cl-jwk
2023-10-21
Common Lisp system for decoding public JSON Web Keys (JWK)
Upstream URL
Author
Maintainer
License
1cl-jwk
cl-jwk
is a Common Lisp system for parsing public JSON Web Keys
(JWK).
The following JWK keys are supported by the system.
RSA
EC P-256
EC P-384
EC P-521
EC secp256k1
oct
(symmetric key)
2Requirements
3Installation
Clone the repo in your Quicklisp local-projects directory.
(ql:register-local-projects)
Then load the system.
(ql:quickload :cl-jwk)
NOTE: cl-jwk
uses features from latest ironclad
, so make sure that
you are using the latest ironclad
release from Github, until it gets
published on Quicklisp.
4Usage
In order to decode a public JWK key from a JSON object, simply call
the CL-JWK:DECODE
generic function.
For instance, in order to decode one of the test keys used by the
cl-jwk.test
system, you can call CL-JWK:DECODE
like this.
CL-USER> (defparameter *json-data*
(uiop:read-file-string
(asdf:system-relative-pathname :cl-jwk.test "tests/test-keys/rsa-3072-pub.json")))
*JSON-DATA*
CL-USER> (cl-jwk:decode :json *json-data*)
#<CL-JWK.CORE:JWK {100510EB73}>
Upon successful decoding of the JSON data the CL-JWK:DECODE
method
will return a CL-JWK:JWK
class instance. Use the available readers
to get more details about the decoded public key. The following reader
methods are available for a CL-JWK:JWK
instance.
CL-JWK:JWK-KTY
CL-JWK:JWK-USE
CL-JWK:JWK-KID
CL-JWK:JWK-ALG
CL-JWK:JWK-KEY-OPS
CL-JWK:JWK-KEY
The CL-JWK:JWK-KEY
method returns an instance of an ironclad
public key.
You can also fetch public JWKs from an OpenID Provider. For example:
CL-USER> (defparameter *client*
(cl-jwk:make-client :hostname "accounts.google.com"))
*CLIENT*
CL-USER> (cl-jwk:public-keys *client*)
(#<CL-JWK.CORE:JWK {10021B5FD3}> #<CL-JWK.CORE:JWK {10021B6053}>
#<CL-JWK.CORE:JWK {10021B60D3}>)
Token verification can be done using the CL-JWK:VERIFY-TOKEN
generic
function. CL-JWK:VERIFY-TOKEN
is implemented for both CL-JWK:JWK
and CL-JWK:CLIENT
classes.
5Tests
The cl-jwk
tests are provided as part of the
:cl-jwk.test
system.
In order to run the tests you can evaluate the following expressions.
CL-USER> (ql:quickload :cl-jwk.test)
CL-USER> (asdf:test-system :cl-jwk.test)
Or you can run the tests using the scripts/run-tests.sh
shell script
instead, e.g.
env LISP=sbcl ./scripts/run-tests.sh
6Contributing
cl-jwk
is hosted on Github. Please contribute by reporting
issues, suggesting features or by sending patches using pull requests.
7Authors
- Marin Atanasov Nikolov <dnaeon@gmail.com>
8License
This project is Open Source and licensed under the BSD License.