A header only library for creating and validating json web tokens in c++
Originally published in 0.7.0 Release Candidate 0
get_payload_claims()
was replaced by get_payload_json()
decoded_jwt
(#225) @Ka0o0EVP_PKEY_up_ref
if available (#238)as_date()
's std::bad_cast
with decimal value (#240) @ProsperohFull Changelog: https://github.com/Thalhammer/jwt-cpp/compare/v0.6.0...v0.7.0
get_payload_claims()
was replaced by get_payload_json()
decoded_jwt
(#225) @Ka0o0EVP_PKEY_up_ref
if available (#238)as_date()
's std::bad_cast
with decimal value (#240) @ProsperohFull Changelog: https://github.com/Thalhammer/jwt-cpp/compare/v0.6.0...v0.7.0-rc.0
jwt::verifier
has been refactored to accept a more generic "verification operation". There are no API breaks.jwt::picojson_traits
became jwt::traits::kazuho_picojson
#193to_lower
that was actually doing a to_upper
.Full Changelog: https://github.com/Thalhammer/jwt-cpp/compare/v0.5.1...v0.6.0
jwt::picojson_traits
became jwt::traits::kazuho_picojson
#193Full Changelog: https://github.com/Thalhammer/jwt-cpp/compare/v0.6.0-rc.1...v0.6.0-rc.2
Full Changelog: https://github.com/Thalhammer/jwt-cpp/compare/v0.6.0-rc.0...v0.6.0-rc.1
NOT FOR PUBLIC USE
jwt::verifier
has been refactored to accept a more generic "verification operation". There are no API breaks.to_lower
that was actually doing a to_upper
.Full Changelog: https://github.com/Thalhammer/jwt-cpp/compare/v0.5.1...v0.6.0-rc.1
This release addresses a few minor (but irritating) warnings #134 #140
Special thanks to @sweco-nlahoo 🤗 for helping correct the installed config file location and providing consumers to override the default locations with JWT_CMAKE_FILES_INSTALL_DIR
.
Full Changelog: https://github.com/Thalhammer/jwt-cpp/compare/v0.5.0...v0.5.1
decode_jwt
now requires a template argument for traitsbuilder
now requires a template argument for traitsbuilder.set_audience()
takes array_type
(previously was a set)
std::vector<std::string>{"*"}
with std::vector<picojson::value>{ picojson::value("*") }
basic_claim
Depending on your application needs you might choose one JSON library over another, there's a lot of great choices.
To freely choose whichever is best for your application define your own traits.
jwt::basic_claim<my_favorite_json_library_traits> claim(json::object({{"json", true},{"example", 0}}));
If you implement traits support for a library, please 🙏 submit a pull request to let us know!
Special thanks to @Sp3EdeR for their great work 🏆
With the additional algorithms, you can use the jwt::create()
and jwt::verify()
for handling your tokens
auto token = jwt::create().set_issuer("auth0").set_type("JWS").sign(
jwt::algorithm::ed25519("", ed25519_priv_key, "", "")); // New algorithms have been added
// ...
auto decoded = jwt::decode(token);
jwt::verify().allow_algorithm(
jwt::algorithm::ed25519(ed25519_pub_key, "", "", "")) // New algorithms have been added
.verify(decoded);
Round of applause for @jbajwa for bringing more JOSE support to the library
When working with OAuth2 and OpenID, it's very common to obtain the public key for verifying tokens from JWK.
If the public key is exposed with the "x5c"
you can use a helper to convert it to PEM which is consumed by the jwt::verifier
auto public_cert = jwt::helper::convert_base64_der_to_pem(x5c_base64_der, ec);
auto verify = jwt::verify().allow_algorithm(jwt::algorithm::rs256(public_cert, "", "", ""));
Along with other freedom for JSON libraries there may be a motivating factor for your crypto needs, there for we have expanded support to include LibreSSL.
This can be configured through CMake
cmake .. -DJWT_SSL_LIBRARY:STRING="LibreSSL"
If you prefer the header only approach, make sure to define LIBRESSL_VERSION_NUMBER
before including jwt.h
#include <tls.h>
#include "jwt-cpp/jwt.h"
📓 If you have both OpenSSL and LibreSSL installed, they may be in conflict which can produce compile or runtime errors
Numerous other contributions were submitted by @zxey @sdmg15 @aboseley @mbaykara 👏 Thank you!
Full Changelog: https://github.com/Thalhammer/jwt-cpp/compare/v0.5.0-rc.0...v0.5.0
This RC features the introduction of jwt::basic_claim
which is template around a traits object providing the implementation details for using the JSON library of your choosing. :tada:
For performance sensitive code, among other reasons, there is now the introduction of std::error_code
support
auto verify = jwt::verify({}).allow_algorithm(jwt::algorithm::hs256{ "secret" });
std::error_code ec;
verify.verify(decoded_token, ec);
if(ec) {
// handle failures
}
Special thanks to @faustocarva @matze @Sp3EdeR for their contribution helping make this RC possible :heart:
Full Changelog: https://github.com/Thalhammer/jwt-cpp/compare/v0.4.0...v0.5.0-rc.0