EEJWT

一个用 Swift 编写的轻量级 iOS/macOS JSON Web Tokens 库。

该库的主要目标是尽可能地简单

只有一个包含源代码的小文件
没有外部依赖，只有 iOS/macOS API
没有固定的 token 头部和声明

支持的 JWT 算法

HS256, HS384, HS512
RS256, RS384, RS512
PS256, PS384, PS512
ES256, ES384, ES512

安装

Swift Package Manager

将 EEJWT 包添加到您的 Package.swift 文件中的依赖项。

.package(url: "https://github.com/eugeneego/EEJWT-Swift.git", from: "1.0.0")

手动

只需将 Sources/EEJWT/EEJWT.swift 文件复制到您的项目中。

使用方法

签名

let jwt = JWT()

struct Header: JWTHeader {
    var typ: String?
    var alg: String = ""
}

struct Claims: Encodable {
    var iss: String?
    var sub: String?
    var aud: [String]?
    var exp: Date?
    var nbf: Date?
    var iat: Date?
    var jti: String?
}

// HMAC and dictionary payload
let algHS = JWT.Algorithm.hs256(key: Data("test".utf8))
let tokenHS = try jwt.sign(header: ["test": "Test"], claims: ["iss": "Issuer", "sub": "123"], algorithm: algHS)
print(tokenHS)

// RSA with encodable payload
let privateKeyRS =
    """
    -----BEGIN PRIVATE KEY-----
    ...private key data here...
    -----END PRIVATE KEY-----
    """
let algRS = JWT.Algorithm.rs384(privateKey: privateKeyRS, publicKey: "")
let tokenRS = try jwt.sign(header: Header(), claims: Claims(iss: "Issuer", sub: "123"), algorithm: algRS)
print(tokenRS)

// Elliptic curve with raw data payload
let privateKeyES =
    """
    -----BEGIN PRIVATE KEY-----
    ...private key data here...
    -----END PRIVATE KEY-----
    """
let algES = JWT.Algorithm.es512(privateKey: privateKeyES, publicKey: "")
let tokenES = try jwt.sign(header: Data(), claims: Data(), algorithm: algES)
print(tokenES)

验证

let jwt = JWT()
let token = "abc.def.ghi"

// HMAC
let algHS = JWT.Algorithm.hs256(key: Data("test".utf8))
let isValidHS = jwt.verify(token: token, algorithms: [algHS])
print(isValidHS)

// RSA
let publicKeyRS =
    """
    -----BEGIN PUBLIC KEY-----
    ...public key data here...
    -----END PUBLIC KEY-----
    """
let algRS = JWT.Algorithm.rs256(privateKey: "", publicKey: publicKeyRS)
let isValidRS = jwt.verify(token: token, algorithms: [algRS])
print(isValidRS)

解码 payload

let jwt = JWT()
let token = "abc.def.ghi"

// As JSON data
let data = try jwt.decodeAsData(token: token)
print(data.header, data.claims)

// As JSON strings
let strings = try jwt.decodeAsString(token: token)
print(strings.header, strings.claims)

// As parsed dictionaries
let dictionaries = try jwt.decodeAsDictionary(token: token)
print(dictionaries.header, dictionaries.claims)

// As decodable objects
struct Header: Decodable { /* ... */ }
struct Claims: Decodable { /* ... */ }
let objects: (header: Header, claims: Claims) = try jwt.decodeAsObject(token: token)
print(objects.header, objects.claims)

许可证

本库基于 Apache 2.0 许可证发布。完整的许可证文本可在 LICENSE 中找到。

本库使用了修改后的代码片段，用于解析来自 BlueRSA 和 BlueECC 的私钥和公钥。