CommunityForgeAssets listJWT
jwt
Service icon

JWT

Stable version 4.1.5 (Compatible with OutSystems 11)
Other versions available for 10
Uploaded
 on 14 Jan (2 weeks ago)
 by 
4.5
 (17 ratings)
jwt

JWT

Details
Library for creating, decoding and validating JSON Web Tokens, an open, industry standard RFC 7519 method for representing claims securely between two parties.
Asset screenshot_0Asset screenshot_1Asset screenshot_2Asset screenshot_3
Read more

Library to handle JSON Web Tokens used in server-side OAuth authentication. Currently this component allows generating and decoding tokens, which are needed to connect to existing REST services that require JWT for authentication. It supports tokens signed symmetrically (using HS256, HS384, HS512) and also asymmetrically (using RS256, RS384, RS512).


Note:

Follow your API's documentation on how to enable and authenticate using JWT. For public REST services an asymmetric key probably is needed and each service may require further claims besides the mandatory ones.

------------------------------------------------------------------------------

Currently, this component doesn’t support the following algorithms: ES256, ES384 and ES512 

------------------------------------------------------------------------------

Features list:

Generate a JSON Web Token (JWT)

Generate a token using a plain secret key as signature (symmetric).

Generate a token using a private key  (PEM file) as signature (asymmetric).

Generate a token using a JSON Web Key (JSON object) as signature.

Generate an unsigned token.


Read a JSON Web Token (JWT)

Read a token generated using the plain secret key.

Read a token generated using the public key (of generated PEM file).

Read a token generated using a public key (Json Web Key).


Get a JSON Web Key (JWK, public key) from a JSON Web Key Sets (JWKS)

Helper action to obtain the JWK from a JWKS.

 



On the roadmap

  • Suport for ES256, ES384 and ES512 
  • Custom fields in header
  • Support for binary keys
  • Nested claims
  • multiple audiences
Release notes (4.1.5)

Libraries updated:


  • JWT_Core:

Updates:

BouncyCastle.Cryptography.2.4.0 -> BouncyCastle.Cryptography.2.5.0

Microsoft.Bcl.AsyncInterfaces.8.0.0 -> Microsoft.Bcl.AsyncInterfaces.9.0.0

Microsoft.IdentityModel.Abstractions.8.2.0 -> Microsoft.IdentityModel.Abstractions.8.3.0

Microsoft.IdentityModel.JsonWebTokens.8.2.0 -> Microsoft.IdentityModel.JsonWebTokens.8.3.0

Microsoft.IdentityModel.Logging.8.2.0 -> Microsoft.IdentityModel.Logging.8.3.0

Microsoft.IdentityModel.Tokens.8.2.0 -> Microsoft.IdentityModel.Tokens.8.3.0

System.Buffers.4.5.1 -> System.Buffers.4.6.0

System.IdentityModel.Tokens.Jwt.8.2.0 -> System.IdentityModel.Tokens.Jwt.8.3.0

System.Memory.4.5.5 -> System.Memory.4.6.0

System.Numerics.Vectors.4.5.0 -> System.Numerics.Vectors.4.6.0

System.Runtime.CompilerServices.Unsafe.6.0.0 -> System.Runtime.CompilerServices.Unsafe.6.1.0

System.Text.Encodings.Web.8.0.0 -> System.Text.Encodings.Web.9.0.0

System.Text.Json.8.0.5 -> System.Text.Json.9.0.0

System.Threading.Tasks.Extensions.4.5.4 -> System.Threading.Tasks.Extensions.4.6.0

Installed:

System.IO.Pipelines.9.0.0


  • JWT_Core_Test:

Updates:

Microsoft.Testing.Extensions.Telemetry.1.4.2 -> Microsoft.Testing.Extensions.Telemetry.1.5.1

Microsoft.Testing.Extensions.TrxReport.Abstractions.1.4.2 -> Microsoft.Testing.Extensions.TrxReport.Abstractions.1.5.1

Microsoft.Testing.Extensions.VSTestBridge.1.4.2 -> Microsoft.Testing.Extensions.VSTestBridge.1.5.1

Microsoft.Testing.Platform.1.4.2 -> Microsoft.Testing.Platform.1.5.1

Microsoft.Testing.Platform.MSBuild.1.4.2 -> Microsoft.Testing.Platform.MSBuild.1.5.1

Microsoft.TestPlatform.ObjectModel.17.11.1 -> Microsoft.TestPlatform.ObjectModel.17.12.0

MSTest.TestAdapter.3.6.2 -> MSTest.TestAdapter.3.7.1

MSTest.TestFramework.3.6.2 -> MSTest.TestFramework.3.7.1

System.IdentityModel.Tokens.Jwt.8.2.0 -> System.IdentityModel.Tokens.Jwt.8.3.0

System.Text.Json.8.0.5 -> System.Text.Json.9.0.0

Installed:

MSTest.Analyzers.3.7.1

System.IO.Pipelines.9.0.0


License (4.1.5)
BSD-3 license (https://opensource.org/licenses/BSD-3-Clause)
Reviews (3)
by 
2024-05-03
in version 4.0.6
It works perfectly for creating a Signed Asymmetric Token from PemKey using a GCP serving account (no passphrase/password is needed, I posted an example in the community forum)
by 
2024-02-23
in version 4.0.6
It sucks , you cannot create the JWT without Passphrase key if you use the Asymmetric RS256 method and google service account is such a example that you can never create a JWT with it
Answer from the owner
2024-02-23
in version 4.0.6
Have you tried to post something here in Support? Have you tried report the issue properly? Have you tried to reach out to the team?...
by 
2023-02-16
in version 4.0.6
Its working fine as expected.
Team
Other assets in this category
More from João Almeida