README
¶
MJWT
A simple wrapper for JWT. Contains an AccessToken and RefreshToken model.
Documentation
¶
Index ¶
- Constants
- Variables
- func WriteJwkSetJson(w io.Writer, issuers []*Issuer) error
- type BaseTypeClaims
- type Claims
- type EmptyClaims
- type Issuer
- type KeyStore
- func (k *KeyStore) ClearKeys()
- func (k *KeyStore) GetPrivateKey(kid string) (*rsa.PrivateKey, error)
- func (k *KeyStore) GetPublicKey(kid string) (*rsa.PublicKey, error)
- func (k *KeyStore) HasPrivateKey(kid string) bool
- func (k *KeyStore) HasPublicKey(kid string) bool
- func (k *KeyStore) ListKeys() []string
- func (k *KeyStore) LoadPrivateKey(kid string, key *rsa.PrivateKey)
- func (k *KeyStore) LoadPublicKey(kid string, key *rsa.PublicKey)
- func (k *KeyStore) RemoveKey(kid string)
- func (k *KeyStore) SaveKeys() error
- func (k *KeyStore) SaveSingleKey(kid string) error
- func (k *KeyStore) VerifyJwt(token string, claims baseTypeClaim) (*jwt.Token, error)
Constants ¶
const PemExt = ".pem"
const PrivatePemExt = PrivateStr + PemExt
const PrivateStr = ".private"
const PublicPemExt = PublicStr + PemExt
const PublicStr = ".public"
Variables ¶
var ErrClaimTypeMismatch = errors.New("claim type mismatch")
var ErrMissingKeyPair = errors.New("missing key pair")
var ErrMissingPrivateKey = errors.New("missing private key")
var ErrMissingPublicKey = errors.New("missing public key")
Functions ¶
Types ¶
type BaseTypeClaims ¶
BaseTypeClaims is a wrapper for combining the jwt.RegisteredClaims with a ClaimType and generic Claims data
func ExtractClaims ¶
func ExtractClaims[T Claims](ks *KeyStore, token string) (*jwt.Token, BaseTypeClaims[T], error)
ExtractClaims uses a Verifier to validate the MJWT token and returns the parsed token and BaseTypeClaims
func (*BaseTypeClaims[T]) InternalClaimType ¶
func (b *BaseTypeClaims[T]) InternalClaimType() string
InternalClaimType returns the Type of the generic claim struct
func (*BaseTypeClaims[T]) MarshalJSON ¶
func (b *BaseTypeClaims[T]) MarshalJSON() ([]byte, error)
MarshalJSON converts the internalBaseTypeClaims and generic claim struct into a serialized JSON byte array
func (*BaseTypeClaims[T]) UnmarshalJSON ¶
func (b *BaseTypeClaims[T]) UnmarshalJSON(bytes []byte) error
UnmarshalJSON reads the internalBaseTypeClaims and generic claim struct from a serialized JSON byte array
func (*BaseTypeClaims[T]) Valid ¶
func (b *BaseTypeClaims[T]) Valid() error
Valid checks the InternalClaimType matches and the type claim type
type Claims ¶
type Claims interface {
jwt.Claims
Type() string
}
Claims is a wrapper for jwt.Claims and adds a Type method to name internal claim structs
type EmptyClaims ¶ added in v0.4.0
type EmptyClaims struct{}
EmptyClaims contains no claims
func (EmptyClaims) Type ¶ added in v0.4.0
func (e EmptyClaims) Type() string
func (EmptyClaims) Valid ¶ added in v0.4.0
func (e EmptyClaims) Valid() error
type Issuer ¶ added in v0.4.0
type Issuer struct {
// contains filtered or unexported fields
}
Issuer provides the signing for a PrivateKey identified by the KID in the provided KeyStore
func NewIssuerWithKeyStore ¶ added in v0.4.0
func NewIssuerWithKeyStore(name, kid string, signing jwt.SigningMethod, keystore *KeyStore) (*Issuer, error)
NewIssuerWithKeyStore creates an Issuer with a provided KeyStore
func (*Issuer) GenerateJwt ¶ added in v0.4.0
func (i *Issuer) GenerateJwt(sub, id string, aud jwt.ClaimStrings, dur time.Duration, claims Claims) (string, error)
GenerateJwt produces a signed JWT in string form
func (*Issuer) KeyStore ¶ added in v0.4.0
KeyStore outputs the underlying KeyStore used by the Issuer
func (*Issuer) PrivateKey ¶ added in v0.4.0
func (i *Issuer) PrivateKey() (*rsa.PrivateKey, error)
PrivateKey outputs the rsa.PrivateKey from the KID of the Issuer
type KeyStore ¶ added in v0.3.0
type KeyStore struct {
// contains filtered or unexported fields
}
KeyStore provides a store for a collection of private/public keypair structs
func NewKeyStore ¶ added in v0.4.0
func NewKeyStore() *KeyStore
NewKeyStore creates an empty KeyStore
func NewKeyStoreFromDir ¶ added in v0.4.0
NewKeyStoreFromDir creates an empty KeyStore. The provided afero.Fs is walked to find all private/public keys in files named `.private.pem` and `.public.pem` respectively. The keys are loaded into the KeyStore and any errors are returned immediately.
func NewKeyStoreFromPath ¶ added in v0.4.1
NewKeyStoreFromPath creates an empty KeyStore. The provided path is walked to load the private/public keys. See implementation in NewKeyStoreFromDir.
func NewKeyStoreWithDir ¶ added in v0.4.0
NewKeyStoreWithDir creates an empty KeyStore with an underlying afero.Fs filesystem for saving the internal store data
func (*KeyStore) ClearKeys ¶ added in v0.3.0
func (k *KeyStore) ClearKeys()
ClearKeys clears the internal map and makes a new map to release used memory
func (*KeyStore) GetPrivateKey ¶ added in v0.4.0
func (k *KeyStore) GetPrivateKey(kid string) (*rsa.PrivateKey, error)
GetPrivateKey outputs the rsa.PrivateKey for the KID from the KeyStore
func (*KeyStore) GetPublicKey ¶ added in v0.4.0
GetPublicKey outputs the rsa.PublicKey for the KID from the KeyStore
func (*KeyStore) HasPrivateKey ¶ added in v0.4.0
HasPrivateKey outputs true if the KID is found in the KeyStore
func (*KeyStore) HasPublicKey ¶ added in v0.4.0
HasPublicKey outputs true if the KID is found in the KeyStore
func (*KeyStore) ListKeys ¶ added in v0.3.0
ListKeys provides a slice of the KIDs for all keys loaded in the KeyStore
func (*KeyStore) LoadPrivateKey ¶ added in v0.4.0
func (k *KeyStore) LoadPrivateKey(kid string, key *rsa.PrivateKey)
LoadPrivateKey sets the rsa.PrivateKey/rsa.PublicKey for the KID
func (*KeyStore) LoadPublicKey ¶ added in v0.4.0
LoadPublicKey sets the rsa.PublicKey for the KID
func (*KeyStore) SaveKeys ¶ added in v0.4.0
SaveKeys writes the rsa.PrivateKey/rsa.PublicKey for the requested KID to the underlying afero.Fs.
func (*KeyStore) SaveSingleKey ¶ added in v0.4.0
SaveSingleKey writes the rsa.PrivateKey/rsa.PublicKey for the requested KID to the underlying afero.Fs.
Source Files
Directories