Skip to content
/ KotJWT Public

Kotlin Multiplatform library for generating and verifying JWTs

License

Apache-2.0 license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

iNoles/KotJWT

BranchesTags

Repository files navigation

KotJWT

KotJWT is a lightweight Kotlin Multiplatform library designed for encoding, decoding, and managing JSON Web Tokens (JWT) and refresh tokens. It supports a variety of cryptographic algorithms, including HMAC SHA-256, ECDSA, and RSA, while providing essential features like token expiration validation, blacklist management, and secure token handling.

✨ Features

  • JWT Support – Encode and decode JWTs with HMAC SHA-256, ECDSA, and RSA signing.
  • Refresh Token Support – Securely generate and validate refresh tokens.
  • Expiration Handling – Automatically checks if a token is expired.
  • Token Blacklist – Prevent the use of revoked tokens.
  • base64 URL-Safe Encoding – Secure encoding and decoding for JWTs and refresh tokens.
  • Multiple Signing Algorithms – Supports HMAC, ECDSA, and RSA for signing JWTs.
  • Kotlin Multiplatform Support – Now available for JVM, iOS, macOS, and other platforms.

🚀 Usage

Encoding a JWT

To encode a JWT, you need to create a JwtPayload and use the encodeJwt function:

import com.jonathansteele.kojwt.*

val payload = JwtPayload(
    sub = "user123",
    exp = System.currentTimeMillis() / 1000 + 3600  // Expire in 1 hour
)
val secret = "your-secret-key"

val jwt = encodeJwt(payload, secret)
println("Encoded JWT: $jwt")

Decoding a JWT

To decode a JWT, use the decodeJwt function:

val decodedPayload = decodeJwt(jwt, secret)
println("Decoded Payload: $decodedPayload")

Encoding a Refresh Token

You can encode a refresh token using the encodeRefreshToken function:

val refreshTokenPayload = RefreshTokenPayload(
    sub = "user123",
    exp = System.currentTimeMillis() / 1000 + 86400  // Expire in 24 hours
)
val refreshToken = encodeRefreshToken(refreshTokenPayload, secret)
println("Encoded Refresh Token: $refreshToken")

Decoding a Refresh Token

To decode a refresh token, use the decodeRefreshToken function:

val decodedRefreshToken = decodeRefreshToken(refreshToken, secret)
println("Decoded Refresh Token: $decodedRefreshToken")

Blacklisting Tokens

You can add tokens to the blacklist to prevent further use:

TokenBlacklist.revoke(jwt)
TokenBlacklist.revoke(refreshToken)

🛣 Roadmap

  • Kotlin Multiplatform support for additional targets

Contributions 🤝

This project is a work in progress, and contributions are welcome! Feel free to:

  • Submit issues for bugs or feature suggestions
  • Open pull requests to contribute directly

About

Kotlin Multiplatform library for generating and verifying JWTs

Topics

kotlin api security jwt authentication kotlin-library jwt-token token jwt-authentication cyrptography kotlin-multiplatform jwt-library

Resources

Readme

License

Apache-2.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages