Branca - Golang implementation of Branca Tokens


branca is a secure alternative to JWT, This implementation is written in pure Go (no cgo dependencies) and implements the branca token specification.


Go 1.13+


go get -u


package main

import (

func main() {
	b := branca.NewBranca("supersecretkeyyoushouldnotcommit") // This key must be exactly 32 bytes long.
	// Encode String to Branca Token.
	token, err := b.EncodeToString("Hello world!")
	if err != nil {
    //b.SetTTL(3600) // Uncomment this to set an expiration (or ttl) of the token (in seconds).
    //token = "87y8daMzSkn7PA7JsvrTT0JUq1OhCjw9K8w2eyY99DKru9FrVKMfeXWW8yB42C7u0I6jNhOdL5ZqL" // This token will be not allowed if a ttl is set.
	// Decode Branca Token.
	message, err := b.DecodeToString(token)
	if err != nil {
		fmt.Println(err) // token is expired.
	fmt.Println(token) // 87y8da....
	fmt.Println(message) // Hello world!


Here are a few things that need to be done:

  • Remove cgo dependencies.
  • Move to a pure XChaCha20 algorithm in Go.
  • Add more tests than just acceptance tests.
  • Increase test coverage.
  • Additional Methods. (Encode, Decode []byte)
  • Performance benchmarks.
  • More comments, examples and documentation.


Contributions are welcome! Fork this repo and add your changes and submit a PR.

If you would like to fix a bug, add a feature or provide feedback you can do so in the issues section.

You can run tests by runnning go test . Running go test; go vet; golint is recommended.



Nguồn : Github