Paseto.NET, a Paseto (Platform-Agnostic Security Tokens) implementation for .NET
| v1.local | v1.public | v2.local | v2.public |
|---|---|---|---|
| ❌ | ✔️ | ✔️ | ✔️ |
var token = new PasetoBuilder<Version2>()
.WithKey(secret)
.AddClaim("example", "Hello Paseto!")
.Expiration(DateTime.UtcNow.AddHours(24))
.AsPublic() // Purpose
.Build();var encoder = new PasetoEncoder(cfg => cfg.Use<Version2>(secret)); // default is public purpose
var token = encoder.Encode(new PasetoPayload
{
{ "example", "Hello Paseto!" },
{ "exp", DateTime.UtcNow.AddHours(24) }
});v2.public.eyJleGFtcGxlIjoiSGVsbG8gUGFzZXRvISIsImV4cCI6IjIwMTgtMDQtMDdUMDU6MDQ6MDcuOTE5NjM3NVoifTuR3EYYCG12DjhIqPKiVmTkKx2ewCDrYNZHcoewiF-lpFeaFqKW3LkEgnW28UZxrBWA5wrLFCR5FP1qUlMeqQA
var payload = new PasetoBuilder<Version2>()
.WithKey(publicKey)
.AsPublic() // Purpose
.Decode(token);var decoder = new PasetoDecoder(cfg => cfg.Use<Version2>(publicKey)); // default is public purpose
var payload = decoder.Decode(token);{
"example": "Hello Paseto!",
"exp": "2018-04-07T05:04:07.9196375Z"
}- Switch from Unix DateTime to ISO 8601 compliant to adhere to Paseto registered claims
- Add support for local authentication for v2
- Implement XChaCha20-Poly1305 algorithm
or use an external library
- Implement XChaCha20-Poly1305 algorithm
- Add support for local authentication for v1
- Add payload validation rules
- Improve protocol versioning
- Add more documentation on the usage
- Extend the fluent builder API
- Add more tests
- Uses Ed25519 algorithm from CodesInChaos Chaos.NaCl cryptography library.
- Uses Blake2b cryptographic hash function from metadings repository.
At its current state, libsodium-core and NSec does't support XChaCha20-Poly1305.