pokowaka / jwt-cpp Goto Github PK

On linux platform While linking with libjwt.a I am getting this weird link error for

.text._ZN14HS256ValidatorC2ERKSs[_ZN14HS256ValidatorC5ERKSs]+0x50): undefined reference to `HMACValidator::HMACValidator(std::string const&, env_md_st const*, std::string const&)'

When i comment call to this function everything is fine. Not sure what is going on. On windows everything is fine.

OpenSSL 1.1.x is soon to be deprecated. To keep current, jwt-cpp needs to support OpenSSL 3.

When I used jwt::decode(jwtPayload, algorithms({ "NONE" }), verify(FALSE)) to read algorithm it throws exception when I tested with arm64 architecture(my personal android phone). But it worked with x86 architecture(windows laptop and emulator).

hi. It succeeded in installing and succeeded in obtaining lib and include files. However, when I try to use lib in a new project file, the following error appears. plz help me

Error LNK1120 7 unresolved externals Project1 C:\Users\adydado\Desktop\Testbuild\Project1\Debug\Project1.exe 1
Error LNK2019 unresolved external symbol _EVP_MD_size referenced in function "public: __thiscall HMACValidator::HMACValidator(class std::basic_string<char,struct std::char_traits,class std::allocator > const &,struct evp_md_st const *,class std::basic_string<char,struct std::char_traits,class std::allocator > const &)" (??0HMACValidator@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@v?$allocator@D@2@@std@@PBUevp_md_st@@0@Z) Project1 C:\Users\adydado\Desktop\Testbuild\Project1\Project1\jwtd.lib(hmacvalidator.obj) 1
Error LNK2019 unresolved external symbol _EVP_sha256 referenced in function "public: __thiscall HS256Validator::HS256Validator(class std::basic_string<char,struct std::char_traits,class std::allocator > const &)" (??0HS256Validator@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@v?$allocator@D@2@@std@@@z) Project1 C:\Users\adydado\Desktop\Testbuild\Project1\Project1\main.obj 1
Error LNK2019 unresolved external symbol _HMAC_CTX_free referenced in function "public: __thiscall HMacCtx::~HMacCtx(void)" (??1HMacCtx@@QAE@XZ) Project1 C:\Users\adydado\Desktop\Testbuild\Project1\Project1\jwtd.lib(hmacvalidator.obj) 1
Error LNK2019 unresolved external symbol _HMAC_CTX_new referenced in function "public: __thiscall HMacCtx::HMacCtx(void)" (??0HMacCtx@@QAE@XZ) Project1 C:\Users\adydado\Desktop\Testbuild\Project1\Project1\jwtd.lib(hmacvalidator.obj) 1
Error LNK2019 unresolved external symbol _HMAC_Final referenced in function "public: virtual bool __thiscall HMACValidator::Sign(unsigned char const *,unsigned int,unsigned char *,unsigned int *)const " (?Sign@HMACValidator@@UBE_NPBEIPAEPAI@Z) Project1 C:\Users\adydado\Desktop\Testbuild\Project1\Project1\jwtd.lib(hmacvalidator.obj) 1
Error LNK2019 unresolved external symbol _HMAC_Init_ex referenced in function "public: virtual bool __thiscall HMACValidator::Sign(unsigned char const *,unsigned int,unsigned char *,unsigned int *)const " (?Sign@HMACValidator@@UBE_NPBEIPAEPAI@Z) Project1 C:\Users\adydado\Desktop\Testbuild\Project1\Project1\jwtd.lib(hmacvalidator.obj) 1
Error LNK2019 unresolved external symbol _HMAC_Update referenced in function "public: virtual bool __thiscall HMACValidator::Sign(unsigned char const *,unsigned int,unsigned char *,unsigned int *)const " (?Sign@HMACValidator@@UBE_NPBEIPAEPAI@Z) Project1 C:\Users\adydado\Desktop\Testbuild\Project1\Project1\jwtd.lib(hmacvalidator.obj) 1

Lines 31 and 33.

reinterpret_cast<u_int8_t *>

has to be
reinterpret_cast<uint8_t *>

Lets get right into it..

g++ -Wall -L /usr/local/lib -I /usr/local/include -c -o jwt/jwt.o jwt/jwt.cpp
g++ -std=c++11 -Wall -lcrypto -lssl -ljwt -L /usr/local/lib -I /usr/include -I /usr/include/jwt -I /usr/local/include jwt/jwt_test.cpp jwt/jwt.o -o jwt/jwt_test.o
jwt/jwt.o: In function `centijwt::extract[abi:cxx11](centijwt::jwt_t*)':
jwt.cpp:(.text+0x8d): undefined reference to `JWT::Decode(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, MessageValidator*, ClaimValidator*)'
jwt/jwt.o: In function `HS256Validator::HS256Validator(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&)':
jwt.cpp:(.text._ZN14HS256ValidatorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE[_ZN14HS256ValidatorC5ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE]+0x55): undefined reference to `HMACValidator::HMACValidator(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, evp_md_st const*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&)'
jwt/jwt.o: In function `TimeValidator::~TimeValidator()':
jwt.cpp:(.text._ZN13TimeValidatorD2Ev[_ZN13TimeValidatorD5Ev]+0xd): undefined reference to `vtable for TimeValidator'
jwt/jwt.o: In function `ExpValidator::ExpValidator()':
jwt.cpp:(.text._ZN12ExpValidatorC2Ev[_ZN12ExpValidatorC5Ev]+0x1e): undefined reference to `TimeValidator::TimeValidator(char const*, bool)'
jwt/jwt.o:(.rodata._ZTV12ExpValidator[_ZTV12ExpValidator]+0x20): undefined reference to `TimeValidator::IsValid(nlohmann::basic_json<std::map, std::vector, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, bool, long, unsigned long, double, std::allocator, nlohmann::adl_serializer> const&) const'
jwt/jwt.o:(.rodata._ZTV12ExpValidator[_ZTV12ExpValidator]+0x28): undefined reference to `TimeValidator::toJson[abi:cxx11]() const'
jwt/jwt.o:(.rodata._ZTV14HS256Validator[_ZTV14HS256Validator]+0x20): undefined reference to `HMACValidator::Verify(nlohmann::basic_json<std::map, std::vector, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, bool, long, unsigned long, double, std::allocator, nlohmann::adl_serializer> const&, unsigned char const*, unsigned long, unsigned char const*, unsigned long) const'
jwt/jwt.o:(.rodata._ZTV14HS256Validator[_ZTV14HS256Validator]+0x28): undefined reference to `HMACValidator::toJson[abi:cxx11]() const'
jwt/jwt.o:(.rodata._ZTV14HS256Validator[_ZTV14HS256Validator]+0x38): undefined reference to `MessageValidator::Accepts(nlohmann::basic_json<std::map, std::vector, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, bool, long, unsigned long, double, std::allocator, nlohmann::adl_serializer> const&) const'
jwt/jwt.o:(.rodata._ZTV14HS256Validator[_ZTV14HS256Validator]+0x40): undefined reference to `HMACValidator::Sign(unsigned char const*, unsigned long, unsigned char*, unsigned long*) const'
jwt/jwt.o: In function `HS256Validator::~HS256Validator()':
jwt.cpp:(.text._ZN14HS256ValidatorD2Ev[_ZN14HS256ValidatorD5Ev]+0x20): undefined reference to `HMACValidator::~HMACValidator()'
jwt/jwt.o:(.rodata._ZTI12ExpValidator[_ZTI12ExpValidator]+0x10): undefined reference to `typeinfo for TimeValidator'
jwt/jwt.o:(.rodata._ZTI14HS256Validator[_ZTI14HS256Validator]+0x10): undefined reference to `typeinfo for HMACValidator'
collect2: error: ld returned 1 exit status
Makefile:5: recipe for target 'jwt_test' failed

Ok so to give you an idea, I have a simple project structure where I've cloned this repo and have followed the instructions to create the makefile and make install.

What I have are libs here...

/usr/local/lib/libjwt.a

and a bunch of header files here

/usr/local/include/jwt

Which ought to make sense. So now in theory if I had the following three files in my projects folder...

/project/jwt/jwt.h

#ifndef centijwt_h
#define centijwt_h
#include "jwt/jwt_all.h"
#include <stdint.h>
#include <string>
namespace centijwt {
struct jwt_t {
	std::string token;
	std::string secret;
};

std::tuple<::json, ::json> extract(jwt_t * cjwt);
}
#endif

/project/jwt/jwt.cpp

#ifndef centijwt_cpp
#define centijwt_cpp
#include "jwt/jwt_all.h"
#include "./jwt.h"
using json = nlohmann::json;
namespace centijwt {
/////// START //////////
std::tuple<::json, ::json> extract(jwt_t * cjwt) {
	ExpValidator exp;
    HS256Validator signer(cjwt->secret);
    json header, payload;
    // Now let's use these validators to parse and verify the token we created
    // in the previous example
    try {
        // Decode and validate the token
        

        std::tie(header, payload) = JWT::Decode(cjwt->token, &signer, &exp);
        std::cout << "Header: " << header << std::endl;
        std::cout << "Payload: " << payload << std::endl;
    } catch (InvalidTokenError &tfe) {
        // An invalid token
        std::cout << "Validation failed: " << tfe.what() << std::endl;
    }

    return std::make_tuple(header, payload);
}
//////// END //////////
}
#endif

And lastly my test file

/project/jwt_test.cpp

#include <iostream>
#include "jwt/jwt_all.h"
#include "./jwt.h"
using json = nlohmann::json;
// qwertyuiopasdfghjklzxcvbnm123456
// HS256
using namespace std;
int main(int argc, char **argv) {
	centijwt::jwt_t jwt;
	jwt.token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJJc3N1ZXIiLCJpYXQiOjE1MjI1MzkxMDUsImV4cCI6MTU1NDA3NTA5NywiYXVkIjoiQXVkaWVuY2UiLCJzdWIiOiJTdWJqZWN0In0.bQu8fFlp3lZE9RhGkYhFWlBo70Iym8zlM1au9WgI2Wo";
	jwt.secret = "qwertyuiopasdfghjklzxcvbnm123456";
	json header, payload;
	tie(header, payload) = centijwt::extract(&jwt);
}

In my project root /project/Makefile

CC=g++
CFLAGS=-c -Wall

jwt_test: jwt.o
	g++ -std=c++11 -Wall -lcrypto -lssl -ljwt -L /usr/local/lib -I /usr/include -I /usr/include/jwt -I /usr/local/include jwt/jwt_test.cpp jwt/jwt.o -o jwt/jwt_test.o

jwt.o:
	g++ -Wall -L /usr/local/lib -I /usr/local/include -c -o jwt/jwt.o jwt/jwt.cpp

aes_test: aes.o
	g++ -Wall -lcrypto aes/aes_test.cpp aes/aes.o -o aes/aes_test.o

aes.o:
	g++ -Wall -c -lcrypto -o aes/aes.o aes/aes.cpp

clean:
	rm **/*.o

Since I'm just getting back into all this, there's a chance that I've linked something wrong, but the paths all look good. From what I understand these ref errors are caused by virtual functions not being implemented.
jwt/jwt.o:(.rodata._ZTI14HS256Validator[_ZTI14HS256Validator]+0x10): undefined reference totypeinfo for HMACValidator'`

But seeing no one has complained yet, I'm guessing it may be something I'm doing? Is there something I should do differently or is there really a bug? This is running on x86_64 arch ubuntu docker container. I have openssl and everything installed correctly, at least for my other files that deal with openssl which work.

Hi, I just installed this library. The first thing I wanted to do is try a sample application it contains.
Build it with the steps specified in README.md.
I have also installed nlohmann json library.

Generated following error:

/tmp/ccII9c8j.o: In function main': sign.cpp:(.text+0x24e): undefined reference to JWT::Encode(MessageSigner const&, nlohmann::basic_json<std::map, std::vector, std::__cxx11::basic_string<char, std::char_traits, std::allocator >, bool, long, unsigned long, double, std::allocator, nlohmann::adl_serializer> const&, nlohmann::basic_json<std::map, std::vector, std::__cxx11::basic_string<char, std::char_traits, std::allocator >, bool, long, unsigned long, double, std::allocator, nlohmann::adl_serializer>)'
/tmp/ccII9c8j.o: In function HS256Validator::HS256Validator(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&)': sign.cpp:(.text._ZN14HS256ValidatorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE[_ZN14HS256ValidatorC5ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE]+0x21): undefined reference to EVP_sha256'
sign.cpp:(.text._ZN14HS256ValidatorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE[_ZN14HS256ValidatorC5ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE]+0x5f): undefined reference to HMACValidator::HMACValidator(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, evp_md_st const*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&)' /tmp/ccII9c8j.o:(.rodata._ZTV14HS256Validator[_ZTV14HS256Validator]+0x20): undefined reference to HMACValidator::Verify(nlohmann::basic_json<std::map, std::vector, std::__cxx11::basic_string<char, std::char_traits, std::allocator >, bool, long, unsigned long, double, std::allocator, nlohmann::adl_serializer> const&, unsigned char const*, unsigned long, unsigned char const*, unsigned long) const'
/tmp/ccII9c8j.o:(.rodata._ZTV14HS256Validator[_ZTV14HS256Validator]+0x28): undefined reference to HMACValidator::toJson[abi:cxx11]() const' /tmp/ccII9c8j.o:(.rodata._ZTV14HS256Validator[_ZTV14HS256Validator]+0x38): undefined reference to MessageValidator::Accepts(nlohmann::basic_json<std::map, std::vector, std::__cxx11::basic_string<char, std::char_traits, std::allocator >, bool, long, unsigned long, double, std::allocator, nlohmann::adl_serializer> const&) const'
/tmp/ccII9c8j.o:(.rodata._ZTV14HS256Validator[_ZTV14HS256Validator]+0x40): undefined reference to HMACValidator::Sign(unsigned char const*, unsigned long, unsigned char*, unsigned long*) const' /tmp/ccII9c8j.o: In function HS256Validator::~HS256Validator()':
sign.cpp:(.text._ZN14HS256ValidatorD2Ev[_ZN14HS256ValidatorD5Ev]+0x20): undefined reference to HMACValidator::~HMACValidator()' /tmp/ccII9c8j.o:(.rodata._ZTI14HS256Validator[_ZTI14HS256Validator]+0x10): undefined reference to typeinfo for HMACValidator'
collect2: error: ld returned 1 exit status`

Currently the JWT cmake file uses different ways to find OpenSSL on each platform. This makes the cmake file more complicated than necessary.

Even worse is that the standard way to let cmake find a dependency in a non-system path doesn't work. Normally if I want jwt-cpp to find an OpenSSL library installed in directory /foo/bar, I would include that path in CMAKE_PREFIX_PATH. This currently doesn't work (at least on Linux) because the cmake file uses pkconfig to find OpenSSL unless you define the following 3 (!) cmake variables:
OPENSSL_INCLUDE_DIRS
OPENSSL_LIBRARY_DIRS
OPENSSL_LIBRARIES

Also the conan recipe for jwt-cpp currently doesn't work correctly on Linux, because jwt-cpp ignores the CMAKE_PREFIX_PATH.

I suggest to keep the variables OPENSSL_INCLUDE_DIRS, OPENSSL_LIBRARY_DIRS, OPENSSL_LIBRARIES for backwards compatibility, but if they are not defined then use the normal way:
find_package(OpenSSL)
to find OpenSSL.

obj/Debug64/testcase/main.o: In function RS256Validator::RS256Validator(std::string const&)': /home/chess/build/gmake/../../3rds/jwt-cpp/include/jwt/rsavalidator.h:67: undefined reference to RSAValidator::RSAValidator(std::string const&, evp_md_st const*, std::string const&)'
collect2: error: ld returned 1 exit status
make[1]: *** [../../bin/testcase_debug] Error 1
make: *** [testcase] Error 2
Make fail!!!

I was unable to validate tokens with proper "exp" and "iat" claims. Therefore i dug a little bit into the TimeValidator et al and stumbled upon what i think might be a bug.

class UtcClock : public IClock {
 public:
    uint64_t Now() {
      time_t rawtime = 0;
      struct tm ptm = {0};
      time(&rawtime);
      #ifdef _WIN32
      gmtime_s(&ptm, &rawtime);
      #else
      gmtime_r(&rawtime, &ptm);
      #endif
      return mktime(&ptm); // <----------------- mktime(...) should actually be timegm(...)?
    }
};

According to the linux man pages mktime takes broken down time expressed as local time and converts it to unix time. At the same time gmtime_r returns unix time. So if i am not mistaken mktime fails to return a correct time value when your local time is not UTC. The function "timegm" takes UTC and returns unix time.

Replacing

return mktime(&ptm);

with

return timegm(&ptm);

should fix this issue.

Your "json.hpp" file is supposedly v2.1.1 from nlohmann/json but it has massive differences from the actual version. It almost looks like some kind of weird pre-processing was done on it. Anyway, there are many cases of std::numeric_limits<type>::(xxx)() which does not compile with clang 4.0. The original v2.1.1 json.hpp file has this std::numeric_limits<type>::xxx() which compiles fine.

Error with clang 4.0:

z.cc:5:44: error: expected unqualified-id
    std::cout << std::numeric_limits<int>::(max)() << std::endl;
                                           ^
z.cc:5:45: error: use of undeclared identifier 'max'; did you mean 'std::max'?

I was able to replace your version of the file with the unaltered one and get it to compile, but I am not sure what other mods you might have made that are necessary for correct operation (hopefully none -- in which case I suggest either including the unaltered version, or removing it and adding a dependency on nlohmann/json.)

Hello

I've detected another memory leak, this time in evpdm. The patch is added below:

From bd7744b Mon Sep 17 00:00:00 2001
From: Pieter Cardoen [email protected]
Date: Tue, 30 Jan 2018 20:57:52 +0100
Subject: [PATCH] Fixed memory leak in evpmd

src/include/private/ssl_compat.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/include/private/ssl_compat.h b/src/include/private/ssl_compat.h
index 1ada408..8664a20 100644
--- a/src/include/private/ssl_compat.h
+++ b/src/include/private/ssl_compat.h
@@ -9,7 +9,7 @@ class EvpMdCtx {
public:
EvpMdCtx() { EVP_MD_CTX_init(&ctx_); }

• ~EvpMdCtx() {}

• ~EvpMdCtx() { EVP_MD_CTX_cleanup(&ctx_); }

  EVP_MD_CTX* get() { return &ctx_; }

--
2.7.4

A while back we made a modification to the included copy of Nholmann/json.hpp 2.11 in order to fix a compilation issue on Windows machines. The fix was cherry picked from the Nholmann/json.hpp 3.X development codebase. The 3.0 version of Nholmannn/json.hpp has since been officially released, so I would recommend switching from the modified 2.11 version to the latest official version 3.12.

I see some good fixes for SSL and memory leak after v1.0.
Please create a new Release version of latest master, so I can use it.
Thanks
Raman

Have you considered making the library header only? e.g. like https://github.com/fmtlib/fmt or https://github.com/gabime/spdlog

It can't even be empty :/
Solution can be:
set(OPENSSL_LIBRARIES "cant_be_empty_but_only_read_by_mac")

This is cmake result for relase:

-- The C compiler identification is AppleClang 8.1.0.8020042
-- The CXX compiler identification is AppleClang 8.1.0.8020042
-- Check for working C compiler: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/cc
-- Check for working C compiler: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/cc -- works
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Detecting C compile features
-- Detecting C compile features - done
-- Check for working CXX compiler: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/c++
-- Check for working CXX compiler: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/c++ -- works
-- Detecting CXX compiler ABI info
-- Detecting CXX compiler ABI info - done
-- Detecting CXX compile features
-- Detecting CXX compile features - done
-- Found PythonInterp: /usr/bin/python (found version "2.7.10") 
CMake Warning at tools/cmake/CodeCoverage.cmake:82 (MESSAGE):
  Compiler is not GNU gcc! Clang Version 3.0.0 and greater supports gcov as
  well, but older versions don't.
Call Stack (most recent call first):
  CMakeLists.txt:16 (INCLUDE)


CMake Warning at tools/cmake/CodeCoverage.cmake:112 (MESSAGE):
  Code coverage results with an optimized (non-Debug) build may be misleading
Call Stack (most recent call first):
  CMakeLists.txt:16 (INCLUDE)


-- Could NOT find Doxygen (missing:  DOXYGEN_EXECUTABLE) 
Git version: eb9f3b5afc43f679c6bdc44196e6d3fc59ac6396
Building untagged branch
-- Looking for jansson
-- Jannson Already Available /usr/local/lib/libjansson.dylib
-- Found PkgConfig: /usr/local/bin/pkg-config (found version "0.29") 
-- Checking for one of the modules 'openssl;openssl>=1.0.2'
-- Using OpenSSL 1.1.1-dev - /usr/local/lib - /usr/local/lib
-- Looking for pthread.h
-- Looking for pthread.h - found
-- Looking for pthread_create
-- Looking for pthread_create - found
-- Found Threads: TRUE  
-- Configuring done
-- Generating done
-- Build files have been written to: /Users/gokhanacer/KU/jwt-cpp/release

and then I try to "make install" command, but it is appeared:

[  2%] Building CXX object src/CMakeFiles/jwt.dir/jwt/jwt.cpp.o
[  5%] Building CXX object src/CMakeFiles/jwt.dir/base64/base64.cpp.o
[  8%] Building CXX object src/CMakeFiles/jwt.dir/validators/hmacvalidator.cpp.o
/Users/gokhanacer/KU/jwt-cpp/src/validators/hmacvalidator.cpp:31:47: error: 
      member access into incomplete type 'const EVP_MD' (aka 'const evp_md_st')
  md_(md), algorithm_(algorithm), key_size_(md->md_size), key_(key) {
                                              ^
/usr/local/include/openssl/ossl_typ.h:91:16: note: forward declaration of
      'evp_md_st'
typedef struct evp_md_st EVP_MD;
               ^
/Users/gokhanacer/KU/jwt-cpp/src/validators/hmacvalidator.cpp:68:12: error: 
      variable has incomplete type 'HMAC_CTX' (aka 'hmac_ctx_st')
  HMAC_CTX ctx;
           ^
/usr/local/include/openssl/ossl_typ.h:102:16: note: forward declaration of
      'hmac_ctx_st'
typedef struct hmac_ctx_st HMAC_CTX;
               ^
2 errors generated.
make[2]: *** [src/CMakeFiles/jwt.dir/validators/hmacvalidator.cpp.o] Error 1
make[1]: *** [src/CMakeFiles/jwt.dir/all] Error 2
make: *** [all] Error 2

Hello

Is it possible to apply nested jwts? I would like to use a nested jwe-jws structure.

Thanks
Pieter

Hello,
Do you know about Conan?
Conan is modern dependency manager for C++. And will be great if your library will be available via package manager for other developers.

Here you can find example, how you can create package for the library.

If you have any questions, just ask :-)

I see this code in jwt.cpp:

    str_ptr dec_header(new char[num_dec_header]);
    if (Base64Encode::DecodeUrl(header, num_header, dec_header.get(),
                                &num_dec_header) != 0) {
        // This cannot happen, as we have checked for valid characters already..
        throw std::logic_error("validated header block has invalid characters");
    }
    // Make sure we have a proper \0 termination
    dec_header.get()[num_dec_header] = 0;

Shouldn't the last line be like below ? I mean the array size is num_dec_header, so the last element in the array is at num_dec_header - 1.

dec_header.get()[num_dec_header - 1] = 0;

First, jwtd.lib Compiled successfully. But when i test in my project , it reports link errors,As shown below

error LNK2019: unresolved external symbol _EVP_sha256 referenced in function "public: __thiscall HS256Validator::HS256Validator(class std::basic_string<char,struct std::char_traits,class std::allocator > const &)" (??0HS256Validator@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@v?$allocator@D@2@@std@@@z)
1>jwtd.lib(hmacvalidator.obj) : error LNK2019: unresolved external symbol _EVP_MD_size referenced in function "public: __thiscall HMACValidator::HMACValidator(class std::basic_string<char,struct std::char_traits,class std::allocator > const &,struct evp_md_st const *,class std::basic_string<char,struct std::char_traits,class std::allocator > const &)" (??0HMACValidator@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@v?$allocator@D@2@@std@@PBUevp_md_st@@0@Z)
1>jwtd.lib(hmacvalidator.obj) : error LNK2019: unresolved external symbol _HMAC_CTX_new referenced in function "public: __thiscall HMacCtx::HMacCtx(void)" (??0HMacCtx@@QAE@XZ)
1>jwtd.lib(hmacvalidator.obj) : error LNK2019: unresolved external symbol _HMAC_CTX_free referenced in function "public: __thiscall HMacCtx::~HMacCtx(void)" (??1HMacCtx@@QAE@XZ)
1>jwtd.lib(hmacvalidator.obj) : error LNK2019: unresolved external symbol _HMAC_Init_ex referenced in function "public: virtual bool __thiscall HMACValidator::Sign(unsigned char const *,unsigned int,unsigned char *,unsigned int *)const " (?Sign@HMACValidator@@UBE_NPBEIPAEPAI@Z)
1>jwtd.lib(hmacvalidator.obj) : error LNK2019: unresolved external symbol _HMAC_Update referenced in function "public: virtual bool __thiscall HMACValidator::Sign(unsigned char const *,unsigned int,unsigned char *,unsigned int *)const " (?Sign@HMACValidator@@UBE_NPBEIPAEPAI@Z)
1>jwtd.lib(hmacvalidator.obj) : error LNK2019: unresolved external symbol _HMAC_Final referenced in function "public: virtual bool __thiscall HMACValidator::Sign(unsigned char const *,unsigned int,unsigned char *,unsigned int *)const " (?Sign@HMACValidator@@UBE_NPBEIPAEPAI@Z)
1>........\build\Win32\VC14\DLL Debug\curl_test.exe : fatal error LNK1120: 7 unresolved externals

I'm trying to use your library in Qt project using these lines in the my .pro file:

INCLUDEPATH += /usr/local/include/jwt
LIBS += -ljansson -ljwt -lcrypto -L/usr/local/lib

But I get these errors on the build stage:

/usr/local/lib/libjwt.a(jwt.cpp.o): In function `JWT::ExtractPayload(char const*, unsigned long)':
jwt.cpp:(.text+0x77b): undefined reference to `json_loads'
/usr/local/lib/libjwt.a(jwt.cpp.o): In function `JWT::Decode(char const*, unsigned long, MessageValidator*, ClaimValidator*)':
jwt.cpp:(.text+0xd41): undefined reference to `json_loads'
Makefile:333: recipe for target 'ProjectY_Server' failed
collect2: error: ld returned 1 exit status

How can I fix it?
Regards.

How can we integrate this with yocto? Where is the .bb recipe for this?

Hi thanks for a nice package I especially like the new JSON library. I have a question though - is the make install supposed to be installing the jwt header files as well as the library file? I don't seem to get the jwt header files, just the JSON one... Note this is a bit of an odd case I am building a FreeBSD port for your package (for our local use), but it uses the unmodified CMakeLists.txt files.

===> Fetching all distfiles required by local-jwt-cpp-1.0.11 for building
=> SHA256 Checksum OK for pokowaka-jwt-cpp-v1.0-11-g3d103ab_GH0.tar.gz.
...
===> Performing out-of-source build
...
Building untagged branch
...
===> Building for local-jwt-cpp-1.0.11
...
===> Staging for local-jwt-cpp-1.0.11
===> Generating temporary packing list
[0/1] cd /var/ports/local/jwt-cpp/work/.build && /usr/local/bin/cmake -DCMAKE_INSTALL_DO_STRIP=1 -P cmake_install.cmake
-- Install configuration: "Release"
-- Installing: /var/ports/local/jwt-cpp/work/stage/usr/local/lib/libjwt.a
-- Installing: /var/ports/local/jwt-cpp/work/stage/usr/local/include/jwt/json.hpp
====> Compressing man pages (compress-man)

When executing the example code from Readme.md with link option -fsanitize=address, I get this error:

==10689==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 360 byte(s) in 3 object(s) allocated from:
#0 0x7fdf490fe602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
#1 0x7fdf48c84e77 in CRYPTO_malloc (/lib/x86_64-linux-gnu/libcrypto.so.1.0.0+0x62e77)

SUMMARY: AddressSanitizer: 360 byte(s) leaked in 3 allocation(s).

SET(OPENSSL_LIBRARIES "libcrypto libssl") changes to SET(OPENSSL_LIBRARIES libcrypto libssl) will fix this problem

Example of spdlog giving the opportunity to bundle own fmt: https://github.com/gabime/spdlog/wiki/8.-Tweaking

///////////////////////////////////////////////////////////////////////////////
// Uncomment to use your own copy of the fmt library instead of spdlog's copy.
// In this case spdlog will try to include <fmt/format.h> so set your -I flag accordingly.
//
// #define SPDLOG_FMT_EXTERNAL
///////////////////////////////////////////////////////////////////////////////

As I known in linux,so file default all the function or class ,but windows dll file not.

We are reading the jwt-token from file and many editors adds a \n, which fails in the base64-check.

Would it be possible to also release this under the Boost Software License? Some employers only allow the BSL (Boost license).

can you write a little detailed steps to run a sample xcode project with Jwt
and all included libraries(openSSL....)