ktonon / elm-jsonwebtoken / JsonWebToken

JSON Web Token encoder and decoder.

decode : Json.Decode.Decoder payload -> Secret -> Token -> Result (DecodeError payload) payload

Verify a token given a secret or public key.

import Json.Decode
import Json.Encode
import TestHelpers
    exposing
        ( aValidToken
        , correctSecret
        , encodePayload
        , payload
        , payloadDecoder
        , wrongSecret
        )

If all goes well, you'll get a result back with the payload.

decode payloadDecoder correctSecret aValidToken
--> Ok payload

If something goes wrong, you get an error:

decode payloadDecoder correctSecret "token.should.have.three.parts"
--> Err InvalidToken

Some errors will include the payload. However, whenever there is an error the payload should not be trusted.

decode payloadDecoder wrongSecret aValidToken
--> Err <| InvalidSecret payload

encode : Alg -> (payload -> Json.Encode.Value) -> Secret -> payload -> Token

Create and sign a token.

import Json.Decode
import Json.Encode
import TestHelpers
    exposing
        ( aValidToken
        , correctSecret
        , encodePayload
        , payload
        , payloadDecoder
        , wrongSecret
        )

encode hmacSha256 encodePayload correctSecret payload
--> aValidToken

encode hmacSha512 Json.Encode.string "other secret" "some payload"
    |> (decode Json.Decode.string "other secret")
--> Ok "some payload"

encode hmacSha224 Json.Encode.int "123" 456
    |> (decode Json.Decode.int "abc")
--> Err <| InvalidSecret 456

Algorithms

hmacSha224 : Alg

HMAC SHA224 digest algorithm.

hmacSha256 : Alg

HMAC SHA256 digest algorithm.

hmacSha384 : Alg

HMAC SHA384 digest algorithm.

hmacSha512 : Alg

HMAC SHA512 digest algorithm.

Errors


type DecodeError payload
    = DecodeHeaderFailed payload String
    | DecodePayloadFailed String
    | InvalidSecret payload
    | InvalidToken

Types of errors which can occur during decoding of a token.

Types


type Alg

Type of algoirthm to use for the digest


type alias Secret =
String

String used to sign or verify a token.


type alias Token =
String

A JSON web token.

algDecoder : Json.Decode.Decoder Alg

Algorithm decoder.