1
0
mirror of https://github.com/vlang/v.git synced 2023-08-10 21:13:21 +03:00

crypto: add an example of how to verify jwt tokens (#15198)

This commit is contained in:
Hitalo de Jesus do Rosário Souza 2022-07-24 04:27:21 -03:00 committed by GitHub
parent 5464de406c
commit 1f3be99859
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -51,6 +51,7 @@ import crypto.hmac
import crypto.sha256 import crypto.sha256
import encoding.base64 import encoding.base64
import json import json
import time
struct JwtHeader { struct JwtHeader {
alg string alg string
@ -64,20 +65,30 @@ struct JwtPayload {
} }
fn main() { fn main() {
token := make_token() sw := time.new_stopwatch()
println(token) secret := 'your-256-bit-secret'
token := make_token(secret)
ok := auth_verify(secret, token)
dt := sw.elapsed().microseconds()
println('token: $token')
println('auth_verify(secret, token): $ok')
println('Elapsed time: $dt uS')
} }
fn make_token() string { fn make_token(secret string) string {
secret := 'your-256-bit-secret'
header := base64.url_encode(json.encode(JwtHeader{'HS256', 'JWT'}).bytes()) header := base64.url_encode(json.encode(JwtHeader{'HS256', 'JWT'}).bytes())
payload := base64.url_encode(json.encode(JwtPayload{'1234567890', 'John Doe', 1516239022}).bytes()) payload := base64.url_encode(json.encode(JwtPayload{'1234567890', 'John Doe', 1516239022}).bytes())
signature := base64.url_encode(hmac.new(secret.bytes(), '${header}.$payload'.bytes(), signature := base64.url_encode(hmac.new(secret.bytes(), '${header}.$payload'.bytes(),
sha256.sum, sha256.block_size).bytestr().bytes()) sha256.sum, sha256.block_size))
jwt := '${header}.${payload}.$signature' jwt := '${header}.${payload}.$signature'
return jwt return jwt
} }
fn auth_verify(secret string, token string) bool {
token_split := token.split('.')
signature_mirror := hmac.new(secret.bytes(), '${token_split[0]}.${token_split[1]}'.bytes(),
sha256.sum, sha256.block_size)
signature_from_token := base64.url_decode(token_split[2])
return hmac.equal(signature_from_token, signature_mirror)
}
``` ```