this is a simple jwt token library for learning purposes
jwt.io definition, "JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA.
Huh, That's a mouth full. I'll just JWT is a way of securely verify request over HTTP without the need of sessions. This allows you to write web services that can be consumed by over the web, mobile, desktop and any other device that can communicate over via HTTP.
It consists of three part
- Header - base64encoded, defines the algorithm for used for hashing the signature and the type of JWT.
- Payload- contains information about the issue and the user of the token eg expiration date(ESP)
- Signature - contains a Hash of the header and payload Using the algorithm in the header All these are concatenated with a dot, to form a token.
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3OD..kwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95Or..M7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ
That's a bare bone summary, but you can check out this article for a detailed explanation... Afterall we're here to build a library who cares what it does smiles.
secret := "randpmly generated code"
type Meta struct {
Name string
Email string
}
EncodePayload := jwt.Payload{
Sub: "123",
Exp: time.Now().Unix() + 100000,
Public: Meta{
Name: "Murphy",
Email: "[email protected]",
},
}
token := jwt.Encode(EncodePayload, secret)
// prints out your token
fmt.Println(token)
// eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjMiLCJleHAiOjE1NDEyNzAyNzAsInB1YmxpYyI6eyJOYW1lIjoiTXVycGh5IiwiRW1haWwiOiJNdXJwaHlAand0LmNvbSJ9fQ==.dkzber79rM7gubpPCaAkjz0gFjxndbMCk6zQWrswkzE=
fmt.Println(jwt.Decode(token, secret))
// 123 1541270653 map[Name:Murphy Email:[email protected]]} <nil>