@@ JSON Web Token functions. Requires HMAC() function from recent Penn git @create JWT @set JWT = VISUAL @set JWT = NO_COMMAND &CREATE JWT=[localize([setq(H, encode64(json(object, typ, "JWT", alg, "HS256")))][setq(P, encode64(%0))][setq(S, hmac(sha256, %1, %qH.%qP, base64))]%qH.%qP.%qS)] &CREATE`HELP JWT=u(JWT/create, PAYLOAD, KEY) returns a JSON Web Token signed with the given KEY. PAYLOAD should be a JSON object. &DESCRIBE JWT=JSON Web Token functions &PAYLOAD JWT=[decode64(extract(%0, 2, 1, .))] &PAYLOAD`HELP JWT=u(JWT/payload, JWT) returns the decoded payload of a JSON Web Token. &VALID JWT=[localize([setq(H, decode64(extract(%0, 1, 1, .)))][cand(eq(comp(json_query(%qH, extract, $.alg), HS256), 0), eq(comp(json_query(%qH, extract, $.typ), JWT), 0), eq(comp(extract(%0, 3, 1, .), hmac(sha256, %1, extract(%0, 1, 2, .), base64)), 0))])] &VALID`HELP JWT=u(JWT/valid, JWT, KEY) returns 1 if the given JSON Web Token is signed by KEY, 0 if not. &VERSION JWT=1