Recommended read: Hardcoded secrets, unverified tokens, and other common JWT mistakes https://r2c.dev/blog/2020/hardcoded-secrets-unverified-tokens-and-other-common-jwt-mistakes/

Thu, 02 Jul 2020 14:53 by Jamie Tanna . #jwt #security.

Generating the Client Assertion JWT for private_key_jwt Authentication with Ruby (1 mins read).

A helper script to generate the client assertion required to authenticate to an Authorization Server that supports private_key_jwt, on the command-line with Ruby.

Mon, 15 Jun 2020 23:12 by Jamie Tanna . #blogumentation #ruby #command-line #jwt #json #oidc.

Article

Verifying Signed JWTs (JWS) with Ruby (2 mins read).

Using the ruby-jwt library to verify a signed JSON Web Token (JWS) on the command-line.

Mon, 15 Jun 2020 22:59 by Jamie Tanna . #blogumentation #ruby #command-line #jwt #json.

Article

Creating Signed JWTs (JWS) with Ruby (1 mins read).

Using the json-jwt and ruby-jwt libraries to sign a JSON Web Token on the command-line.

Mon, 15 Jun 2020 22:40 by Jamie Tanna . #blogumentation #ruby #command-line #jwt #json.

Bookmark

JWT is Awesome: Here's Why

Recommended read: JWT is Awesome: Here's Why https://thehftguy.com/2020/02/18/jwt-is-awesome-heres-why/

Tue, 03 Mar 2020 13:09 by Jamie Tanna . #jwt.

Article

Creating Signed JWTs (JWS) with Node.JS (1 mins read).

How to use the jsonwebtoken library to create a Signed JSON Web Token (JWS) with Node.JS.

Wed, 19 Feb 2020 19:22 by Jamie Tanna . #blogumentation #nodejs #command-line #jwt #json.

Bookmark

No Way, JOSE! Javascript Object Signing and Encryption is a Bad Standard That Everyone Should Avoid

Recommended read: No Way, JOSE! Javascript Object Signing and Encryption is a Bad Standard That Everyone Should Avoid https://paragonie.com/blog/2017/03/jwt-json-web-tokens-is-bad-standard-that-everyone-should-avoid

Wed, 19 Feb 2020 08:26 by Jamie Tanna . #jwt.

Bookmark

Critical vulnerabilities in JSON Web Token libraries

Recommended read: Critical vulnerabilities in JSON Web Token libraries https://www.chosenplaintext.ca/2015/03/31/jwt-algorithm-confusion.html

Wed, 19 Feb 2020 07:58 by Jamie Tanna . #jwt.

Bookmark

Hacking JSON Web Tokens (JWTs)

Recommended read: Hacking JSON Web Tokens (JWTs) https://medium.com/swlh/hacking-json-web-tokens-jwts-9122efe91e4a

Mon, 25 Nov 2019 18:25 by Jamie Tanna . #jwt #security.

Bookmark

JWTs? JWKs? ‘kid’s? 'x5t's? Oh my!

Recommended read: JWTs? JWKs? ‘kid’s? 'x5t's? Oh my! https://redthunder.blog/2017/06/08/jwts-jwks-kids-x5ts-oh-my/

Mon, 18 Nov 2019 10:34 by Jamie Tanna . #jwt.

Bookmark

A Thorough Introduction to PASETO

Recommended read: A Thorough Introduction to PASETO https://developer.okta.com/blog/2019/10/17/a-thorough-introduction-to-paseto

Thu, 17 Oct 2019 21:28 by Jamie Tanna . #authentication #authorization #oauth2 #oidc #paseto #jwt.

Article

Pretty Printing JSON Web Tokens (JWTs) on the Command Line using OpenSSL (3 mins read).

How to easily introspect a JWT on the command line using OpenSSL and optionally Python for real pretty-printing.

Thu, 13 Jun 2019 13:02 by Jamie Tanna . #blogumentation #python #command-line #jwt #json #pretty-print.

Article

Verifying Signed JWTs (JWS) with Node.JS (3 mins read).

How to use the jsonwebtoken and node-jose libraries to verify the signature of a Signed JSON Web Token (JWS) with Node.JS.

Mon, 25 Feb 2019 22:13 by Jamie Tanna . #blogumentation #nodejs #command-line #jwt #json.

Article

Pretty Printing JSON Web Tokens (JWTs) on the Command Line using Ruby (3 mins read).

How to easily introspect and pretty print a signed JWT (JWS) or an encrypted JWT (JWE) on the command line using Ruby's standard library, or using the ruby-jwt external library.

Fri, 31 Aug 2018 10:43 by Jamie Tanna . #blogumentation #ruby #command-line #jwt #json #pretty-print.

Tag jwt