JWS.EXTRACT

JWS.EXTRACT extracts the payload of a supplied JSON Web Token (JWT) using a given algorithm.

Xapix currently supports the HS256, HS384, HS512 algorithms.

Function category: JWT

The JWS.EXTRACT function is very similar to the JWS.VERIFY function, except the following:

  • With a successfully verified JWT, this function returns a response wrapped in a data envelope with the key payload

  • With a failed verification, this function returns the key error pointing to an error message. If it encounters an error, it will abort the pipeline.

Syntax

JWS.EXTRACT(arg1, arg2, arg3, [args...])

Arguments

Description

arg1

String denoting the algorithm used in encrypting.

arg2

String of input data used to verify and extract the payload.

arg3

String with matching signature.

[args...]

Additional set of arguments for use with certain subsets of algorithms.

Example

Let's say we receive the following signed JWT.

eyJhbGciOiJIUzI1NiJ9.
eyJmb28iOjEsImJhciI6WzQsNSwicXdlIl19.
HU45XthYzICLPj8RvTeVQum2FLPdynx0MTsSCs5l-O0

This signed JWT has been encoded with the HS256 algorithm. If we want to extract the payload, we use the following function.

JWS.EXTRACT('HS256', 'eyJhbGciOiJIUzI1NiJ9.eyJmb28iOjEsImJhciI6WzQsNSwicXdlIl19.HU45XthYzICLPj8RvTeVQum2FLPdynx0MTsSCs5l-O0', 'password')

This returns the following parsed payload.

"{\"foo\" 1 \"bar\" [4 5 \"qwe\"]}"