1/*  Part of SWI-Prolog
    2
    3    Author:        Jan Wielemaker
    4    E-mail:        J.Wielemaker@cs.vu.nl
    5    WWW:           http://www.swi-prolog.org
    6    Copyright (C): 2015, VU University Amsterdam
    7
    8    This program is free software; you can redistribute it and/or
    9    modify it under the terms of the GNU General Public License
   10    as published by the Free Software Foundation; either version 2
   11    of the License, or (at your option) any later version.
   12
   13    This program is distributed in the hope that it will be useful,
   14    but WITHOUT ANY WARRANTY; without even the implied warranty of
   15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   16    GNU General Public License for more details.
   17
   18    You should have received a copy of the GNU General Public
   19    License along with this library; if not, write to the Free Software
   20    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
   21
   22    As a special exception, if you link this library with other files,
   23    compiled with a Free Software compiler, to produce an executable, this
   24    library does not by itself cause the resulting executable to be covered
   25    by the GNU General Public License. This exception does not however
   26    invalidate any other reasons why the executable file might be covered by
   27    the GNU General Public License.
   28*/
   29
   30:- module(jwt,
   31	  [ jwt/2			% +String, -Data
   32	  ]).   33:- use_module(library(codesio)).   34:- use_module(library(base64)).   35:- use_module(library(utf8)).   36:- use_module(library(http/json)).

JSON Web Token library

This library is a very early start to deal with JOSE: JSON Object Signing and Encryption. This is needed for OpenID Connect. The current library only extracts the claimed object from a non-encrypted JWT (JSON Web Token). This is enough to deal with Google's OpenID Connect, which guarantees that the token comes from Google in other ways.

See also
- https://tools.ietf.org/html/draft-jones-json-web-token */
 jwt(+String, -Object) is det
True if Object is claimed in the JWT represented in String.
To be done
- Currently does not validate the claim using the signature.
   55jwt(String, Object) :-
   56	nonvar(String),
   57	split_string(String, ".", "", [Header64,Object64|_Parts]),
   58	base64url_json(Header64, _Header),
   59	base64url_json(Object64, Object).
 base64url_json(+String, -JSONDict) is semidet
True when JSONDict is represented in the Base64URL and UTF-8 encoded String.
   66base64url_json(String, JSON) :-
   67	string_codes(String, Codes),
   68	phrase(base64url(Bytes), Codes),
   69	phrase(utf8_codes(Text), Bytes),
   70	setup_call_cleanup(
   71	    open_codes_stream(Text, Stream),
   72	    json_read_dict(Stream, JSON),
   73	    close(Stream))