is based on the work of Yuriy Glukhov but differs in API.
Create a token:
token = sign(
header = %*{
"typ":"JWT",
"alg":"HS256"
},
claim = %*{
"exp": now
},
secret = secret
)Verify a token:
try:
token.verifyEx(pivTestKey, @["RS256"])
...
except:
...or
if token.verify(pivTestKey, @["RS256"]):
...Get token's claim:
token.claimAlgorithms:
- none
- HS256
- HS384
- HS512
- RS256
- RS384
- RS512
Claims:
- nbf - Not before timestamp
- exp - Expire after timestamp
import quickjwt, json, times, httpclient, cgi
const email = "username@api-12345-12345.iam.gserviceaccount.com" # Acquired from google api console
const scope = "https://www.googleapis.com/auth/androidpublisher" # Define needed scope
const privateKey = """
-----BEGIN PRIVATE KEY-----
The key should be Acquired from google api console
-----END PRIVATE KEY-----
"""
var token = quickjwt.sign(
header = %*{
"alg": "RS256",
"typ": "JWT"
},
claim = %*{
"iss": email,
"scope": scope,
"aud": "https://www.googleapis.com/oauth2/v4/token",
"exp": int(epochTime() + 60 * 60),
"iat": int(epochTime())
},
secret = privateKey
)
let postdata = "grant_type=" & encodeUrl("urn:ietf:params:oauth:grant-type:jwt-bearer") & "&assertion=" & token
proc request(url: string, body: string): string =
var client = newHttpClient()
client.headers = newHttpHeaders({ "Content-Length": $body.len, "Content-Type": "application/x-www-form-urlencoded" })
result = client.postContent(url, body)
client.close()
let resp = request("https://www.googleapis.com/oauth2/v4/token", postdata).parseJson()
echo "Access token is: ", resp["access_token"].strThis library requires a recent version of libcrypto. Specifically the one that has EVP_DigestSign* functions.