jose-jwt

JSON Object Signing and Encryption Library

http://github.com/tekul/jose-jwt

Version on this page:0.7@rev:1
LTS Haskell 22.14:0.9.6
Stackage Nightly 2024-03-28:0.10.0
Latest on Hackage:0.10.0

See all snapshots jose-jwt appears in

BSD-3-Clause licensed and maintained by Luke Taylor
This version can be pinned in stack with:jose-jwt-0.7@sha256:a43df539f6c66ff12808a8db58d83bf98356e79be1e52850791295f83c309b86,3408

Module documentation for 0.7

An implementation of the JOSE suite of IETF standards and the closely related JWT (JSON web token) spec (https://tools.ietf.org/html/rfc7519/).

Both signed and encrypted JWTs are supported, as well as simple JWK keys.

Changes

0.7

  • Add support for AES key wrap in JWEs.
  • Support A192GCM and A192CBC-HS384 algorithms.
  • Switch to cryptonite library.

0.6.2

  • Remove dependency on errors package.

0.6.1

  • Minor internal changes to fix build on GHC 7.10.

0.6

  • Change KeyId type to allow use of a UTCTime string for the identifier.
  • Internal crypto fixes to prevent exceptions from external libraries.

0.5

  • Add JwtEncoding type. Changes API of Jwt.encode and Jwt.decode.

0.4.2

  • Fix in the code for finding suitable JWKs for encoding/decoding.

0.4.1.1

  • Added doctest flag to cabal file to allow doctests to be disabled.

0.4.1

  • Add cprng-aes dependency to doctests to stop test failure on travis and nixos hydra builds.

0.4

  • Changed use of Jwt type to represent an encoded JWT.
  • Introduced Payload type to allow setting the cty header value correctly for nested JWTs.
  • Added an explicit Unsecured type for a decoded JWT, to make it obvious when the content is not signed or encrypted.
  • Fixed some bugs in JSON encoding and decoding of EC JWKs.

0.3.1

Changed the signature of Jwt.encode to take a list of Jwk rather than a single key. The key will be selected from the list based on the specified algorithms.

0.3

  • New support for JWS validation using elliptic curve algorithms.
  • Added Jwt.encode function which takes a JWK argument, allowing key data (currently the key ID) to be encoded in the token header.