1/* Part of SWI-Prolog 2 3 Author: Jan Wielemaker 4 E-mail: J.Wielemaker@cs.vu.nl 5 WWW: http://www.swi-prolog.org 6 Copyright (C): 2015, VU University Amsterdam 7 8 This program is free software; you can redistribute it and/or 9 modify it under the terms of the GNU General Public License 10 as published by the Free Software Foundation; either version 2 11 of the License, or (at your option) any later version. 12 13 This program is distributed in the hope that it will be useful, 14 but WITHOUT ANY WARRANTY; without even the implied warranty of 15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 GNU General Public License for more details. 17 18 You should have received a copy of the GNU General Public 19 License along with this library; if not, write to the Free Software 20 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA 21 22 As a special exception, if you link this library with other files, 23 compiled with a Free Software compiler, to produce an executable, this 24 library does not by itself cause the resulting executable to be covered 25 by the GNU General Public License. This exception does not however 26 invalidate any other reasons why the executable file might be covered by 27 the GNU General Public License. 28*/ 29 30:- module(jwt, 31 [ jwt/2 % +String, -Data 32 ]). 33:- use_module(library(codesio)). 34:- use_module(library(base64)). 35:- use_module(library(utf8)). 36:- use_module(library(http/json)). 37 38/** <module> JSON Web Token library 39 40This library is a very early start to deal with JOSE: JSON Object 41Signing and Encryption. This is needed for OpenID Connect. The current 42library only extracts the claimed object from a non-encrypted JWT (JSON 43Web Token). This is enough to deal with Google's OpenID Connect, which 44guarantees that the token comes from Google in other ways. 45 46@see https://tools.ietf.org/html/draft-jones-json-web-token 47*/ 48 49%% jwt(+String, -Object) is det. 50% 51% True if Object is claimed in the JWT represented in String. 52% 53% @tbd Currently does not validate the claim using the signature. 54 55jwt(String, Object) :- 56 nonvar(String), 57 split_string(String, ".", "", [Header64,Object64|_Parts]), 58 base64url_json(Header64, _Header), 59 base64url_json(Object64, Object). 60 61%% base64url_json(+String, -JSONDict) is semidet. 62% 63% True when JSONDict is represented in the Base64URL and UTF-8 64% encoded String. 65 66base64url_json(String, JSON) :- 67 string_codes(String, Codes), 68 phrase(base64url(Bytes), Codes), 69 phrase(utf8_codes(Text), Bytes), 70 setup_call_cleanup( 71 open_codes_stream(Text, Stream), 72 json_read_dict(Stream, JSON), 73 close(Stream))