l8w8jwt
Loading...
Searching...
No Matches
Public Attributes | List of all members
l8w8jwt_decoding_params Struct Reference

#include <decode.h>

Public Attributes

char * jwt
 
size_t jwt_length
 
int alg
 
char * validate_iss
 
size_t validate_iss_length
 
char * validate_sub
 
size_t validate_sub_length
 
char * validate_aud
 
size_t validate_aud_length
 
char * validate_jti
 
size_t validate_jti_length
 
int validate_exp
 
int validate_nbf
 
int validate_iat
 
uint8_t exp_tolerance_seconds
 
uint8_t nbf_tolerance_seconds
 
uint8_t iat_tolerance_seconds
 
unsigned char * verification_key
 
size_t verification_key_length
 
char * validate_typ
 
size_t validate_typ_length
 

Detailed Description

Struct containing the parameters to use for decoding and validating a JWT.

Member Data Documentation

◆ alg

int l8w8jwt_decoding_params::alg

The signature algorithm ID.

[0;2] = HS256/384/512 | [3;5] = RS256/384/512 | [6;8] = PS256/384/512 | [9;11] = ES256/384/512

This affects what should be the value of verification_key

◆ exp_tolerance_seconds

uint8_t l8w8jwt_decoding_params::exp_tolerance_seconds

Small inconsistencies in time can happen, or also latency between clients and servers. That's just life. You can forgive a few seconds of expiration, but don't exaggerate this!

Only taken into consideration if validate_exp is set to 1.

◆ iat_tolerance_seconds

uint8_t l8w8jwt_decoding_params::iat_tolerance_seconds

The amount of seconds to subtract from the current time when comparing the "issued at" claim, to allow for a small tolerance time frame. Only taken into consideration if validate_iat is set to 1.

◆ jwt

char* l8w8jwt_decoding_params::jwt

The token to decode and validate.

◆ jwt_length

size_t l8w8jwt_decoding_params::jwt_length

The jwt string length.

◆ nbf_tolerance_seconds

uint8_t l8w8jwt_decoding_params::nbf_tolerance_seconds

The amount of seconds to subtract from the current time when comparing the "not before" claim, to allow for a small tolerance time frame. Only taken into consideration if validate_nbf is set to 1.

◆ validate_aud

char* l8w8jwt_decoding_params::validate_aud

[OPTIONAL] The audience claim (who is the JWT intended for? Who is the intended JWT's recipient?).

Set to NULL if you don't want to validate the audience.

The JWT will only pass verification if its aud matches this string.

See also
https://tools.ietf.org/html/rfc7519#section-4.1.3

◆ validate_aud_length

size_t l8w8jwt_decoding_params::validate_aud_length

validate_aud string length.

◆ validate_exp

int l8w8jwt_decoding_params::validate_exp

Should the expiration claim be verified? If this is set to 1, the exp claim will be compared to the current date and time + exp_tolerance_seconds

◆ validate_iat

int l8w8jwt_decoding_params::validate_iat

Should the "issued at" claim be verified? If this is set to 1, the iat claim will be compared to the current date and time + iat_tolerance_seconds

◆ validate_iss

char* l8w8jwt_decoding_params::validate_iss

[OPTIONAL] The issuer claim (who issued the JWT?).

Set to NULL if you don't want to validate the issuer.

The JWT will only pass verification if its iss claim matches this string.

See also
https://tools.ietf.org/html/rfc7519#section-4.1.1

◆ validate_iss_length

size_t l8w8jwt_decoding_params::validate_iss_length

validate_iss string length.

◆ validate_jti

char* l8w8jwt_decoding_params::validate_jti

[OPTIONAL] The JWT ID. Provides a unique identifier for the token.

Set to NULL if you don't want to validate the jti claim.

The JWT will only pass verification if its jti matches this string.

See also
https://tools.ietf.org/html/rfc7519#section-4.1.7

◆ validate_jti_length

size_t l8w8jwt_decoding_params::validate_jti_length

validate_jti claim length.

◆ validate_nbf

int l8w8jwt_decoding_params::validate_nbf

Should the "not before" claim be verified? If this is set to 1, the nbf claim will be compared to the current date and time + nbf_tolerance_seconds

◆ validate_sub

char* l8w8jwt_decoding_params::validate_sub

[OPTIONAL] The subject claim (who is the JWT about?).

Set to NULL if you don't want to validate the subject claim.

The JWT will only pass verification if its sub matches this string.

See also
https://tools.ietf.org/html/rfc7519#section-4.1.2

◆ validate_sub_length

size_t l8w8jwt_decoding_params::validate_sub_length

validate_sub string length.

◆ validate_typ

char* l8w8jwt_decoding_params::validate_typ

[OPTIONAL] The typ claim (what type is the token?).

Set to NULL if you don't want to validate the "typ" claim.

◆ validate_typ_length

size_t l8w8jwt_decoding_params::validate_typ_length

validate_typ string length.

◆ verification_key

unsigned char* l8w8jwt_decoding_params::verification_key

The key to use for verifying the token's signature (e.g. if you chose HS256 as algorithm, this will be the HMAC secret; for RS512 this will be the PEM-formatted public RSA key string, etc...).

◆ verification_key_length

size_t l8w8jwt_decoding_params::verification_key_length

Length of the verification_key

The documentation for this struct was generated from the following file:
Generated by doxygen 1.9.8