Better error logs, JWT encoding/decoding filters

September 03, 2018

NEW

JWT encoding / decoding filters

We are introducing two filters to allow you usage of JSON Web Tokens.

jwt_encode

Valid options for algorithm:

  • none - unsigned token
  • HS256 - HMAC using SHA-256
  • HS384 - HMAC using SHA-384
  • HS512 - HMAC using SHA-512
  • RS256 - RSA using SHA-256
  • RS384 - RSA using SHA-384
  • RS512 - RSA using SHA-512

Example:


{{ payload | jwt_encode: 'HS256', 'this-is-secret'  }} => 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJrZXkiOiJ2YWx1ZSIsImFub3RoZXJfa2V5IjoiYW5vdGhlciB2YWx1ZSJ9.XT8sHXyPTA9DoHzssXh1q6Uv2D1ENosW0F3Ixle85L0'

jwt_decode

Valid options for algorithm:

  • none - unsigned token
  • HS256 - HMAC using SHA-256
  • HS384 - HMAC using SHA-384
  • HS512 - HMAC using SHA-512
  • RS256 - RSA using SHA-256
  • RS384 - RSA using SHA-384
  • RS512 - RSA using SHA-512

Examples:

HMAC


{% assign original_payload = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJrZXkiOiJ2YWx1ZSIsImFub3RoZXJfa2V5IjoiYW5vdGhlciB2YWx1ZSJ9.XT8sHXyPTA9DoHzssXh1q6Uv2D1ENosW0F3Ixle85L0' | jwt_decode: 'HS256', 'this-is-secret'  }} =>


[
  {
    "key" => "value",
    "another_key" => "another value"
  },
  {
    "typ" => "JWT",
    "alg" => "HS256"
  }
]

RSA


{% capture public_key %}
-----BEGIN PUBLIC KEY-----
MIIBI...
-----END PUBLIC KEY-----
{% endcapture %}
{% assign original_payload = 'some encoded token' | jwt_decode: 'RS256', public_key %}

Read more at our Liquid filters documentation.

IMPROVED

Better errors

Errors shown by pos-cli logs are now more detailed. It should help you debug your application.

Example:


[2018-09-03 13:59:29.049Z] - Liquid::ArgumentError: jwt_encode filter - first argument must be a hash or a string, received:
 page: pages/release-notes/2018-09-03

Questions?

We are always happy to help with any questions you may have.