This library provides a framework for authentication/authorization with JWTs and generation/validation of JWTs as specified in the RFC 7519, RFC 7515, and RFC 7517.
JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object that is used as the payload of a JSON Web Signature (JWS) structure or as the plaintext of a JSON Web Encryption (JWE) structure enabling the claims to be signed digitally or protecting the integrity with a Message Authentication Code(MAC) and/or encrypted.
The Ballerina jwt
library facilitates auth providers that are to be used by the clients and listeners of different protocol connectors. Also, it provides the APIs for issuing a self-signed JWT and validating a JWT.
Represents the listener JWT Auth provider, which is used to authenticate the provided credentials (JWT) against the provided JWT validator configurations.
Represents the client JWT Auth provider, which is used to authenticate with an external endpoint by issuing a self-signed JWT against the provided JWT issuer configurations.
A self-signed JWT can be issued with the provided configurations using this API as follows:
jwt:IssuerConfig issuerConfig = {
username: "ballerina",
issuer: "wso2",
audience: "vEwzbcasJVQm1jVYHUHCjhxZ4tYa",
expTime: 3600,
signatureConfig: {
config: {
keyFile: "/path/to/private.key"
}
}
};
string jwt = check jwt:issue(issuerConfig);
A JWT can be validated with the provided configurations using the API as follows:
string jwt = "eyJ0eXAiOiJKV1QiLA0KI[...omitted for brevity...]mB92K27uhbwW1gFWFOEjXk";
jwt:ValidatorConfig validatorConfig = {
issuer: "wso2",
audience: "vEwzbcasJVQm1jVYHUHCjhxZ4tYa",
clockSkew: 60,
signatureConfig: {
certFile: "/path/to/public.crt"
}
};
jwt:Payload result = check jwt:validate(jwt, validatorConfig);
Issues and Projects tabs are disabled for this repository as this is part of the Ballerina Standard Library. To report bugs, request new features, start new discussions, view project boards, etc., go to the Ballerina Standard Library parent repository.
This repository only contains the source code for the module.
-
Download and install Java SE Development Kit (JDK) version 21 (from one of the following locations).
-
Export your GitHub Personal Access Token (PAT) with the
read package
permission as follows:export packageUser=<Username> export packagePAT=<Personal Access Token>
-
Download and install Docker.
Execute the commands below to build from the source.
-
To build the package:
./gradlew clean build
-
To run the tests:
./gradlew clean test
-
To run a group of tests
./gradlew clean test -Pgroups=<test_group_names>
-
To build the without the tests:
./gradlew clean build -x test
-
To debug package implementation:
./gradlew clean build -Pdebug=<port>
-
To debug with Ballerina language:
./gradlew clean build -PbalJavaDebug=<port>
-
Publish the generated artifacts to the local Ballerina central repository:
./gradlew clean build -PpublishToLocalCentral=true
-
Publish the generated artifacts to the Ballerina central repository:
./gradlew clean build -PpublishToCentral=true
As an open source project, Ballerina welcomes contributions from the community.
For more information, go to the contribution guidelines.
All contributors are encouraged to read the Ballerina Code of Conduct.
- For more information go to the
jwt
library. - For example demonstrations of the usage, go to Ballerina By Examples.
- Chat live with us via our Discord server.
- Post all technical questions on Stack Overflow with the #ballerina tag.