libjwt/jwt_8h_source.html

/* Copyright (C) 2015-2023 Ben Collins <bcollins@maclara-llc.com>

   This file is part of the JWT C Library


   SPDX-License-Identifier:  MPL-2.0

   This Source Code Form is subject to the terms of the Mozilla Public

   License, v. 2.0. If a copy of the MPL was not distributed with this

   file, You can obtain one at http://mozilla.org/MPL/2.0/. */


#ifndef JWT_H

#define JWT_H


#include <stdio.h>

#include <time.h>


#ifdef _MSC_VER


    #define DEPRECATED(func) __declspec(deprecated) func


    #define alloca _alloca

    #define strcasecmp _stricmp

    #define strdup _strdup


    #ifdef JWT_DLL_CONFIG

        #ifdef JWT_BUILD_SHARED_LIBRARY

            #define JWT_EXPORT __declspec(dllexport)

        #else

            #define JWT_EXPORT __declspec(dllimport)

        #endif

    #else

        #define JWT_EXPORT

    #endif


#else


    #define DEPRECATED(func) func __attribute__ ((deprecated))

    #define JWT_EXPORT


#endif


#ifdef __cplusplus

extern "C" {

#endif


typedef struct jwt jwt_t;


typedef struct jwt_valid jwt_valid_t;


typedef enum jwt_alg {

    JWT_ALG_NONE = 0,

    JWT_ALG_HS256,

    JWT_ALG_HS384,

    JWT_ALG_HS512,

    JWT_ALG_RS256,

    JWT_ALG_RS384,

    JWT_ALG_RS512,

    JWT_ALG_ES256,

    JWT_ALG_ES384,

    JWT_ALG_ES512,

#ifndef HAVE_OPENSSL

    JWT_ALG_PS256,

    JWT_ALG_PS384,

    JWT_ALG_PS512,

#endif

    JWT_ALG_TERM

} jwt_alg_t;


#define JWT_ALG_INVAL JWT_ALG_TERM


#define JWT_VALIDATION_SUCCESS      0x0000

#define JWT_VALIDATION_ERROR        0x0001  /* General failures */

#define JWT_VALIDATION_ALG_MISMATCH 0x0002

#define JWT_VALIDATION_EXPIRED      0x0004

#define JWT_VALIDATION_TOO_NEW      0x0008

#define JWT_VALIDATION_ISS_MISMATCH 0x0010

#define JWT_VALIDATION_SUB_MISMATCH 0x0020

#define JWT_VALIDATION_AUD_MISMATCH 0x0040

#define JWT_VALIDATION_GRANT_MISSING    0x0080

#define JWT_VALIDATION_GRANT_MISMATCH   0x0100


typedef void *(*jwt_malloc_t)(size_t);

typedef void *(*jwt_realloc_t)(void *, size_t);

typedef void (*jwt_free_t)(void *);


typedef struct {

    const unsigned char *jwt_key;

    int jwt_key_len;

} jwt_key_t;


typedef int (*jwt_key_p_t)(const jwt_t *, jwt_key_t *);


JWT_EXPORT int jwt_new(jwt_t **jwt);


JWT_EXPORT int jwt_decode(jwt_t **jwt, const char *token,

                     const unsigned char *key, int key_len);


JWT_EXPORT int jwt_decode_2(jwt_t **jwt, const char *token, jwt_key_p_t key_provider);


JWT_EXPORT void jwt_free(jwt_t *jwt);


JWT_EXPORT jwt_t *jwt_dup(jwt_t *jwt);


JWT_EXPORT const char *jwt_get_grant(jwt_t *jwt, const char *grant);


JWT_EXPORT long jwt_get_grant_int(jwt_t *jwt, const char *grant);


JWT_EXPORT int jwt_get_grant_bool(jwt_t *jwt, const char *grant);


JWT_EXPORT char *jwt_get_grants_json(jwt_t *jwt, const char *grant);


JWT_EXPORT int jwt_add_grant(jwt_t *jwt, const char *grant, const char *val);


JWT_EXPORT int jwt_add_grant_int(jwt_t *jwt, const char *grant, long val);


JWT_EXPORT int jwt_add_grant_bool(jwt_t *jwt, const char *grant, int val);


JWT_EXPORT int jwt_add_grants_json(jwt_t *jwt, const char *json);


JWT_EXPORT int jwt_del_grants(jwt_t *jwt, const char *grant);


JWT_EXPORT const char *jwt_get_header(jwt_t *jwt, const char *header);


JWT_EXPORT long jwt_get_header_int(jwt_t *jwt, const char *header);


JWT_EXPORT int jwt_get_header_bool(jwt_t *jwt, const char *header);


JWT_EXPORT char *jwt_get_headers_json(jwt_t *jwt, const char *header);


JWT_EXPORT int jwt_add_header(jwt_t *jwt, const char *header, const char *val);


JWT_EXPORT int jwt_add_header_int(jwt_t *jwt, const char *header, long val);


JWT_EXPORT int jwt_add_header_bool(jwt_t *jwt, const char *header, int val);


JWT_EXPORT int jwt_add_headers_json(jwt_t *jwt, const char *json);


JWT_EXPORT int jwt_del_headers(jwt_t *jwt, const char *header);


JWT_EXPORT int jwt_dump_fp(jwt_t *jwt, FILE *fp, int pretty);


JWT_EXPORT char *jwt_dump_str(jwt_t *jwt, int pretty);


JWT_EXPORT int jwt_encode_fp(jwt_t *jwt, FILE *fp);


JWT_EXPORT char *jwt_encode_str(jwt_t *jwt);


JWT_EXPORT void jwt_free_str(char *str);


JWT_EXPORT int jwt_set_alg(jwt_t *jwt, jwt_alg_t alg, const unsigned char *key, int len);


JWT_EXPORT jwt_alg_t jwt_get_alg(const jwt_t *jwt);


JWT_EXPORT const char *jwt_alg_str(jwt_alg_t alg);


JWT_EXPORT jwt_alg_t jwt_str_alg(const char *alg);


JWT_EXPORT int jwt_set_alloc(jwt_malloc_t pmalloc, jwt_realloc_t prealloc, jwt_free_t pfree);


JWT_EXPORT void jwt_get_alloc(jwt_malloc_t *pmalloc, jwt_realloc_t *prealloc, jwt_free_t *pfree);


JWT_EXPORT unsigned int jwt_validate(jwt_t *jwt, jwt_valid_t *jwt_valid);


JWT_EXPORT int jwt_valid_new(jwt_valid_t **jwt_valid, jwt_alg_t alg);


JWT_EXPORT void jwt_valid_free(jwt_valid_t *jwt_valid);


JWT_EXPORT unsigned int jwt_valid_get_status(jwt_valid_t *jwt_valid);


JWT_EXPORT time_t jwt_valid_get_nbf_leeway(jwt_valid_t *jwt_valid);


JWT_EXPORT time_t jwt_valid_get_exp_leeway(jwt_valid_t *jwt_valid);


JWT_EXPORT int jwt_valid_add_grant(jwt_valid_t *jwt_valid, const char *grant, const char *val);


JWT_EXPORT const char *jwt_valid_get_grant(jwt_valid_t *jwt_valid, const char *grant);


JWT_EXPORT int jwt_valid_add_grant_int(jwt_valid_t *jwt_valid, const char *grant, long val);


JWT_EXPORT long jwt_valid_get_grant_int(jwt_valid_t *jwt_valid, const char *grant);


JWT_EXPORT int jwt_valid_add_grant_bool(jwt_valid_t *jwt_valid, const char *grant, int val);


JWT_EXPORT int jwt_valid_get_grant_bool(jwt_valid_t *jwt_valid, const char *grant);


JWT_EXPORT int jwt_valid_add_grants_json(jwt_valid_t *jwt_valid, const char *json);


JWT_EXPORT char* jwt_valid_get_grants_json(jwt_valid_t *jwt_valid, const char *grant);


JWT_EXPORT int jwt_valid_del_grants(jwt_valid_t *jwt_valid, const char *grant);


JWT_EXPORT int jwt_valid_set_now(jwt_valid_t *jwt_valid, const time_t now);


JWT_EXPORT int jwt_valid_set_nbf_leeway(jwt_valid_t *jwt_valid, const time_t nbf_leeway);


JWT_EXPORT int jwt_valid_set_exp_leeway(jwt_valid_t *jwt_valid, const time_t exp_leeway);


JWT_EXPORT int jwt_valid_set_headers(jwt_valid_t *jwt_valid, int hdr);


JWT_EXPORT char *jwt_exception_str(unsigned int exceptions);


#ifdef __cplusplus

}

#endif


#endif /* JWT_H */

jwt_get_alg
jwt_alg_t jwt_get_alg(const jwt_t *jwt)
Get the jwt_alg_t set for this JWT object.

jwt_set_alg
int jwt_set_alg(jwt_t *jwt, jwt_alg_t alg, const unsigned char *key, int len)
Set an algorithm from jwt_alg_t for this JWT object.

jwt_alg_str
const char * jwt_alg_str(jwt_alg_t alg)
Convert alg type to it's string representation.

jwt_str_alg
jwt_alg_t jwt_str_alg(const char *alg)
Convert alg string to type.

jwt_encode_str
char * jwt_encode_str(jwt_t *jwt)
Fully encode a JWT object and return as a string.

jwt_dump_str
char * jwt_dump_str(jwt_t *jwt, int pretty)
Return plain text representation as a string.

jwt_free_str
void jwt_free_str(char *str)
Free a string returned from the library.

jwt_encode_fp
int jwt_encode_fp(jwt_t *jwt, FILE *fp)
Fully encode a JWT object and write it to FILE.

jwt_dump_fp
int jwt_dump_fp(jwt_t *jwt, FILE *fp, int pretty)
Output plain text representation to a FILE pointer.

jwt_add_grants_json
int jwt_add_grants_json(jwt_t *jwt, const char *json)
Add grants from a JSON encoded object string.

jwt_del_grants
int jwt_del_grants(jwt_t *jwt, const char *grant)
Delete a grant from this JWT object.

jwt_get_grant
const char * jwt_get_grant(jwt_t *jwt, const char *grant)
Return the value of a string grant.

jwt_get_grant_bool
int jwt_get_grant_bool(jwt_t *jwt, const char *grant)
Return the value of an boolean grant.

jwt_add_grant
int jwt_add_grant(jwt_t *jwt, const char *grant, const char *val)
Add a new string grant to this JWT object.

jwt_get_grants_json
char * jwt_get_grants_json(jwt_t *jwt, const char *grant)
Return the value of a grant as JSON encoded object string.

jwt_add_grant_bool
int jwt_add_grant_bool(jwt_t *jwt, const char *grant, int val)
Add a new boolean grant to this JWT object.

jwt_get_grant_int
long jwt_get_grant_int(jwt_t *jwt, const char *grant)
Return the value of an integer grant.

jwt_add_grant_int
int jwt_add_grant_int(jwt_t *jwt, const char *grant, long val)
Add a new integer grant to this JWT object.

jwt_add_header
int jwt_add_header(jwt_t *jwt, const char *header, const char *val)
Add a new string header to this JWT object.

jwt_add_header_int
int jwt_add_header_int(jwt_t *jwt, const char *header, long val)
Add a new integer header to this JWT object.

jwt_add_headers_json
int jwt_add_headers_json(jwt_t *jwt, const char *json)
Add headers from a JSON encoded object string.

jwt_add_header_bool
int jwt_add_header_bool(jwt_t *jwt, const char *header, int val)
Add a new boolean header to this JWT object.

jwt_get_header_bool
int jwt_get_header_bool(jwt_t *jwt, const char *header)
Return the value of an boolean header.

jwt_get_headers_json
char * jwt_get_headers_json(jwt_t *jwt, const char *header)
Return the value of a header as JSON encoded object string.

jwt_get_header
const char * jwt_get_header(jwt_t *jwt, const char *header)
Return the value of a string header.

jwt_get_header_int
long jwt_get_header_int(jwt_t *jwt, const char *header)
Return the value of an integer header.

jwt_del_headers
int jwt_del_headers(jwt_t *jwt, const char *header)
Delete a header from this JWT object.

jwt_set_alloc
int jwt_set_alloc(jwt_malloc_t pmalloc, jwt_realloc_t prealloc, jwt_free_t pfree)
Set functions to be used for allocating and freeing memory.

jwt_get_alloc
void jwt_get_alloc(jwt_malloc_t *pmalloc, jwt_realloc_t *prealloc, jwt_free_t *pfree)
Get functions used for allocating and freeing memory.

jwt_decode
int jwt_decode(jwt_t **jwt, const char *token, const unsigned char *key, int key_len)
Verify an existing JWT and allocate a new JWT object from it.

jwt_decode_2
int jwt_decode_2(jwt_t **jwt, const char *token, jwt_key_p_t key_provider)
Like jwt_decode(), but the key will be obtained via the key provider.

jwt_new
int jwt_new(jwt_t **jwt)
Allocate a new, empty, JWT object.

jwt_dup
jwt_t * jwt_dup(jwt_t *jwt)
Duplicate an existing JWT object.

jwt_free
void jwt_free(jwt_t *jwt)
Free a JWT object and any other resources it is using.

jwt_valid_get_grant
const char * jwt_valid_get_grant(jwt_valid_t *jwt_valid, const char *grant)
Return the value of a string required grant.

jwt_valid_get_exp_leeway
time_t jwt_valid_get_exp_leeway(jwt_valid_t *jwt_valid)
Return the exp_leeway value set.

jwt_valid_set_exp_leeway
int jwt_valid_set_exp_leeway(jwt_valid_t *jwt_valid, const time_t exp_leeway)
Set the exp_leeway value as defined in: https://www.rfc-editor.org/rfc/rfc7519#section-4....

jwt_valid_add_grant_int
int jwt_valid_add_grant_int(jwt_valid_t *jwt_valid, const char *grant, long val)
Add a new integer grant requirement to this JWT validation object.

jwt_valid_set_nbf_leeway
int jwt_valid_set_nbf_leeway(jwt_valid_t *jwt_valid, const time_t nbf_leeway)
Set the nbf_leeway value as defined in: https://www.rfc-editor.org/rfc/rfc7519#section-4....

jwt_valid_free
void jwt_valid_free(jwt_valid_t *jwt_valid)
Free a JWT validation object and any other resources it is using.

jwt_valid_get_status
unsigned int jwt_valid_get_status(jwt_valid_t *jwt_valid)
Return the status string for the validation object.

jwt_valid_del_grants
int jwt_valid_del_grants(jwt_valid_t *jwt_valid, const char *grant)
Delete a grant from this JWT object.

jwt_valid_add_grants_json
int jwt_valid_add_grants_json(jwt_valid_t *jwt_valid, const char *json)
Add required grants from a JSON encoded object string.

jwt_valid_get_grant_int
long jwt_valid_get_grant_int(jwt_valid_t *jwt_valid, const char *grant)
Return the value of an integer required grant.

jwt_exception_str
char * jwt_exception_str(unsigned int exceptions)
Parses exceptions and returns a comma delimited and human-readable string.

jwt_valid_set_headers
int jwt_valid_set_headers(jwt_valid_t *jwt_valid, int hdr)
Set validation for replicated claims in headers.

jwt_valid_add_grant
int jwt_valid_add_grant(jwt_valid_t *jwt_valid, const char *grant, const char *val)
Add a new string grant requirement to this JWT validation object.

jwt_valid_get_grant_bool
int jwt_valid_get_grant_bool(jwt_valid_t *jwt_valid, const char *grant)
Return the value of an boolean required grant.

jwt_valid_get_grants_json
char * jwt_valid_get_grants_json(jwt_valid_t *jwt_valid, const char *grant)
Return the value of a grant as JSON encoded object string.

jwt_valid_set_now
int jwt_valid_set_now(jwt_valid_t *jwt_valid, const time_t now)
Set the time for which expires and not-before claims should be evaluated.

jwt_valid_new
int jwt_valid_new(jwt_valid_t **jwt_valid, jwt_alg_t alg)
Allocate a new, JWT validation object.

jwt_validate
unsigned int jwt_validate(jwt_t *jwt, jwt_valid_t *jwt_valid)
Validate a JWT object with a validation object.

jwt_valid_add_grant_bool
int jwt_valid_add_grant_bool(jwt_valid_t *jwt_valid, const char *grant, int val)
Add a new boolean required grant to this JWT validation object.

jwt_valid_get_nbf_leeway
time_t jwt_valid_get_nbf_leeway(jwt_valid_t *jwt_valid)
Return the nbf_leeway value set.

JWT_EXPORT
#define JWT_EXPORT
Definition jwt.h:41

jwt_alg
jwt_alg
JWT algorithm types.
Definition jwt.h:56

JWT_ALG_NONE
@ JWT_ALG_NONE
Definition jwt.h:57

JWT_ALG_PS384
@ JWT_ALG_PS384
Definition jwt.h:69

JWT_ALG_RS384
@ JWT_ALG_RS384
Definition jwt.h:62

JWT_ALG_HS512
@ JWT_ALG_HS512
Definition jwt.h:60

JWT_ALG_PS512
@ JWT_ALG_PS512
Definition jwt.h:70

JWT_ALG_ES256
@ JWT_ALG_ES256
Definition jwt.h:64

JWT_ALG_ES512
@ JWT_ALG_ES512
Definition jwt.h:66

JWT_ALG_TERM
@ JWT_ALG_TERM
Definition jwt.h:72

JWT_ALG_RS256
@ JWT_ALG_RS256
Definition jwt.h:61

JWT_ALG_HS256
@ JWT_ALG_HS256
Definition jwt.h:58

JWT_ALG_RS512
@ JWT_ALG_RS512
Definition jwt.h:63

JWT_ALG_PS256
@ JWT_ALG_PS256
Definition jwt.h:68

JWT_ALG_ES384
@ JWT_ALG_ES384
Definition jwt.h:65

JWT_ALG_HS384
@ JWT_ALG_HS384
Definition jwt.h:59

jwt_key_p_t
int(* jwt_key_p_t)(const jwt_t *, jwt_key_t *)
Key provider - inspects the JWT to obtain the key used to verify the signature.
Definition jwt.h:101

jwt_t
struct jwt jwt_t
Opaque JWT object.
Definition jwt.h:50

jwt_valid_t
struct jwt_valid jwt_valid_t
Opaque JWT validation object.
Definition jwt.h:53

jwt_free_t
void(* jwt_free_t)(void *)
Definition jwt.h:92

jwt_alg_t
enum jwt_alg jwt_alg_t
JWT algorithm types.

jwt_malloc_t
void *(* jwt_malloc_t)(size_t)
JWT Memory allocation overrides.
Definition jwt.h:90

jwt_realloc_t
void *(* jwt_realloc_t)(void *, size_t)
Definition jwt.h:91

jwt_key_t
Structure used by key provider to return a key.
Definition jwt.h:95

jwt_key_t::jwt_key
const unsigned char * jwt_key
Definition jwt.h:96

jwt_key_t::jwt_key_len
int jwt_key_len
Definition jwt.h:97