Jocelyn Fiat
30a5e087ae
- Improvement about web form manipulation (remove a field, set a text value to input fields by name, ...) - Improved web form html generation, especially for select and type checkbox - Updated the date input field interface with a new set_date_value . File response: - "application/force-download" is not a standard MIME content type, so use "application_octet_stream" instead as default. Standalone connector: - Added expected creation procedure for the service launcher. - Added new "secure_port" configuration variable, for SSL standalone service. This way, if `is_secure` is True, the server will use `secure_port` (overrides `port` value). Date: - Improved support for RFC 3339 (a profile of ISO 8601) Removed obsolete and warnings: - removed usage of FILE_NAME - updated code to avoid implicit conversion from STRING_32 to STRING_8 - avoid uneed conversion to STRING_8 (when possible)
35 lines
807 B
Markdown
35 lines
807 B
Markdown
JSON Web Token (JWT)
|
|
|
|
http://jwt.io/
|
|
|
|
Note: supporting only HS256 and none algorithm for signature, but could be extend with your own algorithm via `JWT_ALGORITHMS` (see `JWT.algorithms`, and `JWT_LOADER.algorithms`).
|
|
|
|
# How to use
|
|
```eiffel
|
|
|
|
example
|
|
local
|
|
jwt: JWS
|
|
tok: STRING
|
|
l_loader: JWT_LOADER
|
|
do
|
|
create jwt.make_with_json_payload ("[
|
|
{"iss":"joe", "exp":1200819380,"http://example.com/is_root":true}
|
|
]")
|
|
jwt.set_algorithm_to_hs256
|
|
tok := jwt.encoded_string ("my-secret")
|
|
|
|
create l_loader
|
|
if
|
|
attached l_loader.token (tok, Void, "my-secret", Void) as l_tok and then
|
|
not l_tok.has_error
|
|
then
|
|
print (l_tok.claimset.string)
|
|
check verified: not l_tok.has_unverified_token_error end
|
|
check no_error: not l_tok.has_error end
|
|
end
|
|
end
|
|
end
|
|
```
|
|
|