Documentation
¶
Index ¶
- Constants
- Variables
- func SignHS256(claims, headerClaims Claims, key []byte, buf []byte) []byte
- func SignHS256Raw(claims, header []byte, key []byte, buf []byte) []byte
- func SignHS256String(claims, headerClaims Claims, key []byte) string
- type Algorithm
- type Claims
- func DecodeHS256String(rawToken string, tolerance time.Duration, key []byte) (Claims, error)
- func DecodeHS256StringAt(rawToken string, key []byte, tolerance time.Duration, now time.Time) (Claims, error)
- func New(subject string, validity time.Duration) Claims
- func NewAt(subject string, validity time.Duration, now time.Time) Claims
- func (c Claims) ExpiresAt() time.Time
- func (c Claims) Int64(key string) (int64, bool)
- func (c Claims) Issuer() string
- func (c Claims) String(key string) string
- func (c Claims) Subject() string
- func (c Claims) Time(key string) time.Time
- func (c Claims) TokenID() string
- func (c Claims) ValidateTime(tolerance time.Duration) error
- func (c Claims) ValidateTimeAt(tolerance time.Duration, now time.Time) error
- type Token
- func (t *Token) Alg() Algorithm
- func (t *Token) Claims() Claims
- func (t *Token) KeyID() string
- func (token *Token) Parse(rawToken []byte) error
- func (token *Token) ParseString(rawToken string) error
- func (token *Token) Validate(alg Algorithm, key []byte) error
- func (token *Token) ValidateHS256(key []byte) error
Constants ¶
View Source
const ( TokenID = "jti" // TokenID is a unique identifier for this token. Issuer = "iss" // Issuer is the principal that issued the token Audience = "aud" // Audience identifies the recipents the token is intended for Subject = "sub" // Subject is the user/account /etc that this token authorizes access to IssuedAt = "iat" // IssuedAt is a Unix timestamp for when the token was issued ExpiresAt = "exp" // ExpiresAt is a Unix timestamp for when the token should expire NotBeforeAt = "nbf" // NotBeforeAt is a timestamp this token should not be accepted until Alg = "alg" // Alg is a header field identifying the signing algorithm Typ = "typ" // Typ is a header field that must be set to "JWT" KeyID = "kid" // KeyID is a header field, an opaque string identifying the key used Forever time.Duration = 1<<63 - 1 // Forever is validity duration of tokens that do not expire HS256 Algorithm = "HS256" MinHS256KeyLen = 32 MaxHS256KeyLen = 64 // anything longer is hashed to 32 bytes )
Variables ¶
View Source
var ( ErrCorrupted = errors.New("token corrupted") ErrAlg = errors.New("token uses a wrong algorithm") ErrExpired = errors.New("token expired") ErrNotYetValid = errors.New("token not valid yet") ErrTooLong = errors.New("token too long") ErrSignature = errors.New("token signature invalid") ErrSignatureCorrupted = errors.New("token signature corrupted") MaxTokenLen = 8000 // MaxTokenLen is the safety limit to avoid decoding very long data ExpectedClaimCount = 10 // ExpectedClaimCount is a starting size for the claims map )
Functions ¶
func SignHS256Raw ¶
SignHS256Raw produces a signed JWT token from the given raw claims.
func SignHS256String ¶
Types ¶
type Token ¶
type Token struct {
// contains filtered or unexported fields
}
Token is a result of parsing a JWT token.
func ParseString ¶
ParseString decodes JWT parts of a token.
func (*Token) ParseString ¶
ParseString decodes JWT parts of a token.
func (*Token) ValidateHS256 ¶
Source Files
Click to show internal directories.
Click to hide internal directories.