4D-NetKit

JWT Class

Overview

The JWT class allows you to generate, decode, and validate JSON Web Tokens (JWTs) to authenticate users and secure API calls. JWTs are widely used in modern web authentication systems, including OAuth2 and OpenID Connect.

This class is typically used in three scenarios:

• Token generation: Create a signed JWT when a user logs in.
• Token decoding: Read and inspect a JWT received from an authentication provider.
• Token validation: Verify the JWT’s signature and expiration before granting access to protected resources.

This class is instantiated using the cs.NetKit.JWT.new() function.

Note: Shared objects are not supported by the 4D NetKit API.

Table of contents

• cs.NetKit.JWT.new()
• JWT.decode()
• JWT.generate()
• JWT.validate()

cs.NetKit.JWT.new()

cs.NetKit.JWT.new ( key : Text or Object ) : cs.NetKit.JWT

Creates a new instance of the JWT class.

Parameters

Parameter	Type	Description
key	Text/Object	Optional. If text → Key in PEM format. - If object → Must be an object returned by 4D.CryptoKey. If it’s a private key, the public key will be inferred.

Example

var $jwt := cs.NetKit.JWT.new($key)

JWT.decode()

JWT.decode ( token : Text ) : Object

Parameters

Parameter	Type		Description
token	Text	->	JWT string to decode
Result	Object	<-	The decoded content of the JWT

Description

Decodes a JWT string and returns its components (header, payload, signature).

Returned object

The function returns an object containing the following properties:

Property	Type	Description
header	Object	Metadata about the token type and the signing algorithm
payload	Object	The information (claims) of the token like the user’s name, role, user ID, or expiration date.
signature	Object	Ensures the integrity of the token and verifies the sender’s authenticity

Example

var $result := cs.NetKit.JWT.new().decode($token)

JWT.generate()

JWT.generate ( params : Object { ; privateKey : Text or Object } ) : Text

Parameters

Parameter	Type		Description
params	Object	->	Options for the JWT content
privateKey	Text/Object	->	Optional. If text → Private key in PEM format. - If object → Must be returned by 4D.CryptoKey. If omitted, the key passed to JWT.new() will be used.
Result	Text	<-	The generated JWT token

Description

Generates a signed JWT based on the provided parameters and optional private key.

In params, you can pass several properties:

Property		Type	Description
header		Object	(optional) Metadata about the token
	header.alg	Text	Signing algorithm. Defaults to "RS256" if not specified
	header.typ	Text	Token type. Defaults to "JWT" if not specified
payload		Object	The claims/information you want to include in the token

Example

var $params:={header: {alg: "HS256"; typ: "JWT"}}
$params.payload:={sub: "123456789"; name: "John"; exp : 50}

var $token := cs.NetKit.JWT.new().generate($params; $privateKey)

JWT.validate()

JWT.validate ( token : Text { ; key : Text or Object } ) : Boolean

Parameters

Parameter	Type		Description
token	Text	->	JWT token to validate
key	Text	->	Optional. If text → Private or public key in PEM format. - If object → Must be returned by 4D.CryptoKey. If omitted, the key passed to JWT.new() will be used.
Result	Boolean	<-	True if the token is valid, False otherwise

Description

Validates a JWT token using the provided public key or the key passed to the constructor.

Example

var $isValid:= cs.NetKit.JWT.new().validate($token; $key)

See also

• OAuth2Provider Class
• Google Class
• Office365 Class

This site is open source. Improve this page.