sarogers/jwt.rb

## jwt.rb
# https://jwt.io/
#
# 1. Base64 encoding
# 2. JWTs
# 3. 2Learn JWT (WIP)

require 'jwt'
require 'base64'
require 'openssl'

# base64 URL encoded string
# <header>.<payload>.<signature>

def jwt_encode_decode
  # https://tools.ietf.org/html/rfc7519#section-4.1
  payload = {
    aud: 'learn',
    foo: :bar,
    baz: :qux
  }

  key       = 'baz'
  algorithm = 'HS256'

  token = JWT.encode(payload, key, algorithm)

  puts token
  puts '{ "typ": "JWT", "alg": "HS256"  }.{ "foo": "bar" }.<signature>'

  header64, payload64, signature64 = token.split('.')

  header_json  = base64url_decode(header64)
  payload_json = base64url_decode(payload64)
  signature    = base64url_decode(signature64)

  puts "HEADER: #{header_json}"
  puts "PAYLOAD: #{payload_json}"
  puts "SIGNATURE: #{signature}"

  signing_segment = [header64, payload64].join('.')

  digest = OpenSSL::HMAC.digest(OpenSSL::Digest.new(algorithm.sub('HS', 'sha')), key, signing_segment)

  puts header_json
  puts payload_json

  puts signature
  puts digest
end

def base64url_decode(str)
  str += '=' * (4 - str.length.modulo(4))
  Base64.decode64(str.tr('-_', '+/'))
end

# instead of %2B (+) and %2F (/), use shorter - and _
def base64url_encode(str)
  Base64.encode64(str).tr('+/', '-_').gsub(/[\n=]/, '')
end

jwt_encode_decode

#############################################################
# Base64 Encoding
#############################################################
#  Value  Cha 	Value	Char	Value	Char	Value	Char
#  0	  A	16	Q	32	g	48	w
#  1	  B	17	R	33	h	49	x
#  2	  C	18	S	34	i	50	y
#  3	  D	19	T	35	j	51	z
#  4	  E	20	U	36	k	52	0
#  5	  F	21	V	37	l	53	1
#  6	  G	22	W	38	m	54	2
#  7	  H	23	X	39	n	55	3
#  8	  I	24	Y	40	o	56	4
#  9	  J	25	Z	41	p	57	5
#  10	  K	26	a	42	q	58	6
#  11	  L	27	b	43	r	59	7
#  12	  M	28	c	44	s	60	8
#  13	  N	29	d	45	t	61	9
#  14	  O	30	e	46	u	62	+
#  15	  P	31	f	47	v	63	/
	# https://jwt.io/
	#
	# 1. Base64 encoding
	# 2. JWTs
	# 3. 2Learn JWT (WIP)

	require 'jwt'
	require 'base64'
	require 'openssl'

	# base64 URL encoded string
	# <header>.<payload>.<signature>

	def jwt_encode_decode
	# https://tools.ietf.org/html/rfc7519#section-4.1
	payload = {
	aud: 'learn',
	foo: :bar,
	baz: :qux
	}

	key = 'baz'
	algorithm = 'HS256'

	token = JWT.encode(payload, key, algorithm)

	puts token
	puts '{ "typ": "JWT", "alg": "HS256" }.{ "foo": "bar" }.<signature>'

	header64, payload64, signature64 = token.split('.')

	header_json = base64url_decode(header64)
	payload_json = base64url_decode(payload64)
	signature = base64url_decode(signature64)

	puts "HEADER: #{header_json}"
	puts "PAYLOAD: #{payload_json}"
	puts "SIGNATURE: #{signature}"

	signing_segment = [header64, payload64].join('.')

	digest = OpenSSL::HMAC.digest(OpenSSL::Digest.new(algorithm.sub('HS', 'sha')), key, signing_segment)

	puts header_json
	puts payload_json

	puts signature
	puts digest
	end

	def base64url_decode(str)
	str += '=' * (4 - str.length.modulo(4))
	Base64.decode64(str.tr('-_', '+/'))
	end

	# instead of %2B (+) and %2F (/), use shorter - and _
	def base64url_encode(str)
	Base64.encode64(str).tr('+/', '-_').gsub(/[\n=]/, '')
	end

	jwt_encode_decode

	#############################################################
	# Base64 Encoding
	#############################################################
	# Value Cha Value Char Value Char Value Char
	# 0 A 16 Q 32 g 48 w
	# 1 B 17 R 33 h 49 x
	# 2 C 18 S 34 i 50 y
	# 3 D 19 T 35 j 51 z
	# 4 E 20 U 36 k 52 0
	# 5 F 21 V 37 l 53 1
	# 6 G 22 W 38 m 54 2
	# 7 H 23 X 39 n 55 3
	# 8 I 24 Y 40 o 56 4
	# 9 J 25 Z 41 p 57 5
	# 10 K 26 a 42 q 58 6
	# 11 L 27 b 43 r 59 7
	# 12 M 28 c 44 s 60 8
	# 13 N 29 d 45 t 61 9
	# 14 O 30 e 46 u 62 +
	# 15 P 31 f 47 v 63 /