pkitokens

package
v10.289.9+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 16, 2021 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type PKIJWTVerifier

type PKIJWTVerifier struct {
	JWTCertPEM []byte

	RedirectURL string
	// contains filtered or unexported fields
}

PKIJWTVerifier is a generic JWT PKI verifier. It assumes that the tokens have been signed by a private key, and it validates them with the provide public key. This is a simple and stateless verifier that doesn't depend on central server for validating the tokens. The public key is provided out-of-band.

func NewVerifier

func NewVerifier(v *PKIJWTVerifier) (*PKIJWTVerifier, error)

NewVerifier creates a new verifier from the provided configuration.

func NewVerifierFromFile

func NewVerifierFromFile(jwtcertPath string, redirectURI string, redirectOnFail, redirectOnNoToken bool) (*PKIJWTVerifier, error)

NewVerifierFromFile assumes that the input is provided as file path.

func NewVerifierFromPEM

func NewVerifierFromPEM(jwtCertPEM []byte, redirectURI string, redirectOnFail, redirectOnNoToken bool) (*PKIJWTVerifier, error)

NewVerifierFromPEM assumes that the input is a PEM byte array.

func (*PKIJWTVerifier) Callback

func (j *PKIJWTVerifier) Callback(ctx context.Context, u *url.URL) (string, string, int, error)

Callback is called by an IDP. Not implemented here. No central authorizer for the tokens.

func (*PKIJWTVerifier) IssueRedirect

func (j *PKIJWTVerifier) IssueRedirect(originURL string) string

IssueRedirect issues a redirect. Not implemented. There is no need for a redirect.

func (*PKIJWTVerifier) Validate

func (j *PKIJWTVerifier) Validate(ctx context.Context, tokenString string) ([]string, bool, string, error)

Validate parses a generic JWT token and flattens the claims in a normalized form. It assumes that any of the JWT signing certs or public keys will validate the token.

func (*PKIJWTVerifier) VerifierType

func (j *PKIJWTVerifier) VerifierType() common.JWTType

VerifierType returns the type of the verifier.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL