gazagnaire.org / ocaml-paseto
PASETO tokens for OCaml - v3.local (AES-256-CTR) and v4.local (XChaCha20)
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

OCaml 91.3%
Dune 2.4%
Other 6.3%
46 1 0

Clone this repository

https://tangled.org/gazagnaire.org/ocaml-paseto https://tangled.org/did:plc:jhift2vwcxhou52p3sewcrpx/ocaml-paseto
git@git.recoil.org:gazagnaire.org/ocaml-paseto git@git.recoil.org:did:plc:jhift2vwcxhou52p3sewcrpx/ocaml-paseto

For self-hosted knots, clone URLs may differ based on your setup.

Download tar.gz
README.md

PASETO - Platform-Agnostic Security Tokens implementation#

Type-safe PASETO tokens (RFC draft) for OCaml. Supports v3.local (AES-256-CTR + HMAC-SHA384) and v4.local (XChaCha20 + BLAKE2b-MAC) for symmetric authenticated encryption of JSON payloads.

Installation#

Install with opam:

$ opam install paseto

If opam cannot find the package, it may not yet be released in the public opam-repository. Add the overlay repository, then install it:

$ opam repo add samoht https://tangled.org/gazagnaire.org/opam-overlay.git
$ opam update
$ opam install paseto

Documentation#

Example#

Issue a local token with a JSON payload and validate it before trusting the claims:

let issue_and_validate ~key =
  let claims = { Paseto.empty_claims with sub = Some "user-123" } in
  match Paseto.v3_encrypt ~key claims with
  | Error e -> Fmt.failwith "encrypt: %a" Paseto.pp_error e
  | Ok token -> (
      match Paseto.v3_decrypt ~key token with
      | Ok decoded -> decoded
      | Error e -> Fmt.failwith "decrypt: %a" Paseto.pp_error e)