prosody
ebe3b2f96cad
teal-src/util/jwt.d.tl

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

File

teal-src/util/jwt.d.tl @ 12953:ebe3b2f96cad

mod_tokenauth: Switch to new token format (invalidates existing tokens!) The new format has the following properties: - 5 bytes longer than the previous format - The token now has separate 'id' and 'secret' parts - the token itself is no longer stored in the DB, and the secret part is hashed - The only variable length field (JID) has been moved to the end - The 'secret-token:' prefix (RFC 8959) is now included Compatibility with the old token format was not maintained, and all previously issued tokens are invalid after this commit (they will be removed from the DB if used).
author Matthew Wild <mwild1@gmail.com>
date Tue, 21 Mar 2023 14:33:29 +0000
parent 12929:245ffbb06f55
line wrap: on
line source

local crypto = require "util.crypto"
local record jwtlib
	enum algorithm
		"HS256"
		"HS384"
		"HS512"
		"ES256"
		"ES512"
		"RS256"
		"RS384"
		"RS512"
		"PS256"
		"PS384"
		"PS512"
	end
	type payload = { string : any }
	type signer_t = function (payload : payload) : string
	type verifier_t = function (token : string) : payload
	enum key_type
		"rsaEncryption"
		"id-ecPublicKey"
	end
	record algorithm_t
		sign : signer_t
		verify : verifier_t
		load_key : function (key : string) : crypto.key
	end
	init : function (algorithm, private_key : string, public_key : string, table) : signer_t, verifier_t
	new_signer : function (algorithm, string, table) : signer_t
	new_verifier : function (algorithm, string, table) : verifier_t
	_algorithms : {
		algorithm : algorithm_t
	}
	-- Deprecated
	sign : function (private_key : string, payload) : string
	verify : function (string) : payload
end
return jwtlib