aboutsummaryrefslogtreecommitdiffstats
path: root/site/public/jwt
diff options
context:
space:
mode:
Diffstat (limited to 'site/public/jwt')
-rw-r--r--site/public/jwt/index.html62
1 files changed, 57 insertions, 5 deletions
diff --git a/site/public/jwt/index.html b/site/public/jwt/index.html
index 899aada..c32fb31 100644
--- a/site/public/jwt/index.html
+++ b/site/public/jwt/index.html
@@ -66,14 +66,66 @@
66 66
67 67
68 68
69
70 <div class="toc">
71 <div class="toc-sticky">
72
73 <div class="toc-item">
74 <a class="subtext" href="http://localhost:8080/jwt/#how">How?</a>
75 </div>
76
77
78 <div class="toc-item">
79 <a class="subtext" href="http://localhost:8080/jwt/#algorithm">Algorithm</a>
80 </div>
81
82
83 <div class="toc-item">
84 <a class="subtext" href="http://localhost:8080/jwt/#references">References</a>
85 </div>
86
87
88 </div>
89 </div>
90
91
69 92
70 <div class="content text"> 93 <div class="content text">
71 94
72<div class="heading-text">JSON Web Token Documentation</div> 95<div class="heading-text">JSON Web Token Documentation</div>
73<p>Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod 96<blockquote>
74tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At 97<p>JSON Web Tokens are representations of claims, or authorization proofs that fit into the <code>Header</code> of HTTP requests.</p>
75vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd 98</blockquote>
76ubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet.</p> 99<h1 id="how">How?</h1>
100<p>JWTs are used as the <a href="https://en.wikipedia.org/wiki/Message_authentication_code">MAC</a> of operations that require authorization:</p>
101<ul>
102<li>block proposal</li>
103<li>transaction proposal.</li>
104</ul>
105<p>They are send alongside the JSON request body in the <code>Header</code>;</p>
106<pre style="background-color:#ffffff;">
107<code class="language-html" data-lang="html"><span style="color:#545052;">Authorization: Bearer aaaaaa.bbbbbb.ccccc
108</span></code></pre>
109<p>Gradecoin uses 3 fields for the JWTs;</p>
110<pre style="background-color:#ffffff;">
111<code class="language-json" data-lang="json"><span style="color:#545052;">{
112&quot;</span><span style="color:#009854;">tha</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">Hash of the payload, check invididual references</span><span style="color:#545052;">&quot;,
113&quot;</span><span style="color:#009854;">iat</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">Issued At, Unix Time</span><span style="color:#545052;">&quot;,
114&quot;</span><span style="color:#009854;">exp</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">Expiration Time, epoch</span><span style="color:#545052;">&quot;
115}
116</span></code></pre>
117<ul>
118<li><code>tha</code> is explained in <a href="http://localhost:8080/block-docs/">blocks</a> and <a href="http://localhost:8080/transaction-docs/">transactions</a> documentations.</li>
119<li><code>iat</code> when the JWT was created in <a href="https://en.wikipedia.org/wiki/Unix_time">Unix Time</a> format</li>
120<li><code>exp</code> when the JWT will expire &amp; be rejected in <a href="https://en.wikipedia.org/wiki/Unix_time">Unix Time</a></li>
121</ul>
122<h1 id="algorithm">Algorithm</h1>
123<p>We are using <a href="https://www.rfc-editor.org/rfc/rfc7518.html#section-3.1">RS256</a>, <code>RSASSA-PKCS1-v1_5 using SHA-256</code>. The JWTs you encode with your private RSA key will be decoded using the public key you have authenticated with. You can see how the process works <a href="https://jwt.io/">here</a>.</p>
124<h1 id="references">References</h1>
125<ul>
126<li><a href="https://tools.ietf.org/html/rfc7519">RFC, the ultimate reference</a></li>
127<li><a href="https://jwt.io/">JWT Debugger</a></li>
128</ul>
77 129
78 130
79 </div> 131 </div>
@@ -84,7 +136,7 @@ ubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet.</p>
84 136
85 137
86<footer> 138<footer>
87 139Built For CENG489 Introduction to Computer Security
88</footer> 140</footer>
89 141
90</body> 142</body>