Login/Register
How to add expiry to JWE token?
Asked Answered
gojwe
I

1

6

I'm using Jose library to create JWE's. I have successfully managed to create and parse JWE. JWT has fields like exp, iat which help in invalidating token after a certain period of time.

How can I set expiry on JWE ?

Here's what I've tried, without exp:

package main

import (
    jose "gopkg.in/square/go-jose.v2"
)

// len(key) is 32
func CreateJWE(value, key string)(string, error){
    encrypter, err := jose.NewEncrypter(jose.A256GCM, jose.Recipient{Algorithm: jose.A256GCMKW, Key: []byte(key)}, nil)
    if err != nil {
        return "", err
    }
    object, err := encrypter.Encrypt([]byte(value)])
    if err != nil {
        return "", err
    }
    return object.FullSerialize(), nil
}

func ParseJWE(jwe, key string)(string, error){
    object, err := jose.ParseEncrypted(jwe)
    if err != nil {
        return "", err
    }
    b, err := (*object).Decrypt(key)
    return string(b), err
}
Insincere answered 5/2, 2019 at 13:42 Comment(6)
Hum... you will need to use the jwt subpackage. There is an example in the godoc: godoc.org/gopkg.in/square/go-jose.v2/jwt#example-Encrypted The jwt.Claims has Expiry, and it is that you are looking for. I hope it helps.Burson
I think you mean JWT tbh? JWE is just the encryption for the object in a JWT isn't it? Looks like that guy couldn't be bothered to make some decent documentationPol
@Dominic I think I read somewhere that JWE and JWS are two types of JWT. Is it correct ?Insincere
@JamilloSantos Thanks a lot mate, you saved the day.Insincere
Ah yes I think you are correct - medium.facilelogin.com/…. Generally people just refer to JWT though. Shame the developer made something so low level with only generated docs, hope Go doesn't "go" the same way as Java. In Node this is so trivial!Pol
Yup. It needs more docs for sure. I was also surprised to see that this lib is quite popular without proper docs.Insincere
H
0

JWEs do not have expiration

u should use JWT for resolve it

look at this Q&A in github

and this stackoverflow question, it's for python but i tell it for reading and open ur mind about this subject

Hoseahoseia answered 14/10, 2022 at 15:13 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.