aboutsummaryrefslogtreecommitdiffstats
path: root/site/public/jwt/index.html
diff options
context:
space:
mode:
authoralpaylan2021-04-16 01:03:21 +0300
committeralpaylan2021-04-16 01:03:21 +0300
commitb4212a90caa899785402c06d57216e75de0f1c88 (patch)
tree8adbe6eb6b451eee20d181f26ab771e0c5a920ee /site/public/jwt/index.html
parent82864341afc78b23b358cd775c70ffbfa0d0303f (diff)
parent72f8ae422eeb03ed87c7819af5d5e25758267b03 (diff)
downloadgradecoin-b4212a90caa899785402c06d57216e75de0f1c88.tar.gz
gradecoin-b4212a90caa899785402c06d57216e75de0f1c88.tar.bz2
gradecoin-b4212a90caa899785402c06d57216e75de0f1c88.zip
Merge remote-tracking branch 'origin/main'
# Conflicts: # src/schema.rs
Diffstat (limited to 'site/public/jwt/index.html')
-rw-r--r--site/public/jwt/index.html179
1 files changed, 179 insertions, 0 deletions
diff --git a/site/public/jwt/index.html b/site/public/jwt/index.html
new file mode 100644
index 0000000..d06d45a
--- /dev/null
+++ b/site/public/jwt/index.html
@@ -0,0 +1,179 @@
1<!DOCTYPE html>
2<html lang="en">
3
4<head>
5 <meta charset="UTF-8">
6 <title>JWT | Gradecoin </title>
7 <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
8 <style>
9 :root {
10 /* Primary theme color */
11 --primary-color: #F8D12F;
12 /* Primary theme text color */
13 --primary-text-color: #1E2329;
14 /* Primary theme link color */
15 --primary-link-color: #2F57F7;
16 /* Secondary color: the background body color */
17 --secondary-color: #FAFAFA;
18 --secondary-text-color: #303030;
19 /* Highlight text color of table of content */
20 --toc-highlight-text-color: #d46e13;
21 }
22</style>
23
24 <link href="https://fonts.googleapis.com/css?family=Alfa+Slab+One&display=swap" rel="stylesheet">
25 <link href="https://fonts.googleapis.com/css?family=Fira+Sans:400,500,600&display=swap" rel="stylesheet">
26 <link rel="stylesheet" href="/normalize.css">
27 <link rel="stylesheet" href="https:&#x2F;&#x2F;gradecoin.xyz&#x2F;juice.css">
28
29<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css" />
30
31</head>
32
33<body>
34
35<header class="box-shadow">
36
37
38<a href="https:&#x2F;&#x2F;gradecoin.xyz&#x2F;">
39 <div class="logo">
40 <img src="https:&#x2F;&#x2F;gradecoin.xyz&#x2F;gradecoin.png" alt="logo">
41 Gradecoin
42 </div>
43</a>
44
45<nav>
46
47 <a class="nav-item subtitle-text" href="https:&#x2F;&#x2F;gradecoin.xyz&#x2F;register-docs&#x2F;">Register</a>
48
49 <a class="nav-item subtitle-text" href="https:&#x2F;&#x2F;gradecoin.xyz&#x2F;jwt&#x2F;">JWT</a>
50
51 <a class="nav-item subtitle-text" href="https:&#x2F;&#x2F;gradecoin.xyz&#x2F;transaction-docs&#x2F;">Transactions</a>
52
53 <a class="nav-item subtitle-text" href="https:&#x2F;&#x2F;gradecoin.xyz&#x2F;block-docs&#x2F;">Blocks</a>
54
55
56
57 <a class="nav-item subtitle-text" href="https:&#x2F;&#x2F;github.com&#x2F;zhuowei&#x2F;nft_ptr#why">why?</a>
58
59
60</nav>
61
62</header>
63
64
65 <main>
66
67
68
69
70
71 <div class="toc">
72 <div class="toc-sticky">
73
74 <div class="toc-item">
75 <a class="subtext" href="https://gradecoin.xyz/jwt/#how">How?</a>
76 </div>
77
78
79 <div class="toc-item">
80 <a class="subtext" href="https://gradecoin.xyz/jwt/#algorithm">Algorithm</a>
81 </div>
82
83
84 <div class="toc-item">
85 <a class="subtext" href="https://gradecoin.xyz/jwt/#references">References</a>
86 </div>
87
88
89 </div>
90 </div>
91
92
93
94 <div class="content text">
95
96<div class="heading-text">JSON Web Token Documentation</div>
97<blockquote>
98<p>JSON Web Tokens are representations of claims, or authorization proofs that fit into the <code>Header</code> of HTTP requests.</p>
99</blockquote>
100<h1 id="how">How?</h1>
101<p>JWTs are used as the <a href="https://en.wikipedia.org/wiki/Message_authentication_code">MAC</a> of operations that require authorization:</p>
102<ul>
103<li>block proposal</li>
104<li>transaction proposal.</li>
105</ul>
106<p>They are send alongside the JSON request body in the <code>Header</code>;</p>
107<pre style="background-color:#ffffff;">
108<code class="language-html" data-lang="html"><span style="color:#545052;">Authorization: Bearer aaaaaa.bbbbbb.ccccc
109</span></code></pre>
110<p>Gradecoin uses 3 fields for the JWTs;</p>
111<pre style="background-color:#ffffff;">
112<code class="language-json" data-lang="json"><span style="color:#545052;">{
113&quot;</span><span style="color:#009854;">tha</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">Hash of the payload, check invididual references</span><span style="color:#545052;">&quot;,
114&quot;</span><span style="color:#009854;">iat</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">Issued At, Unix Time</span><span style="color:#545052;">&quot;,
115&quot;</span><span style="color:#009854;">exp</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">Expiration Time, epoch</span><span style="color:#545052;">&quot;
116}
117</span></code></pre>
118<ul>
119<li><code>tha</code> is explained in <a href="https://gradecoin.xyz/block-docs/">blocks</a> and <a href="https://gradecoin.xyz/transaction-docs/">transactions</a> documentations.</li>
120<li><code>iat</code> when the JWT was created in <a href="https://en.wikipedia.org/wiki/Unix_time">Unix Time</a> format</li>
121<li><code>exp</code> when the JWT will expire &amp; be rejected in <a href="https://en.wikipedia.org/wiki/Unix_time">Unix Time</a></li>
122</ul>
123<h1 id="algorithm">Algorithm</h1>
124<p>We are using <a href="https://www.rfc-editor.org/rfc/rfc7518.html#section-3.1">RS256</a>, <code>RSASSA-PKCS1-v1_5 using SHA-256</code>. The JWTs you encode with your private RSA key will be decoded using the public key you have authenticated with. You can see how the process works <a href="https://jwt.io/">here</a>.</p>
125<h1 id="references">References</h1>
126<ul>
127<li><a href="https://tools.ietf.org/html/rfc7519">RFC, the ultimate reference</a></li>
128<li><a href="https://jwt.io/">JWT Debugger</a></li>
129</ul>
130
131
132 </div>
133
134
135
136 </main>
137
138
139<footer>
140Built For ⁂ CENG489 ⁂ Introduction to Computer Security
141</footer>
142
143</body>
144<script>
145 function highlightNav(heading) {
146 let pathname = location.pathname;
147 document.querySelectorAll(".toc a").forEach((item) => {
148 item.classList.remove("active");
149 });
150 document.querySelector(".toc a[href$='" + pathname + "#" + heading + "']").classList.add("active");
151 }
152
153 let currentHeading = "";
154 window.onscroll = function () {
155 let h = document.querySelectorAll("h1,h2,h3,h4,h5,h6");
156 let elementArr = [];
157
158 h.forEach(item => {
159 if (item.id !== "") {
160 elementArr[item.id] = item.getBoundingClientRect().top;
161 }
162 });
163 elementArr.sort();
164 for (let key in elementArr) {
165 if (!elementArr.hasOwnProperty(key)) {
166 continue;
167 }
168 if (elementArr[key] > 0 && elementArr[key] < 300) {
169 if (currentHeading !== key) {
170 highlightNav(key);
171 currentHeading = key;
172 }
173 break;
174 }
175 }
176 }
177</script>
178
179</html>