jwt

package
v0.0.0-...-e76cf3b Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 6, 2021 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ValidationErrorMalformed        uint32 = 1 << iota // Token is malformed
	ValidationErrorUnverifiable                        // Token could not be verified because of signing problems
	ValidationErrorSignatureInvalid                    // Signature validation failed

	// Standard Claim validation errors
	ValidationErrorAudience      // AUD validation failed
	ValidationErrorExpired       // EXP validation failed
	ValidationErrorIssuedAt      // IAT validation failed
	ValidationErrorIssuer        // ISS validation failed
	ValidationErrorNotValidYet   // NBF validation failed
	ValidationErrorId            // JTI validation failed
	ValidationErrorClaimsInvalid // Generic claims validation error
)

The errors that might occur when parsing and validating a token

View Source 
const (
	Review      Stage = "review"
	Approved          = "approved"
	Ready             = "ready"
	Initialized       = "initialized"
	Revoked           = "revoked"
)

Variables

View Source 
var (
	ErrInvalidKey      = errors.New("key is invalid")
	ErrInvalidKeyType  = errors.New("key is of invalid type")
	ErrHashUnavailable = errors.New("the requested hash function is unavailable")
)

Error constants

View Source 
var LOGGER = logging.MustGetLogger("jwt-helper")
View Source 
var TimeFunc = time.Now

Functions

func CreateAndSign 

func CreateAndSign(claims IJWTTokenClaim, hmacSampleSecret, keyID string) (string, error)

func InstitutionOwnsParticipantId 

func InstitutionOwnsParticipantId(participantId string, institution Institution) bool

func ResponseError 

func ResponseError(w http.ResponseWriter, statusCode int, err error)

func ResponseSuccess 

func ResponseSuccess(w http.ResponseWriter, msg string)

func VerifyWWTokenCustom 

func VerifyWWTokenCustom(decodedToken IJWTTokenClaim, nFromDb int, jtiFromDb, compareIncomingIp, compareEndpoint, compareAccount string) (bool, string)

Types

type General 

type General struct {
	JTI string `json:"jti"`
}

type IJWTSecure 

type IJWTSecure struct {
	ID     primitive.ObjectID `json:"_id" bson:"_id"`
	Secret string             `json:"secret" bson:"secret"`
	JTI    string             `json:"jti" bson:"jti"`
	Number int                `json:"number" bson:"number"`
}

type IJWTTokenClaim 

type IJWTTokenClaim struct {
	jwt.StandardClaims
	Account     []string `json:"acc"`
	Version     string   `json:"ver"`
	IPs         []string `json:"ips"`
	Environment string   `json:"env"`
	Endpoints   []string `json:"enp"`
	Number      int      `json:"n"`
}

func CreateClaims 

func CreateClaims(token Info, count int, iid, keyID string) IJWTTokenClaim

func Parse 

func Parse(tokenString string) (*IJWTTokenClaim, string, error)

func Verify 

func Verify(tokenString, secret string) (*IJWTTokenClaim, bool)

func (IJWTTokenClaim) Valid 

func (c IJWTTokenClaim) Valid() error

Validates time based claims "exp, iat, nbf". There is no accounting for clock skew. As well, if any of the above claims are not in the token, it will still be considered a valid claim.

func (*IJWTTokenClaim) VerifyAudience 

func (c *IJWTTokenClaim) VerifyAudience(cmp string, req bool) bool

Compares the aud claim against cmp. If required is false, this method will return true if the value matches or is unset

func (*IJWTTokenClaim) VerifyExpiresAt 

func (c *IJWTTokenClaim) VerifyExpiresAt(cmp int64, req bool) bool

Compares the exp claim against cmp. If required is false, this method will return true if the value matches or is unset

func (*IJWTTokenClaim) VerifyIssuedAt 

func (c *IJWTTokenClaim) VerifyIssuedAt(cmp int64, req bool) bool

Compares the iat claim against cmp. If required is false, this method will return true if the value matches or is unset

func (*IJWTTokenClaim) VerifyNotBefore 

func (c *IJWTTokenClaim) VerifyNotBefore(cmp int64, req bool) bool

Compares the nbf claim against cmp. If required is false, this method will return true if the value matches or is unset

type IVerifyCompare 

type IVerifyCompare struct {
	Endpoint string
	IP       string
	Account  string
	JTI      string
}

type Info 

type Info struct {
	Acc         []string `json:"acc" bson:"acc"`
	Active      bool     `json:"active" bson:"active"`
	ApprovedAt  int64    `json:"approvedAt" bson:"approvedAt"`
	ApprovedBy  string   `json:"approvedBy" bson:"approvedBy"`
	Aud         string   `json:"aud" bson:"aud"`
	CreatedAt   int64    `json:"createdAt" bson:"createdAt"`
	CreatedBy   string   `json:"createdBy" bson:"createdBy"`
	Description string   `json:"description" bson:"description"`
	Enp         []string `json:"enp" bson:"enp"`
	Env         string   `json:"env" bson:"env"`
	IPs         []string `json:"ips" bson:"ips"`
	JTI         string   `json:"jti" bson:"jti"`
	Stage       Stage    `json:"stage" bson:"stage"`
	Sub         string   `json:"sub" bson:"sub"`
	RevokedAt   int64    `json:"revokedAt" bson:"revokedAt"`
	RevokedBy   string   `json:"revokedBy" bson:"revokedBy"`
	RefreshedAt int64    `json:"refreshedAt" bson:"refreshedAt"`
	Ver         string   `json:"ver" bson:"ver"`
	Institution string   `json:"institution" bson:"institution"`
}

type Institution 

type Institution struct {
	ID    primitive.ObjectID `json:"_id" bson:"_id"`
	Info  InstitutionInfo    `json:"info" bson:"info"`
	Nodes []InstitutionNode  `json:"nodes" bson:"nodes"`
}

type InstitutionInfo 

type InstitutionInfo struct {
	Address1      string `json:"address1" bson:"address1"`
	Address2      string `json:"address2" bson:"address2"`
	City          string `json:"city" bson:"city"`
	Country       string `json:"country" bson:"country"`
	GeoLat        string `json:"geo_lat" bson:"geo_lat"`
	GeoLon        string `json:"geo_lon" bson:"geo_lon"`
	InstitutionId string `json:"institutionId" bson:"institutionId"`
	Kind          string `json:"kind" bson:"kind"`
	LogoUrl       string `json:"logo_url" bson:"logo_url"`
	Name          string `json:"name" bson:"name"`
	SiteUrl       string `json:"site_url" bson:"site_url"`
	Slug          string `json:"slug" bson:"slug"`
	State         string `json:"state" bson:"state"`
	Status        string `json:"status" bson:"status"`
	Zip           string `json:"zip" bson:"zip"`
}

type InstitutionNode 

type InstitutionNode struct {
	ApprovalIds   []string `json:"approvalIds" bson:"approvalIds"`
	BIC           string   `json:"bic" bson:"bic"`
	CountryCode   string   `json:"countryCode" bson:"countryCode"`
	Initialized   bool     `json:"initialized" bson:"initialized"`
	InstitutionId string   `json:"institutionId" bson:"institutionId"`
	ParticipantId string   `json:"participantId" bson:"participantId"`
	Role          string   `json:"role" bson:"role"`
	Status        []string `json:"status" bson:"status"`
	Version       string   `json:"version" bson:"version,omitempty"`
}

type InstitutionNodeUser 

type InstitutionNodeUser struct {
	Profile Profile `json:"profile" bson:"profile"`
	Roles   Role    `json:"roles" bson:"roles"`
}

type Profile 

type Profile struct {
	Email string `json:"email" bson:"email"`
}

type Role 

type Role struct {
	Admin bool `json:"admin" bson:"admin"`
}

type Stage 

type Stage string

type ValidationError 

type ValidationError struct {
	Inner  error  // stores the error returned by external dependencies, i.e.: KeyFunc
	Errors uint32 // bitfield.  see ValidationError... constants
	// contains filtered or unexported fields
}

The error from Parse if token is not valid

func NewValidationError 

func NewValidationError(errorText string, errorFlags uint32) *ValidationError

Helper for constructing a ValidationError with a string error message

func (ValidationError) Error 

func (e ValidationError) Error() string

Validation error is an error type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.