The Json Web Token, or JWT, is a terse representation of a pair of JSON object: the header, and the body. The JWT can be encoded, in which case the header is encoded to base64 with the URL alphabet, and without padding characters, the body is also encoded to base64, and the concatenation of the encoding of the header, a dot, and the encoding of the body is signed with some cryptography algorithm. In the following, we will only be interested by public-key cryptography. The concatenation of header, dot, body, dot and signature in base64 is the encoding of the JWT.
(pomdappi jwt) module defines the data type for a JWT. For
the sake of compatibility with the guile-json library, JSON objects
are parsed to scheme as an alist, and JSON arrays as scheme vectors.
Check whether x is a parsed JWT, i.e. a pair of a JWT header and a JWT body.
Check whether x is a JWT header, in which case the key “alg” should be set, or a JWT body.
Return the header (resp. body) of jwt if jwt is a JWT, or
Get the value of the “alg” field of the jwt header.
Create a JWT out of header and body. If header is
not a valid JWT header or body is not a valid JWT body, return
Decode the encoded JWT in str, and call the user-supplied verify procedure to check the signature. verify is invoked with the following argument:
If the verify function returns
#f. Otherwise, the signature is accepted and
jwt-decode returns the parsed JWT.
Return the encoded version of jwt, signed with key. If you’re just passing a JWT around that you have not created, you need to remember its original encoding, because you will not be able to sign it.
Check that a and b are both JWTs and have the same header values and the same body values.