Any good suggestions for a light weight (many JWT ...
# http4kc
Cies
06/12/2025, 8:40 AMAny good suggestions for a light weight (many JWT libs depend on kotlin-reflect and/or jackson!) JWT lib that supports the
hs256d
dave
06/12/2025, 8:59 AMI generally defer to nimbus for JWT stuff. No real reason - there are a few that seem to be ok (if a little Java'y in style).
I might be tempted to create a set of security interfaces for common operations like JWTVerifier and JWT signer, which we can shim into various libs.
🔖 1
c
Cies
06/12/2025, 9:05 AMit's a nice option indeed (https://mvnrepository.com/artifact/com.nimbusds/nimbus-jose-jwt/10.3) only optional compile dependencies and 0.7MB in size, and very well maintained.
I'll go with that then (actually I only need decoding/verifying, so I could roll my own and incur no 0.7MB dep load).
I was using 0auth's, but that uses jackson.
Cies
06/12/2025, 9:05 AMtnx!
Cies
06/12/2025, 11:56 AMEnded up rolling my own. I need not lots of flexibility. Just parse Supabase's auth JWTs, and that's it.
c
Chris Lee
06/12/2025, 2:22 PMi ended up with a thin kotlin facade (a few interfaces) over nimbus.