2020-10-10 10:47:04 +00:00
|
|
|
![Build Status](https://github.com/Componolit/jwx/workflows/tests/badge.svg?branch=master)
|
2018-08-17 19:06:28 +00:00
|
|
|
|
2018-08-17 05:18:58 +00:00
|
|
|
JWX is a library for handling [JSON](https://www.json.org/) data and more. It
|
|
|
|
is implemented in the [SPARK](http://spark-2014.org) programming language and
|
2018-08-17 19:12:04 +00:00
|
|
|
has been proven to contain no runtime errors. As a result, JWX is particularly
|
2018-08-17 05:18:58 +00:00
|
|
|
suited for processing untrusted information.
|
2018-05-13 08:27:27 +00:00
|
|
|
|
2018-08-18 13:07:20 +00:00
|
|
|
In version 0.5.0 of JWX, parsing of Base64 (RFC 4648) data, JSON (RFC 8259)
|
2018-06-01 06:29:09 +00:00
|
|
|
documents, JSON Web Keys (JWK, RFC 7517) and limited support for JSON Web
|
2018-06-09 15:09:46 +00:00
|
|
|
Signatures (JWS, RFC 7515) and JSON Web Tokens (JWT, RFC 7519) is implemented.
|
|
|
|
In the future, JSON Web Encryption (JWE, RFC 7516) and potentially [JSON
|
2018-05-13 08:27:27 +00:00
|
|
|
Schema](http://json-schema.org) is anticipated.
|
|
|
|
|
2018-08-17 05:18:58 +00:00
|
|
|
JWX is available under the AGPLv3 license. For commercial licensing and support
|
|
|
|
mail to jwx@componolit.com.
|
|
|
|
|
2018-06-09 15:09:46 +00:00
|
|
|
# Examples
|
2018-05-13 08:27:27 +00:00
|
|
|
|
2018-08-17 10:12:41 +00:00
|
|
|
API documentation is available [here](doc/api/index.html).
|
|
|
|
|
2018-06-09 15:09:46 +00:00
|
|
|
## Parsing Base64 data
|
|
|
|
|
|
|
|
```Ada
|
|
|
|
with Ada.Text_IO; use Ada.Text_IO;
|
|
|
|
with JWX.Util;
|
|
|
|
with JWX.Base64;
|
|
|
|
|
|
|
|
procedure B64 is
|
|
|
|
use JWX;
|
|
|
|
Len : Natural;
|
|
|
|
Bytes : Byte_Array (1..50);
|
|
|
|
Result : String (1..50);
|
|
|
|
begin
|
|
|
|
Base64.Decode (Encoded => "Zm9vYmFy", Length => Len, Result => Bytes);
|
|
|
|
if Len > 0 then
|
|
|
|
Util.To_String (Bytes, Result);
|
|
|
|
Put_Line (Result (1 .. Len)); -- "foobar"
|
|
|
|
end if;
|
|
|
|
end B64;
|
|
|
|
```
|
2018-05-13 08:27:27 +00:00
|
|
|
|
2018-06-01 06:29:09 +00:00
|
|
|
## Parsing JSON document
|
|
|
|
|
2018-06-09 15:09:46 +00:00
|
|
|
```Ada
|
|
|
|
with Ada.Text_IO; use Ada.Text_IO;
|
|
|
|
with JWX.JSON;
|
2018-05-13 08:27:27 +00:00
|
|
|
|
2018-06-09 15:09:46 +00:00
|
|
|
procedure JSON is
|
|
|
|
Data : String := " { ""precision"": ""zip"", ""Latitude"": 37.7668, ""Longitude"": -122.3959, ""Address"": """", ""City"": ""SAN FRANCISCO"", ""State"": ""CA"", ""Zip"": ""94107"", ""Country"": ""US"" }";
|
|
|
|
package J is new JWX.JSON (Data);
|
|
|
|
use J;
|
|
|
|
Result : Index_Type;
|
|
|
|
Match : Match_Type;
|
|
|
|
begin
|
|
|
|
Parse (Match);
|
|
|
|
if Match = Match_OK and then Get_Kind = Kind_Object
|
|
|
|
then
|
|
|
|
Result := Query_Object ("City");
|
|
|
|
Put_Line ("City: " & Get_String (Result)); -- "SAN FRANCISCO"
|
|
|
|
|
|
|
|
Result := Query_Object ("Latitude");
|
2018-07-23 23:02:52 +00:00
|
|
|
Put_Line ("Lat.: " & Get_Real (Result)'Img); -- 37.7668
|
2018-06-09 15:09:46 +00:00
|
|
|
end if;
|
|
|
|
end JSON;
|
|
|
|
```
|
|
|
|
|
|
|
|
## Validating a JSON web token
|
|
|
|
|
|
|
|
```Ada
|
|
|
|
with Ada.Text_IO; use Ada.Text_IO;
|
2018-08-17 05:18:58 +00:00
|
|
|
with JWX.JWT; use JWX.JWT;
|
2018-06-09 15:09:46 +00:00
|
|
|
with JWX_Test_Utils;
|
|
|
|
|
|
|
|
procedure JWT is
|
|
|
|
Tmp : String := JWX_Test_Utils.Read_File ("tests/data/JWT_test_data.dat");
|
|
|
|
Key : String := JWX_Test_Utils.Read_File ("tests/data/HTTP_auth_key.json");
|
|
|
|
Data : String := Tmp (Tmp'First .. Tmp'Last - 1);
|
2018-08-17 05:18:58 +00:00
|
|
|
package J renames Standard.JWX.JWT;
|
|
|
|
Result : J.Result_Type;
|
2018-06-09 15:09:46 +00:00
|
|
|
begin
|
2018-08-17 05:18:58 +00:00
|
|
|
Result := J.Validate_Compact (Data => Data,
|
|
|
|
Key_Data => Key,
|
|
|
|
Audience => "4cCy0QeXkvjtHejID0lKzVioMfTmuXaM",
|
|
|
|
Issuer => "https://cmpnlt-demo.eu.auth0.com/",
|
|
|
|
Now => 1528404620);
|
2018-06-09 15:09:46 +00:00
|
|
|
if Result = Result_OK then
|
|
|
|
Put_Line ("Token is valid");
|
|
|
|
end if;
|
|
|
|
end JWT;
|
|
|
|
```
|
2018-05-13 08:27:27 +00:00
|
|
|
|
|
|
|
# Limitations
|
|
|
|
|
2018-06-09 15:09:46 +00:00
|
|
|
The following known limitations exist in JWX:
|
|
|
|
|
2018-08-17 19:12:04 +00:00
|
|
|
* While absence of runtime errors has been proven, no formal analysis for the stack usage exists
|
2018-06-09 15:09:46 +00:00
|
|
|
* Generation of Base64, JSON, JWS, JWT etc. is not supported (only validation)
|
2018-08-18 13:07:20 +00:00
|
|
|
* Unicode is not supported
|
2018-06-09 15:09:46 +00:00
|
|
|
* JWS and JWT only support HMAC-SHA256 (no other HMAC modes, RSA or ECDSA)
|
2018-06-10 10:45:53 +00:00
|
|
|
* JWS JSON serialization is not supported (only JWS compact serialization)
|
2018-06-09 15:09:46 +00:00
|
|
|
* Only the registered claims `iss`, `exp` and `aud` are supported
|
|
|
|
* No scopes or custom claims are supported
|
|
|
|
|
|
|
|
# Building
|
|
|
|
|
2018-08-17 05:18:58 +00:00
|
|
|
Check out JWX and build it:
|
2018-06-09 15:09:46 +00:00
|
|
|
|
|
|
|
```
|
2018-08-17 05:18:58 +00:00
|
|
|
$ git clone --recursive https://github.com/Componolit/jwx.git
|
|
|
|
$ cd jwx
|
|
|
|
$ make
|
2018-06-09 15:09:46 +00:00
|
|
|
```
|
|
|
|
|
|
|
|
To build the test cases, AUnit must be in your project path. To build an run
|
|
|
|
the tests do:
|
|
|
|
|
|
|
|
```
|
2018-08-17 05:18:58 +00:00
|
|
|
$ make test
|
2018-06-09 15:09:46 +00:00
|
|
|
```
|
|
|
|
|
2018-05-13 08:27:27 +00:00
|
|
|
# License
|
|
|
|
|
2018-08-18 13:07:20 +00:00
|
|
|
AGPLv3, see [LICENSE](LICENSE) file for details.
|
2018-06-01 06:29:09 +00:00
|
|
|
|
2018-05-13 08:27:27 +00:00
|
|
|
# Contact
|
2018-06-01 06:29:09 +00:00
|
|
|
|
|
|
|
jwx@componolit.com or through the issue tracker at https://github.com/Componolit/jwx
|