CompactJwt

public final class CompactJwt : Sendable

CompactJwt is a utility class responsible to perform simple, and specific JWT operation within MFA modules for JWT-related operations. Provides methods for generating and validating JWTs using the HS256 algorithm.

JWT Generation


                    
                    
                    signJwtClaims(base64Secret:claims:)

Signs given claims using the HS256 algorithm.

Throws

JwtError.invalidSecret if the secret is empty or invalid. JwtError.signingFailed if there is an error signing the JWT.

Declaration

Swift

public static func signJwtClaims(base64Secret: String, claims: [String : Any]) throws -> String

Parameters

`base64Secret`	The base64-encoded secret key.
`claims`	The claims to include in the JWT.

Return Value

The JWT string.

JWT Validation


                    
                    
                    canParseJwt(_:requiredFields:)

Checks if a string is a valid JWT and contains the required fields in its payload.

Declaration

Swift

public static func canParseJwt(_ jwt: String, requiredFields: [String] = []) -> Bool

Parameters

`jwt`	The JWT string to validate.
`requiredFields`	An array of field names to check in the payload.

Return Value

true if the JWT is valid and contains all required fields, false otherwise.


                    
                    
                    verifyJwtSignature(_:base64Secret:)

Verifies the signature of a JWT using the provided secret.

Throws

JwtError.invalidSecret if the secret is empty or invalid. JwtError.invalidFormat if the JWT format is invalid. JwtError.signingFailed if there is an error during verification.

Declaration

Swift

public static func verifyJwtSignature(_ jwt: String, base64Secret: String) throws -> Bool

Parameters

`jwt`	The JWT string to verify.
`base64Secret`	The base64-encoded secret key used for verification.

Return Value

true if the signature is valid, false otherwise.

JWT Parsing


                    
                    
                    parseJwtClaims(_:)

Parses a JWT string and extracts its payload claims.

Throws

JwtError.invalidFormat if the JWT format is invalid. JwtError.invalidPayload if the payload cannot be parsed.

Declaration

Swift

public static func parseJwtClaims(_ jwt: String) throws -> [String : Any]

Parameters

jwt

The JWT string to parse.

Return Value

A dictionary containing the payload claims.


                    
                    
                    sign(claims:privateKey:publicKey:algorithm:kid:)

Signs given claims using an asymmetric key algorithm.

Throws

JwtError.signingFailed if there is an error signing the JWT.

Declaration

Swift

public static func sign(claims: [String : Any], privateKey: SecKey, publicKey: SecKey?, algorithm: SecKeyAlgorithm, kid: String) throws -> String

Parameters

`claims`	The claims to include in the JWT.
`privateKey`	The private key used to sign the JWT.
`algorithm`	The algorithm to use for signing (e.g., ES256).
`kid`	The key ID to include in the JWT header.

Return Value

The JWT string.