issuer

Documentation

Index

• type Claims
• type Issuer
• type JwtIssuer
  • func NewIssuer(name string, opts ...JwtIssuerOption) (*JwtIssuer, error)
  • func (i *JwtIssuer) IssueAccessToken(client string, exp time.Duration) (string, error)
  • func (i *JwtIssuer) IssueRefreshToken(client string, exp time.Duration) (string, error)
  • func (i *JwtIssuer) ValidateAccessToken(token string) (Claims, error)
  • func (i *JwtIssuer) ValidateRefreshToken(token string) (Claims, error)
• type JwtIssuerOption
  • func WithRSAPrivateKey(key crypto.PrivateKey) JwtIssuerOption
  • func WithRSAPrivateKeyFromFile(path string) JwtIssuerOption
  • func WithRSAPublicKey(key crypto.PublicKey) JwtIssuerOption
  • func WithRSAPublicKeyFromFile(path string) JwtIssuerOption

Types

type Claims

type Claims interface {
	jwt.Claims
}

type Issuer

type Issuer interface {
	IssueAccessToken(client string, exp time.Duration) (string, error)
	IssueRefreshToken(client string, exp time.Duration) (string, error)
	ValidateAccessToken(token string) (Claims, error)
	ValidateRefreshToken(token string) (Claims, error)
}

type JwtIssuer

type JwtIssuer struct {
	// contains filtered or unexported fields
}

JwtIssuer issues and validates access and refresh tokens in JWT format. If the JwtIssuer is configured with a private key, it can be used to both issue and validate tokens. If the JwtIssuer is configured with a public key but not a private key, it can be only used to verify tokens. An JwtIssuer should not be configured with both, a private and a public key. For Issuers with a private key, the public key for validation will be derived from the private key.

func NewIssuer

func NewIssuer(name string, opts ...JwtIssuerOption) (*JwtIssuer, error)

NewIssuer creates a new instance of Issuer, which is used to issue JWTs to authenticated clients and to validate incoming JWTs.

func (*JwtIssuer) IssueAccessToken

func (i *JwtIssuer) IssueAccessToken(client string, exp time.Duration) (string, error)

IssueAccessToken creates and signs a new refresh token for client, which is valid for the duration specified as exp. The result is returned as a string.

func (*JwtIssuer) IssueRefreshToken

func (i *JwtIssuer) IssueRefreshToken(client string, exp time.Duration) (string, error)

IssueRefreshToken creates and signs a new refresh token for client, which is valid for the duration specified as exp. The result is returned as a string.

func (*JwtIssuer) ValidateAccessToken

func (i *JwtIssuer) ValidateAccessToken(token string) (Claims, error)

ValidateAccessToken validates an access token. On successful validation, it returns the claims from the token. If validation fails, an error with the failure reason is returned.

func (*JwtIssuer) ValidateRefreshToken

func (i *JwtIssuer) ValidateRefreshToken(token string) (Claims, error)

ValidateRefreshToken validates an access token. On successful validation, it returns the claims from the token. If validation fails, an error with the failure reason is returned.

type JwtIssuerOption

type JwtIssuerOption func(i *JwtIssuer) error

JwtIssuerOption is a function to set options for the Issuer

func WithRSAPrivateKey

func WithRSAPrivateKey(key crypto.PrivateKey) JwtIssuerOption

WithRSAPrivateKey sets the private RSA for the Issuer

func WithRSAPrivateKeyFromFile

func WithRSAPrivateKeyFromFile(path string) JwtIssuerOption

WithRSAPrivateKeyFromFile loads a PEM-encoded RSA private key from path and sets it as the private RSA key for the Issuer

func WithRSAPublicKey

func WithRSAPublicKey(key crypto.PublicKey) JwtIssuerOption

func WithRSAPublicKeyFromFile

func WithRSAPublicKeyFromFile(path string) JwtIssuerOption

WithRSAPublicKeyFromFile loads a PEM-encoded RSA private key from path and sets it as the private RSA key for the Issuer