Module Sihl_utils.JwtSource

This module implements JSON Web tokens. They are typically used decouple authentication from the other parts of a system.

Sourcetype algorithm = Jwto.algorithm =
  1. | HS256
  2. | HS512
  3. | Unknown
Sourcetype t = Jwto.t
Sourcetype payload
Sourceval empty : payload
Sourceval add_claim : key:string -> value:string -> payload -> payload
Sourceval set_expires_in : now:Ptime.t -> Time.duration -> payload -> payload

Adds the "exp" claim.

Sourceval encode : algorithm -> secret:string -> payload -> (string, string) result
Sourceval decode : secret:string -> string -> (t, string) result

Checks whether the signature is correct and decodes the base64 string representation to t.

Sourceval get_claim : key:string -> t -> string option
Sourceval is_expired : now:Ptime.t -> ?claim:string -> t -> bool

Checks whether the claim of the token t is in the past by looking at now. If no exp claim was not found the token can not expire and is_expired returns true. A custom claim can be provided, by default it looks for "exp".

Sourceval pp : Format.formatter -> t -> unit
Sourceval eq : t -> t -> bool
Sourcemodule Jwto = Jwto