Skip to content

xmidt-org/cjwt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

208 Commits

.github/workflows

.github/workflows

 
 

.reuse

.reuse

 
 

LICENSES

LICENSES

 
 

examples/basic

examples/basic

 
 

include/cjwt

include/cjwt

 
 

src

src

 
 

subprojects

subprojects

 
 

tests

tests

 
 

.clang-format

.clang-format

 
 

.codecov.yml

.codecov.yml

 
 

.gitignore

.gitignore

 
 

.sonar-project.properties

.sonar-project.properties

 
 

.whitesource

.whitesource

 
 

CHANGELOG.md

CHANGELOG.md

 
 

CONTRIBUTING.md

CONTRIBUTING.md

 
 

NOTICE

NOTICE

 
 

README.md

README.md

 
 

meson.build

meson.build

 
 

Repository files navigation

cjwt

A C JWT Implementation

Build Status codecov.io Coverity Quality Gate Status Language Grade: C/C++ Apache V2 License GitHub release JWT.io

cjwt is a small JWT handler designed to allow consumers of JWTs of the JWS variant the ability to securely and easily get claims and data from a JWT. This particular JWT implementation uses cJSON and is designed to support multiple different crypto libraries in the future.

API

The API is meant to be fairly small & leverage what cJSON already provides nicely.

Here are the details

There are 3 function:

  • cjwt_decode() that decodes successfully or fails with a more detailed reason
  • cjwt_destroy() that destroys the cjwt_t object cleanly
  • cjwt_print() that prints the cjwt_t object to a stream (generally for debugging)

Otherwise you get a simple C struct to work with in your code.

Dependencies

Opinionated Default Secure

To help adopters not make costly security mistakes, cjwt tries to default to secure wherever possible. If you must use an insecure feature there are option flags that let you do so, but use them sparingly and with care.

Examples:

Inline

Using the decoder:

#include <stdint.h>
#include <stddef.h>
#include <string.h>

#include <cjwt/cjwt.h>

int main( int argc, char *argv[] )
{
    cjwt_t *jwt = NULL;
    cjwt_code_t rv;

    const char *hs_text = 
        /* header */
        "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9."
        /* payload */
        "eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaGVsbG8i"
        "OiJ3b3JsZCIsImJvYiI6WyJkb2ciLDEyM10sImNhdCI6eyJtb3VzZSI6eyJj"
        "aGVlc2UiOiJsb3RzIn19LCJpYXQiOjE1MTYyMzkwMjJ9."
        /* signature */
        "mJYSucD6RRg6zdPcSKvb5-LKFDJzRvdKqTlqAvDBknU";

    const char *hs_key = "hs256-secret";

    rv = cjwt_decode( hs_text, strlen(hs_text), 0, (uint8_t*) hs_key, strlen(hs_key), 0, 0, &jwt );
    if( CJWTE_OK != rv ) {
        printf( "There was an error processing the text: %d\n", rv );
        return -1;
    }

    cjwt_print( stdout, jwt );

    cjwt_destroy( jwt );

    return 0;
}

Gives you this output:

=====================
header
---------------------
   alg: HS256

payload
---------------------
   iat: 1516239022

   exp: NULL
   nbf: NULL

   iss: NULL
   sub: 1234567890
   jti: NULL
   aud: NULL

private claims
---------------------
{
     "name":     "John Doe",
     "hello":    "world",
     "bob":      ["dog", 123],
     "cat": {
         "mouse": {
             "cheese":   "lots"
         }
     }
}

Building and Testing Instructions

meson setup --warnlevel 3 --werror build
cd build
ninja all test coverage
firefox ./meson-logs/coveragereport/index.html

About

A c jwt implementation

Resources

Readme
Activity
Custom properties

Stars

15 stars

Watchers

25 watching

Forks

20 forks
Report repository

Releases 7

v2.1.1 2021-12-22 Latest
Dec 22, 2021
+ 6 releases

Packages

No packages published

Contributors 8

Languages