go-jwt-transform is a simple utility tool for your transforming a real jwt token into a fake jwt token, because if you store jwt token into a cookie or local storage very unsafe, your jwt token can be seen data using jwt.io website or chrome extension, if you use go-jwt-transform you real jwt token cannot seen using jwt.io website or chrome extension, because what you save is fake jwt token, you can get back real jwt token using decrypt method for parse fake jwt token, if you need decode your fake jwt token in front end use jwt-transform.

• Go JWT Transform
  • Table Of Content
  • Installation
  • API Reference
  • Example Usage
    • transfrom
    • untransform
  • Testing
  • Bugs
  • Contributing
  • License

go get github.com/restuwahyu13/go-jwt-transform

• Transfrom(secretKey string, plainText: string, rotate: uint): ([]byte, error)

  transform jwt token using caesar cipher cryptography from real jwt token into fake jwt token

• Untransform(secretKey string, cipherText: string, rotate: uint): ([]byte, error)

  untransform jwt token using caesar cipher cryptography from fake jwt token into real jwt token

Make this as middleware for transform your fake jwt token to real token, because jwt .verify need real token, if you pass fake token jwt.verify identification your token is not valid and if you not using express, make this as middleware.

package main

import (
	"fmt"
	"log"

	jwttransform "github.com/restuwahyu13/go-jwt-transform"
)

func main() {
	const secretKey string = "46DWzd8YCJyuEsOIy7Mt19sIT4rWaEhP"
	const accessToken string = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
	const rotate int = 15

	cipherText, err := jwttransform.Transform(secretKey, accessToken, rotate)
	if err != nil {
		log.Fatal(err)
	}

	fmt.Println(string(cipherText))
	fmt.Print("\n")

	// fake jwt token
	// tnYwqVrxDxYXJoX1CxXhXcG5rRX6XzeMKRY9.tnYosLXxDxXmByB0CIN3DSzlXxlxqbUiOHX6XzekpV4vGV9aXxlxpLU0XydmCIT2ByB5BSXnuF46SLos8NRYnjThDXn7Bi19hXI4gLpTwE.HuaZmlGYHBtZZU2FI4uleBtYu36EDz6nYK_psFhhl5r

	plainText, err := jwttransform.Untransform(secretKey, string(cipherText), rotate)
	if err != nil {
		log.Fatal(err)
	}

	fmt.Println(string(plainText))

	// real jwt token
	// eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c
}

• Testing Via Local

  go test .

• Testing Via Docker

  docker build -t go-jwt-transform && docker run go-jwt-transform go test .

For information on bugs related to package libraries, please visit here

Want to make go-jwt-transform more perfect ? Let's contribute and follow the contribution guide.

• MIT License

BACK TO TOP