jwt

Documentation

Overview

Package jwt manipulates JWT tokens.

Index

• func CreateFromCert(svcName string, caPEM []byte, cert *x509.Certificate, trustedHost bool) (string, error)
• func CreateFromEmail(svcName string, caPEM []byte, email string, expiration time.Duration) (string, error)
• type ServiceClaims
  • func Claims(t *jwt.Token) (ServiceClaims, error)
  • func Parse(t string, caPEM []byte) (*jwt.Token, ServiceClaims, error)

Functions

func CreateFromCert

func CreateFromCert(svcName string, caPEM []byte, cert *x509.Certificate, trustedHost bool) (string, error)

CreateFromCert a JWT whose content indicate a high-trust login.

func CreateFromEmail

func CreateFromEmail(svcName string, caPEM []byte, email string, expiration time.Duration) (string, error)

CreateFromEmail a JWT whose content indicate a low-trust login.

Types

type ServiceClaims

type ServiceClaims struct {
	// Email is the actor who is logging in.
	Email string
	// Target defines to which service this token was created for.
	Target string
	// Trust defines the trust level so to give the application some context
	// on how it should handle low-trust logins.
	Trust string

	jwt.StandardClaims
}

ServiceClaims define the set of claims used by cirello.io services.

func Claims

func Claims(t *jwt.Token) (ServiceClaims, error)

Claims from a given token. It will return not OK if a ServiceClaim is not found.

func Parse

func Parse(t string, caPEM []byte) (*jwt.Token, ServiceClaims, error)

Parse decodes the JWT from the given string. It will return only a valid token, and an error otherwise.