jwt

package

v0.0.0-...-0c4f343 Latest Latest Go to latest Published: Mar 9, 2022 License: MIT Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/gilmoreg/learn

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func DecodeSegment(seg string) ([]byte, error)
func VerifyJWT(keys map[string]*rsa.PublicKey) func(http.ResponseWriter, *http.Request, http.HandlerFunc)
type Claims
type Key
type Parser
- func CreateParser(keys map[string]*rsa.PublicKey) *Parser
type StandardClaims
type Token
- func Parse(tokenString string) (*Token, error)
- func ParseWithClaims(tokenString string, claims Claims) (*Token, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var TimeFunc = time.Now

TimeFunc provides the current time when parsing token to validate "exp" claim (expiration time). You can override it to use another time value. This is useful for testing or if your server uses a different time zone than your tokens.

Functions ¶

func DecodeSegment ¶

func DecodeSegment(seg string) ([]byte, error)

Decode JWT specific base64url encoding with padding stripped

func VerifyJWT ¶

func VerifyJWT(keys map[string]*rsa.PublicKey) func(http.ResponseWriter, *http.Request, http.HandlerFunc)

VerifyJWT - factory function for JWT validation middleware

Types ¶

type Claims ¶

type Claims interface {
	Valid() error
}

type Key ¶

type Key string

type Parser ¶

type Parser struct {
	UseJSONNumber        bool // Use JSON Number format in JSON decoder
	SkipClaimsValidation bool // Skip claims validation during token parsing
}

Parser - JWT parser

func CreateParser ¶

func CreateParser(keys map[string]*rsa.PublicKey) *Parser

CreateParser - initialize JWT parser

func (*Parser) Parse ¶

func (p *Parser) Parse(tokenString string) (*Token, error)

Parse - Parse, validate, and return a token. keyFunc will receive the parsed token and should return the key for validating. If everything is kosher, err will be nil

func (*Parser) ParseUnverified ¶

func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Token, parts []string, err error)

ParseUnverified - parse token without verifying signature WARNING: Don't use this method unless you know what you're doing This method parses the token but doesn't validate the signature. It's only ever useful in cases where you know the signature is valid (because it has been checked previously in the stack) and you want to extract values from it.

func (*Parser) ParseWithClaims ¶

func (p *Parser) ParseWithClaims(tokenString string, claims Claims) (*Token, error)

ParseWithClaims - parse, validate, and return a token with claims

type StandardClaims ¶

type StandardClaims struct {
	Audience  string `json:"aud,omitempty"`
	ExpiresAt int64  `json:"exp,omitempty"`
	Id        string `json:"jti,omitempty"`
	IssuedAt  int64  `json:"iat,omitempty"`
	Issuer    string `json:"iss,omitempty"`
	NotBefore int64  `json:"nbf,omitempty"`
	Subject   string `json:"sub,omitempty"`
}

Structured version of Claims Section, as referenced at https://tools.ietf.org/html/rfc7519#section-4.1 See examples for how to use this with your own claim types

func (StandardClaims) Valid ¶

func (c StandardClaims) Valid() error

Validates time based claims "exp, iat, nbf". There is no accounting for clock skew. As well, if any of the above claims are not in the token, it will still be considered a valid claim.

func (*StandardClaims) VerifyAudience ¶

func (c *StandardClaims) VerifyAudience(cmp string, req bool) bool

Compares the aud claim against cmp. If required is false, this method will return true if the value matches or is unset

func (*StandardClaims) VerifyExpiresAt ¶

func (c *StandardClaims) VerifyExpiresAt(cmp int64, req bool) bool

Compares the exp claim against cmp. If required is false, this method will return true if the value matches or is unset

func (*StandardClaims) VerifyIssuedAt ¶

func (c *StandardClaims) VerifyIssuedAt(cmp int64, req bool) bool

Compares the iat claim against cmp. If required is false, this method will return true if the value matches or is unset

func (*StandardClaims) VerifyIssuer ¶

func (c *StandardClaims) VerifyIssuer(cmp string, req bool) bool

Compares the iss claim against cmp. If required is false, this method will return true if the value matches or is unset

func (*StandardClaims) VerifyNotBefore ¶

func (c *StandardClaims) VerifyNotBefore(cmp int64, req bool) bool

Compares the nbf claim against cmp. If required is false, this method will return true if the value matches or is unset

type Token ¶

type Token struct {
	Raw       string                 // The raw token.  Populated when you Parse a token
	Header    map[string]interface{} // The first segment of the token
	Claims    Claims                 // The second segment of the token
	Signature string                 // The third segment of the token.  Populated when you Parse a token
	Valid     bool                   // Is the token valid?  Populated when you Parse/Verify a token
}

A JWT Token. Different fields will be used depending on whether you're creating or parsing/verifying a token.

func Parse ¶

func Parse(tokenString string) (*Token, error)

Parse, validate, and return a token. If everything is kosher, err will be nil

func ParseWithClaims ¶

func ParseWithClaims(tokenString string, claims Claims) (*Token, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL