Skip to main content

OAUTH Library

This is a helper library you can import into your projects to assist in implementing an OAuth2.0 client workflow. It contains the OAUTHjwt.lua module for signing JSON Web Tokens (JWT) using the crypto API by providing the JWT components, required encryption algorithm and private key provided by the Authorization Server.

http://jwt.io is a great resource to introduce yourself to JWTs and their structure.

A JWT is made up of three parts:

  1. Header- contains the signing algorithm and token type

  2. Payload - contains data about the Client and access

  3. Signature - consists of the combined base64URLencoded(header).base64URLencoded(payload) all signed with the private key using the algorithm stated in the header.

The OAUTHjwt function can be called to perform the signature and return the completed token:

-- signs and returns the completed JWT   
local token = OAUTHjwt{header=HeaderTable, payload=PayloadTable, algo=’RS384’, key=PrivateKey}

You can find the source code here: https://bitbucket.org/interfaceware/oauth/src/main/OAUTHjwt.lua

For more details on using the protocol, see OAuth2.0.