VerifyJSONWebToken | Reference

Verify a JWT token

Syntax

LOADLIB "wh::internet/jwt.whlib";

OBJECT FUNCTION VerifyJSONWebToken(STRING authvalue, RECORD options)

STRING authvalue

An authorization value (a dot-separated string-encoded JWT token)

RECORD options

Options

STRING ARRAY alg

Accepted algorithms (required)

STRING ARRAY aud

Accepted audiences

INTEGER grace_period

Accepted difference between verify_at and token dates in milliseconds. Defaults to 30 secs

STRING ARRAY iss

Accepted issuers

STRING jti

Expected JWT ID

FUNCTION PTR secret_callback

This function is called to retrieve the secret or public/private key based on the key identifier (kid) from the header

STRING ARRAY sub

Accepted subjects

RECORD translations

Translation to use when JSON encoding/decoding the token payload

DATETIME verify_at

Reference date for expiration (defaults to GetCurrentDateTime)

OBJECT

The verified JSONWebToken (this function throws when the token could not be verified)