JSON::WebToken - JSON Web Token (JWT) implementation
use Test::More; use JSON; use JSON::WebToken; my $claims = { iss => 'joe', exp => 1300819380, 'http://example.com/is_root' => JSON::true, }; my $secret = 'secret'; my $jwt = encode_jwt $claims, $secret; my $got = decode_jwt $jwt, $secret; is_deeply $got, $claims; done_testing;
JSON::WebToken is JSON Web Token (JWT) implementation for Perl
THIS MODULE IS ALPHA LEVEL INTERFACE.
This method is encoding JWT from hash reference.
my $jwt = JSON::WebToken->encode({ iss => 'joe', exp => 1300819380, 'http://example.com/is_root' => JSON::true, }, 'secret'); # $jwt = join '.', # 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9', # 'eyJleHAiOjEzMDA4MTkzODAsImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlLCJpc3MiOiJqb2UifQ' # '4ldFxjibgJGz_uaIRCIq89b5ipR-sbI2Uq7B2WNEDs0'
Default encryption algorithm is HS256. You can change algorithm as following:
HS256
my $pricate_key_string = '...'; my $public_key_string = '...'; my $jwt = JSON::WebToken->encode({ iss => 'joe', exp => 1300819380, 'http://example.com/is_root' => JSON::true, }, $pricate_key_string, 'RS256'); my $claims = JSON::WebToken->decode($jwt, $public_key_string);
When you use RS256, RS384 or RS512 algorithm then, We need Crypt::OpenSSL::RSA.
If you want to create a Plaintext JWT, should be specify none for the algorithm.
Plaintext JWT
none
my $jwt = JSON::WebToken->encode({ iss => 'joe', exp => 1300819380, 'http://example.com/is_root' => JSON::true, }, '', 'none'); # $jwt = join '.', # 'eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0', # 'eyJleHAiOjEzMDA4MTkzODAsImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlLCJpc3MiOiJqb2UifQ', # ''
This method is decoding hash reference from JWT string.
my $claims = JSON::WebToken->decode($jwt, $secret, 1, ["RS256"]);
Any signing algorithm (except "none") is acceptable by default, so you should check it with $accepted_algorithms parameter.
This method is adding signing algorithm.
# resolve JSON::WebToken::Crypt::MYALG JSON::WebToken->add_signing_algorithm('MYALGXXX' => 'MYALG'); # resolve Some::Class::Algorithm JSON::WebToken->add_signing_algorithm('SOMEALGXXX' => '+Some::Class::Algorithm');
SEE ALSO JSON::WebToken::Crypt::HMAC or JSON::WebToken::Crypt::RAS.
Same as encode() method.
encode()
Same as decode() method.
decode()
JSON::WebToken::Exception will be thrown with following code.
When some method arguments are not valid.
When secret is required. (alg != "none")
alg != "none"
When JWT segment count is not between 2 and 4.
When each JWT segment is not encoded by base64url.
When alg == "none" but signature segment found.
alg == "none"
When JWT signature is invalid.
When given signing algorithm is not supported.
When given signing algorithm is not included in acceptable_algorithms.
xaicron <xaicron@cpan.org>
zentooo
Copyright 2012 - xaicron
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
http://tools.ietf.org/html/draft-ietf-oauth-json-web-token
To install JSON::WebToken, copy and paste the appropriate command in to your terminal.
cpanm
cpanm JSON::WebToken
CPAN shell
perl -MCPAN -e shell install JSON::WebToken
For more information on module installation, please visit the detailed CPAN module installation guide.