defaultJWTParser
JWTKeyCollection.swift:22let defaultJWTParser: any JWTParser
let defaultJWTParser: any JWTParser
import JWTKit
🔑 JSON Web Token signing and verification (HMAC, RSA, PSS, ECDSA, EdDSA) using SwiftCrypto.
actor JWTKeyCollection
A collection of JWT and JWK signers for handling JSON Web Tokens (JWTs).
protocol JWTParser : Sendable
init(defaultJWTParser: some JWTParser = DefaultJWTParser(), defaultJWTSerializer: some JWTSerializer = DefaultJWTSerializer(), logger: Logger = Logger(label: "jwt_kit_do_not_log", factory: { _ in SwiftLogNoOpLogHandler() }))
Creates a new empty Signers collection.
let defaultJWTSerializer: any JWTSerializer
@discardableResult func add(ecdsa key: some ECDSAKey, kid: JWKIdentifier? = nil, parser: some JWTParser = DefaultJWTParser(), serializer: some JWTSerializer = DefaultJWTSerializer()) -> Self
Adds an ECDSA key to the collection.
@discardableResult func add(eddsa key: some EdDSAKey, kid: JWKIdentifier? = nil, parser: some JWTParser = DefaultJWTParser(), serializer: some JWTSerializer = DefaultJWTSerializer()) -> Self
Adds an EdDSA key to the collection using an EdDSAKey
.
@discardableResult func add(hmac key: HMACKey, digestAlgorithm: DigestAlgorithm, kid: JWKIdentifier? = nil, parser: some JWTParser = DefaultJWTParser(), serializer: some JWTSerializer = DefaultJWTSerializer()) -> Self
Adds an HMAC key to the collection.
@discardableResult func add(jwk: JWK, isDefault: Bool? = nil) throws -> Self
Adds a single JWK
(JSON Web Key) to the collection.
@discardableResult func add(jwks: JWKS) throws -> Self
Adds a JWKS
(JSON Web Key Set) directly to the collection.
@discardableResult func add(jwksJSON json: String) throws -> Self
Adds a JWKS
(JSON Web Key Set) to the collection by decoding a JSON string.
@discardableResult func add(pss key: some RSAKey, digestAlgorithm: DigestAlgorithm, kid: JWKIdentifier? = nil, parser: some JWTParser = DefaultJWTParser(), serializer: some JWTSerializer = DefaultJWTSerializer()) -> Self
Adds a PSS key to the collection.
@discardableResult func add(rsa key: some RSAKey, digestAlgorithm: DigestAlgorithm, kid: JWKIdentifier? = nil, parser: some JWTParser = DefaultJWTParser(), serializer: some JWTSerializer = DefaultJWTSerializer()) -> Self
Adds an RSA key to the collection.
@discardableResult func addUnsecuredNone(kid: JWKIdentifier? = nil, parser: some JWTParser = DefaultJWTParser(), serializer: some JWTSerializer = DefaultJWTSerializer()) -> Self
Adds a configuration for JWTs without a signature.
func getKey(for kid: JWKIdentifier? = nil, alg: String? = nil) async throws -> any JWTAlgorithm
Retrieves the key associated with the provided key identifier (KID) and algorithm (ALG), if available.
func sign(_ payload: some JWTPayload, kid: JWKIdentifier? = nil, header: JWTHeader = JWTHeader()) async throws -> String
Signs a JWT payload and returns the JWT string.
func unverified<Payload>(_ token: String, as _: Payload.Type = Payload.self, parser: (any JWTParser)? = nil) throws -> Payload where Payload : JWTPayload
Decodes an unverified JWT payload.
func unverified<Payload>(_ token: some DataProtocol, as _: Payload.Type = Payload.self, parser: (any JWTParser)? = nil) throws -> Payload where Payload : JWTPayload
Decodes an unverified JWT payload.
func verify<Payload>(_ token: String, as _: Payload.Type = Payload.self, iteratingKeys: Bool = false) async throws -> Payload where Payload : JWTPayload
Verifies and decodes a JWT token to extract the payload.
func verify<Payload>(_ token: some DataProtocol & Sendable, as _: Payload.Type = Payload.self, iteratingKeys: Bool = false) async throws -> Payload where Payload : JWTPayload
Verifies and decodes a JWT token to extract the payload.