ColdBox Module for encoding and decoding JSON Web Tokens (JWT). This is a port of the CF-JWT-Simple project which itself is a port of the node.js project node-jwt-simple to CFML. It currently supports HmacSHA256, HmacSHA384, and HmacSHA512 signing algorithms.
The module has three functions, encode, decode and verify.
jwt.encode( payload , key , [ algorithm ] ); jwt.decode( token , key , [ algorithm ] ); jwt.verify( token , key , [ algorithm ] );
payload is a JSON string, the
key is a string containing your encoding/decoding password, the
token is a string containing the result of a previous JWT encoding and the optional
algorithm value is one of HmacSHA256, HmacSHA384 or HmacSHA512 (default).
This could be used within a ColdBox security interceptor to create the JWT (encode), decode the JWT or verify the JWT is valid. When using it in an interceptor you need to declare the property using the lazy injector using the
provider keyword, e.g.:
property name="jwt" inject="provider:[email protected]";