madf / jwtxx Goto Github PK
View Code? Open in Web Editor NEWC++ library to work with JWT
License: MIT License
C++ library to work with JWT
License: MIT License
Hi, i cant find any examples where the token has an expiration part of it or a custom payload, how would that look?
/usr/bin/c++ -g -W -Wall -Wextra -Wshadow -Wold-style-cast -Wnull-dereference -Wstrict-aliasing -pedantic -ggdb3 -rdynamic CMakeFiles/fmdserver.dir/core.cpp.o CMakeFiles/fmdserver.dir/cwapi.cpp.o CMakeFiles/fmdserver.dir/main.cpp.o CMakeFiles/fmdserver.dir/queue.cpp.o CMakeFiles/fmdserver.dir/drivers/dto/dto.cpp.o CMakeFiles/fmdserver.dir/drivers/dummy/dummy.cpp.o -o fmdserver -L/home/faust/Projects/icw/fmdserver/build/src/icwlibs-prefix/src/icwlibs-build/src -L/home/faust/Projects/icw/fmdserver/build/src/libjwtxx-prefix/src/libjwtxx-build/src -Wl,-rpath,/home/faust/Projects/icw/fmdserver/build/src/icwlibs-prefix/src/icwlibs-build/src:/home/faust/Projects/icw/fmdserver/build/src/libjwtxx-prefix/src/libjwtxx-build/src:/home/faust/Projects/icw/boost/boost_1_70_0/lib: -lrpc -lsettings -lpidfile -llogger -lutils -ldlib -lcurlwrapper -lcurl -ljwtxx /home/faust/Projects/icw/boost/boost_1_70_0/lib/libboost_system.so /usr/lib64/libcrypto.so /usr/lib64/libssl.so -ldl -ljansson /usr/lib64/libcrypto.so -pthread
/usr/lib/gcc/x86_64-pc-linux-gnu/8.3.0/../../../../x86_64-pc-linux-gnu/bin/ld: /home/faust/Projects/icw/fmdserver/build/src/libjwtxx-prefix/src/libjwtxx-build/src/libjwtxx.a(jwt.cpp.o): in function `JWTXX::enableOpenSSLErrors()::OpenSSLErrors::OpenSSLErrors()':
/home/faust/Projects/icw/fmdserver/build/src/libjwtxx-prefix/src/libjwtxx/src/jwt.cpp:128: undefined reference to `ERR_load_crypto_strings'
/usr/lib/gcc/x86_64-pc-linux-gnu/8.3.0/../../../../x86_64-pc-linux-gnu/bin/ld: /home/faust/Projects/icw/fmdserver/build/src/libjwtxx-prefix/src/libjwtxx/src/jwt.cpp:128: undefined reference to `OPENSSL_add_all_algorithms_noconf'
/usr/lib/gcc/x86_64-pc-linux-gnu/8.3.0/../../../../x86_64-pc-linux-gnu/bin/ld: /home/faust/Projects/icw/fmdserver/build/src/libjwtxx-prefix/src/libjwtxx-build/src/libjwtxx.a(jwt.cpp.o): in function `JWTXX::enableOpenSSLErrors()::OpenSSLErrors::~OpenSSLErrors()':
/home/faust/Projects/icw/fmdserver/build/src/libjwtxx-prefix/src/libjwtxx/src/jwt.cpp:129: undefined reference to `EVP_cleanup'
/usr/lib/gcc/x86_64-pc-linux-gnu/8.3.0/../../../../x86_64-pc-linux-gnu/bin/ld: /home/faust/Projects/icw/fmdserver/build/src/libjwtxx-prefix/src/libjwtxx/src/jwt.cpp:129: undefined reference to `ERR_free_strings'
/usr/lib/gcc/x86_64-pc-linux-gnu/8.3.0/../../../../x86_64-pc-linux-gnu/bin/ld: /home/faust/Projects/icw/fmdserver/build/src/libjwtxx-prefix/src/libjwtxx/src/jwt.cpp:129: undefined reference to `CRYPTO_cleanup_all_ex_data'
/usr/lib/gcc/x86_64-pc-linux-gnu/8.3.0/../../../../x86_64-pc-linux-gnu/bin/ld: /home/faust/Projects/icw/fmdserver/build/src/libjwtxx-prefix/src/libjwtxx-build/src/libjwtxx.a(jwt.cpp.o): in function `JWTXX::Utils::EVPMDCTXDeleter::operator()(env_md_ctx_st*) const':
/home/faust/Projects/icw/fmdserver/build/src/libjwtxx-prefix/src/libjwtxx/src/utils.h:29: undefined reference to `EVP_MD_CTX_destroy'
/usr/lib/gcc/x86_64-pc-linux-gnu/8.3.0/../../../../x86_64-pc-linux-gnu/bin/ld: /home/faust/Projects/icw/fmdserver/build/src/libjwtxx-prefix/src/libjwtxx-build/src/libjwtxx.a(jwt.cpp.o): in function `JWTXX::Keys::HMAC::sign[abi:cxx11](void const*, unsigned long) const':
/home/faust/Projects/icw/fmdserver/build/src/libjwtxx-prefix/src/libjwtxx/src/hmackey.h:24: undefined reference to `EVP_MD_CTX_create'
/usr/lib/gcc/x86_64-pc-linux-gnu/8.3.0/../../../../x86_64-pc-linux-gnu/bin/ld: /home/faust/Projects/icw/fmdserver/build/src/libjwtxx-prefix/src/libjwtxx-build/src/libjwtxx.a(jwt.cpp.o): in function `JWTXX::Keys::PEM::initCTX() const':
/home/faust/Projects/icw/fmdserver/build/src/libjwtxx-prefix/src/libjwtxx/src/pemkey.h:66: undefined reference to `EVP_MD_CTX_create'
Some functions become deprecated (library initialization routines), some are renamed (create/destroy -> new/free).
I'm trying to build my project on Hackintosh with Qt using your library, but get an issue.
I built it using these steps:
cmake -DOPENSSL_ROOT_DIR=/usr/local/opt/openssl -DOPENSSL_LIBRARIES=/usr/local/opt/openssl/lib -DCMAKE_OSX_ARCHITECTURES=x86_64 ..
make
make install
.pro
file:LIBS += -L/usr/local/lib/ -ljwtxx -ljansson -lcrypto
INCLUDEPATH += /usr/local/include/
I get this compile time error:
Undefined symbols for architecture x86_64:
"_EVP_DigestSignFinal", referenced from:
JWTXX::Keys::HMAC::sign(void const*, unsigned long) const in libjwtxx.a(jwt.cpp.o)
JWTXX::Keys::PEM::sign(void const*, unsigned long) const in libjwtxx.a(jwt.cpp.o)
"_EVP_DigestSignInit", referenced from:
JWTXX::Keys::HMAC::sign(void const*, unsigned long) const in libjwtxx.a(jwt.cpp.o)
JWTXX::Keys::PEM::sign(void const*, unsigned long) const in libjwtxx.a(jwt.cpp.o)
"_EVP_DigestVerifyFinal", referenced from:
JWTXX::Keys::PEM::verify(void const*, unsigned long, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) const in libjwtxx.a(jwt.cpp.o)
"_EVP_DigestVerifyInit", referenced from:
JWTXX::Keys::PEM::verify(void const*, unsigned long, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) const in libjwtxx.a(jwt.cpp.o)
"_EVP_PKEY_new_mac_key", referenced from:
JWTXX::Keys::HMAC::sign(void const*, unsigned long) const in libjwtxx.a(jwt.cpp.o)
ld: symbol(s) not found for architecture x86_64
clang: error: linker command failed with exit code 1 (use -v to see invocation)
So, how can I fix it and build my project with your library?
Move ctors and assignment operators should have noexcept specification which enables optimized versions in STL code.
Boost is only required for tests. Usually people need only library.
Currently when validation fails due to claim restriction the library throws ValidationError("Invalid token."). Should provide a detailed explanation of the problem.
Currently JWT throws same exception type for both format errors and validation errors, so it is impossible to distinguish between a non-jwt and, say, an expired jwt. Should throw different exception types.
According to RFC7519 ( https://tools.ietf.org/html/rfc7519#section-5.1 ):
If present, it is RECOMMENDED that
its value be "JWT" to indicate that this object is a JWT. While
media type names are not case sensitive, it is RECOMMENDED that "JWT"
always be spelled using uppercase characters for compatibility with
legacy implementations. Use of this Header Parameter is OPTIONAL.
Also it should be case-insensitive.
Currently if the 'typ' header is missing such token considered to be invalid:
& tools/jwttool -V eyJhbGciOiJSUzI1NiJ9.<payload>.<signature>
The token is invalid. "typ" should be "JWT". Actual value: "".
I'm tried to link library by CMakeLists.txt, but compilation failed with error:
/usr/bin/ld: /usr/local/lib/libjwtxx.a(utils.cpp.o): undefined reference to «X509_free@@OPENSSL_1.0.0»
//lib/x86_64-linux-gnu/libcrypto.so.1.0.0: error adding symbols: DSO missing from command line
collect2: error: ld returned 1 exit status
What's the reason of this error?
The JWTXX::Pairs
is essentially typedef std::unordered_map< std::string, std::string >
and doesn't let me specify an integar for the value of a pair. This causes some problems if the receiving end is strict about the types. Is there an easy way to solve this?
JWTXX::stringToAlg throws JWTXX::Error. Should be JWTXX::JWT::ParseError.
Currently cppcheck is only applied to the library itself. Should also check tools.
I am creating token using HS256 algorithm. But I would like to create a new auth token after a particular interval.
The operator lacks deletion of previously allocated memory.
JWTXX should support password-protected keys.
The library doesn't seem to produce valid signatures when using the ES256 algorithm. We have a private/public elliptical curve key pair we use and the produced and verified signature only seem to work internally with the library.
The server we're trying to hit against seems to think the signature is invalid. Additionally, if I feed in a JWT string produced by a different library, jwtxx seems to think the signature is invalid as well.
In some cases we need to capture by reference, not by value.
'typ' and 'alg' header fields are ignored. Algorithm is taken from the key. JWT constructor/validator should also check these fields.
Currently it is possible to supply a non-jwt and receive only "Signature is invalid" error. In order to distinguish physical (structure) and logical (validation) errors the structure validation should be performed first.
After creating JWT::Token, sending the request to oauth2.googleapis to get the Access Token. But request failing with the following error response. Response: {"error":"invalid_grant","error_description":"Invalid grant: account not found"}
The build of the library works well, but I'm not able to compile the second examples.
Source code:
https://github.com/madf/jwtxx#rs256
Compile command:
$ g++ -Wall -ljwtxx -std=c++11 test_jwt.cpp
Output:
/tmp/ccwPesGx.o: In function main': test_jwt.cpp:(.text+0x113): undefined reference to
JWTXX::JWT::JWT(JWTXX::Algorithm, std::unordered_map<std::string, std::string, std::hashstd::string, std::equal_tostd::string, std::allocator<std::pair<std::string const, std::string> > >, std::unordered_map<std::string, std::string, std::hashstd::string, std::equal_tostd::string, std::allocator<std::pair<std::string const, std::string> > >)'
test_jwt.cpp:(.text+0x1cb): undefined reference to JWTXX::JWT::token(std::string const&, std::function<std::string ()> const&) const' test_jwt.cpp:(.text+0x223): undefined reference to
JWTXX::Validate::exp(long)'
test_jwt.cpp:(.text+0x2b0): undefined reference to JWTXX::Key::Key(JWTXX::Algorithm, std::string const&, std::function<std::string ()> const&)' test_jwt.cpp:(.text+0x2d4): undefined reference to
JWTXX::JWT::JWT(std::string const&, JWTXX::Key, std::vector<std::function<JWTXX::ValidationResult (std::unordered_map<std::string, std::string, std::hashstd::string, std::equal_tostd::string, std::allocator<std::pair<std::string const, std::string> > > const&)>, std::allocator<std::function<JWTXX::ValidationResult (std::unordered_map<std::string, std::string, std::hashstd::string, std::equal_tostd::string, std::allocator<std::pair<std::string const, std::string> > > const&)> > >&&)'
test_jwt.cpp:(.text+0x2e3): undefined reference to JWTXX::Key::~Key()' test_jwt.cpp:(.text+0x39a): undefined reference to
JWTXX::JWT::claim(std::string const&) const'
test_jwt.cpp:(.text+0x3e4): undefined reference to JWTXX::JWT::claim(std::string const&) const' test_jwt.cpp:(.text+0x406): undefined reference to
JWTXX::algToString(JWTXX::Algorithm)'
test_jwt.cpp:(.text+0x611): undefined reference to `JWTXX::Key::~Key()'
collect2: error: ld returned 1 exit status
Where's the error? Or what I'm doing wrong?
The following (incorrect) signature causes jwttool carsh:
eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJ1c2VyIn0=.MEQCIBdCBXE3V2KVA6S0OEaAemHAPlRvzVgxg3bgKEQbSCNkAiBS2gtJold5hgkFk2yjidFFChcXg6DY8GmzyYOd4NExSQ==
Reason: terminate called without an active exception
JWTXX should check token expiration if present.
Hello, I have a question the output of sign function using ES256 algorithm.
According to the RFC 7515, the result of the digital signature is the Elliptic Curve (EC) point (R, S), where R and S are unsigned integers. The JWS Signature is the value R || S. When the algorithm is ES256, the length of R || S is 64. However, the jwtxx library produces size of 72(EVP_DigestSignFinal(,.,.&res)). Could you help me? Why the sizes are different?
Thank you in advance. Your lib and codes very helpful for me to understand the JWT.
If the token misses 'alg' or 'typ' jwttool still prints them. E.g. "eyJhbGciOiJSUzI1NiJ9." shows the following header:
{
"typ": "JWT",
"alg": "RS256"
}
.
<payload>
though the header is
& echo "eyJhbGciOiJSUzI1NiJ9" | base64 -d
{"alg":"RS256"}
Currently tests are included in the 'all' target. They are slow to compile and usually unnecessary. Should be excluded from the 'all' target.
When constructing a JWT from a token the constructor throws "Invalid token" if validation fails. Should be a meaningful error message.
JWTXX currently supports Linux (and probably FreeBSD) and Mac OS X. Should also support Windows - Cygwin/MinGW and Visual Studio.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.