Versions in this module Expand all Collapse all v1 v1.7.6 Mar 4, 2024 v1.7.5 Sep 20, 2023 v1.7.4 Aug 23, 2023 v1.7.3 Jul 24, 2023 v1.7.2 Jul 20, 2023 v1.7.1 Oct 6, 2022 v1.7.0 Jun 14, 2022 v1.6.12 Feb 21, 2022 Changes in this version + const ClientAssertion + const ClientAssertionType + const ClientAssertionTypeValue + const ClientSecretBasic + const GrantType + const GrantTypeAuthorizationCode + const PrivateKeyJwt + const TlsClientAuth + var ErrInvalidSignatureHeader = errors.New("invalid signature header") + var ErrInvalidSignatureKID = errors.New("invalid signature KID") + var ErrSignatureCert = errors.New("failed to retrieve certificate") + var SigningMethodPS256 = &jwt.SigningMethodRSAPSS + func CalcKid(modulus string) (string, error) + func CalculateCHash(alg string, code string) (string, error) + func CalculateClientSecretBasicToken(clientID, clientSecret string) (string, error) + func CreateSignature(t *jwt.Token, key interface{}, body string, b64encoded bool) (string, error) + func DefaultAuthMethod(openIDConfigAuthMethods []string, logger *logrus.Entry) string + func GetB64Encoding(ctx ContextInterface) (bool, error) + func GetB64Status() bool + func GetJWKSUri() string + func GetKID(ctx ContextInterface, modulus []byte) (string, error) + func GetSignatureToken30(kid, issuer, trustAnchor string, alg jwt.SigningMethod) jwt.Token + func GetSignatureToken313Minus(kid, issuer, trustAnchor string, alg jwt.SigningMethod) jwt.Token + func GetSignatureToken314Plus(kid, issuer, trustAnchor string, alg jwt.SigningMethod) jwt.Token + func GetSigningAlg(alg string) (jwt.SigningMethod, error) + func JWSVerify(buf string, alg jwa.SignatureAlgorithm, key interface{}, b64 bool) (ret []byte, err error) + func ModifyJWSHeaders(jws string, ctx ContextInterface, opts ...JWSHeaderOpt) (string, error) + func NewJWSSignature(requestBody string, ctx ContextInterface, alg jwt.SigningMethod) (string, error) + func PSUURLGenerate(claims PSUConsentClaims) (*url.URL, error) + func SigningString(t *jwt.Token, body string, b64encoded bool) (string, error) + func SplitJWSWithBody(token string) string + func SuiteSupportedAuthMethodsMostSecureFirst() []string + func ValidateSignature(jwtToken, body, jwksURI string, b64 bool) (bool, error) + func ValidateSignatureHeader(token string, b64 bool) error + type CachedOpenIdConfigGetter struct + func NewOpenIdConfigGetter() *CachedOpenIdConfigGetter + func (g CachedOpenIdConfigGetter) Get(url string) (OpenIDConfiguration, error) + type Certificate interface + DN func() (string, string, string, error) + PrivateKey func() *rsa.PrivateKey + PublicKey func() *rsa.PublicKey + SignatureIssuer func(bool) (string, error) + TLSCert func() tls.Certificate + func NewCertificate(publicKeyPem, privateKeyPem string) (Certificate, error) + func NewPublicCertificate(publicKeyPem string) (Certificate, error) + func SigningCertFromContext(ctx ContextInterface) (Certificate, error) + type ContextInterface interface + Get func(key string) (interface{}, bool) + GetString func(key string) (string, error) + GetStringSlice func(key string) ([]string, error) + type JWK struct + Alg string + E string + Kid string + Kty string + N string + Use string + X5c []string + X5t string + X5u string + type JWKS struct + Keys []JWK + type JWSHeaderOpt func(map[string]interface{}) map[string]interface + func RemoveJWSHeader(removed []string) JWSHeaderOpt + func SetJWSHeader(entries map[string]interface{}) JWSHeaderOpt + type OpenIDConfiguration struct + AcrValuesSupported []string + AuthorizationEndpoint string + Issuer string + JwksURI string + RequestObjectSigningAlgValuesSupported []string + ResponseTypesSupported []string + TokenEndpoint string + TokenEndpointAuthMethodsSupported []string + type PSUConsentClaims struct + Aud string + AuthorizationEndpoint string + ConsentId string + Iss string + RedirectURI string + ResponseType string + Scope string + State string