JWT Functions

Overview

Allows for an additional layer of security using signed JWT. This plug-in may also be used to integrate with external systems using JWS.

Key Functionality and Features

  • jwtsign - Create a signed JWT using HS256, HS384, HS512, ES256, ES384, ES512, RS256, RS384, or RS512
  • jwtverify - Verify signed JWT
  • jwtgeneratesecretkey - Generate an Hmac-SHA key that can be used to sign a JWT using HS* algorithm
  • jwtdecode - Decode a JWT without verifying the signature

Uses JWTKs JJWT library: https://github.com/jwtk/jjwt

Anonymous
Parents
  • Hi,

    We are facing some vulnerability issue while scanning this plugin. Kindly help to check.

    Issue:

    jackson-databind before 2.13.0 allows a stack overflow exception and denial of service via a large depth of nested objects.

    Thanks in advance!




Comment
  • Hi,

    We are facing some vulnerability issue while scanning this plugin. Kindly help to check.

    Issue:

    jackson-databind before 2.13.0 allows a stack overflow exception and denial of service via a large depth of nested objects.

    Thanks in advance!




Children