TsgcHTTP_JWT_Server

TsgcHTTP_JWT_Server component.

Introduction

The TsgcHTTP_JWT_Server component allows you to decode and validate JWT tokens received in WebSocket Handshake when using WebSocket protocol or as HTTP Header when using HTTP protocol.

Configuration

You can configure the following properties in the JWTOptions property of the component:

If the Signature is validated using a Public Key (RS and ES algorithms), set the value in the PublicKey property of the Algorithm.

If the Signature is validated using a Secret (HS algorithms), set the value in the Secret property of the Algorithm.

To validate JWT tokens, just attach a TsgcHTTP_JWT_Server instance to Authentication.JWT.JWT property of the WebSocket/HTTP Server.


    oServer := TsgcWebSocketHTTPServer.Create(nil);
    oServer.Port := 80;
    oJWT := TsgcHTTP_JWT_Server.Create(nil);
    oJWT.JWTOptions.Algorithms.RS.PublicKey.Text := 'public key here';
    oServer.Authorization.Enabled := True;
    oServer.Authorization.JWT.JWT := oJWT;
    oServer.Active := True;

Checks property allows you to enable some checks in the Payload of JWT, by default checks if the issued dates are valid.

Reference

Properties — 2 properties available on the component.
Methods — 3 public methods.
Events — 7 events you can handle.