[fpc-pascal] JSON Web Token (JWT) implementation needed
Michael Van Canneyt
michael at freepascal.org
Fri Jan 8 09:16:42 CET 2016
On Fri, 8 Jan 2016, leledumbo wrote:
> Some questions:1. How to verify the signature? My grep result in packages
> folder doesn't show that we have HMAC256 function.
I didn't implement verification, and I don't plan any.
But contributions are welcome.
> 2. The following
> sample:{$mode objfpc}{$H+}uses fpjwt, jsonparser;const EncodedStr =
> 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ';var
> j: TJWT;begin j := TJWT.Create; j.AsString := EncodedStr;
> WriteLn(j.AsString); WriteLn(EncodedStr); j.Free;end.Shows that the
> original EncodedStr and j.AsString differs.
> Is this OK or a bug?
That is OK.
The encoded value depends for example on the amount of whitespace in the JSON.
Also, JSON doesn't specify an order of keys (property names), so the input and
output keys can be in a different order, which will also result in a different
encoded value.
Michael.
More information about the fpc-pascal
mailing list