Skip to main content

JWT - Json Web Token


How to make sure that the document is written by me and only me.  In a physical world, we usually signed under the document with our unique handwriting. Now the second party should identify that it is my signature. Still, chances are there, people will manipulate the content. To avoid the same we used to sign granular pieces of the information i.e. each page.  It is not easy to replace content in a single page. Not yet.  So this makes sure information is authenticated by me and can be quoted for me. 
    
Now, how do we do the same practice in the virtual world? We use JWT (JSON WEB TOKEN).  A JSON web token is simply JSON payload containing a particular claim. It has three parts all separated by ".". 

  • Header 
  • Payload 
  • Signature 
Header:

The header typically consists of two parts: the type of token, which is JWT, and the hashing algorithm that is used, such as HMAC SHA256 or RSA. Its base64 encoded string. 


{
  "alg": "HS256",
  "typ": "JWT"
}


Payload:

Its has the claim of the user. Its also base64 encoded string. 


{
  "expireAt": "1234567890",
  "name": "John Doe",
  "role": "admin"
}


Signature:

Signature of the above information will be created by the below method:

HMACSHA256( base64UrlEncode(header)+ "." +
                            base64UrlEncode(payload), secret_key);
 



Below is HMAC SHA 256 token:
Red is Header 
Blue is payload 
The last one is the signature.


eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoiYWRtaW4iLCJuYW1lIjoiSm9obiBEb2UiLCJleHBpcmVBdCI6MTUxNjIzOTAyMn0.f6wsQSs6Z7zk94B7Y6RskvUb1RLBkenl3oAzzwRneNk

Reference: Validate your JWT token here. https://jwt.io/

Comments

Post a Comment

Popular posts from this blog

Car Parking Problem

There is n parking slots and n-1 car already parked. Lets say car parked with initial arrangement and we want to make the car to be parked to some other arrangement. Lets say n = 5, inital = free, 3, 4, 1, 2 desired = 1, free, 2, 4 ,3 Give an algorithm with minimum steps needed to get desired arrangement. Told by one of my friend and after a lot of search i really got a nice solution. I will post solution in comment part
3 comments
Read more

DEShaw Interview Questions

ther are N numbers frm 1 to N and starting from index 1 we will keep deleting every alternate going in cyclic order with array. Only one element will be left at the end. Tell us the index of element in array we started. e.g. there are 5 nums 1 2 3 4 5 then after 1st iteration 1 3 5 will be remained. .. then 1 will be next to be elliminated and then 5 3 will remain alone... give sum efficient algorithm to calculate which numer will remain at the end Answer: 2*(n-2^p)+1 where p=floor(log2 n)
Post a Comment
Read more

One way : Heap or Stack allocation

Took my time to find solution for this and it actually made me realize how much i have to learn. Now question is how can we enforce the creation of objects whether on heap or stack. Creating object on Heap only. Make your destructor private and create a destroy function. Class A {  ~A(){} public:  A(){} void destroy() { delete this; } } Now if you can not create your object: A a; // error: 'A::~A()' is private A  a = new A(); Great. Now all the objects will be allocated to heap only. Making destructor private a better choice than constructor as we don't know number of constructor so early in programming. Creating object on stack While i knew that it has to do something with operator new, but could not figure out how can i create object on stack and return the memory back to class initialization. Though answer was simple, i had to google for that: Overload operator new, new[], operator delete and delete[] and make them private ;) class A { pr...
Post a Comment
Read more