the-sett / elm-auth / Jwt

JWT tokens are usually base64 encoded. This module provides some utility functions to assist with decoding such tokens.

decode : Json.Decode.Decoder token -> String -> Result JwtError token

Decodes a JWT token from its encoded string format.

isExpired : Time.Posix -> String -> Basics.Bool

Decodes just the "exp" field from a JWT token from its encoded string format and compares for expiry with the supplied time stamp.

If the token does not contain an "exp" field, this function will always return True. It is expected that the supplied token will contain this field.

extractTokenBody : String -> Result JwtError String

Extracts the base64 encoded token body.


type alias StandardToken =
{ sub : Maybe String
, iss : Maybe String
, aud : Maybe String
, exp : Maybe Time.Posix
, nbf : Maybe Time.Posix
, iat : Maybe Time.Posix
, jti : Maybe String 
}

Describes the standard JWT token fields.

Note that the standard token does not have to be used, it is provided here for convenience. All of the fields are Maybes which is not very nice when you know that some implementation can be relied on to provide certain fields.

This module can work with any token definition; supply a decoder for the token you want to use. A decoder for the standard token is provided in this module.

standardTokenDecoder : Json.Decode.Decoder StandardToken

A decoder for the standard token.


type JwtError
    = TokenExpired
    | TokenProcessingError String
    | TokenDecodeError String

Defines the possible errors that can be encountered when decoding a token.