-
-
Notifications
You must be signed in to change notification settings - Fork 644
Tutorial for JWT generation
Kenji Urushima edited this page Jun 1, 2015
·
11 revisions
TOP | DOWNLOADS | TUTORIALS | API REFERENCE | DEMOS
JSON Web Token(JWT) generation is very similar to JSON Web Signature(JWS) generation since those difference is just payload. JWS generation is to create header and payload JSON object with necessary claims and then sign it.
Time in JWS/JWT, integer value for UNIX origin time since 1970 Jan 1 will be used. To specify time value KJUR.jws.IntData.get method is very useful.
Here is a sample for a JWT generation with HS256 signature algorithm:
// Header
var oHeader = {alg: 'HS256', typ: 'JWT'};
// Payload
var oPayload = {};
var tNow = KJUR.jws.IntDate.get('now');
var tEnd = KJUR.jws.IntDate.get('now + 1day');
oPayload.iss = "http://foo.com";
oPayload.sub = "mailto:[email protected]";
oPayload.nbf = tNow;
oPayload.iat = tNow;
oPayload.exp = tEnd;
oPayload.jti = "id123456";
oPayload.aud = "http://foo.com/employee";
// Sign JWT, password=616161
var sHeader = JSON.stringify(oHeader);
var sPayload = JSON.stringify(oPayload);
var sJWT = KJUR.jws.JWS.sign("HS256", sHeader, sPayload, "616161");