dpop

package
v0.0.0-...-81dc835 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 18, 2024 License: Apache-2.0 Imports: 19 Imported by: 0

Documentation

Index

Constants

View Source
const (
	DPoPJWTTyp = "dpop+jwt"
)

Variables

View Source
var DependencySet = wire.NewSet(
	wire.Struct(new(Provider), "*"),
	wire.Struct(new(Middleware), "*"),
)
View Source
var ErrInvalidHTU = newInvalidDPoPProofError("htu in the DPoP proof is not a valid URI")
View Source
var ErrInvalidJwk = newInvalidDPoPProofError("invalid DPoP jwk")
View Source
var ErrInvalidJwt = newInvalidDPoPProofError("invalid DPoP jwt")
View Source
var ErrInvalidJwtPayload = newInvalidDPoPProofError("invalid DPoP jwt payload")
View Source
var ErrInvalidJwtSignature = newInvalidDPoPProofError("invalid DPoP jwt signature")
View Source
var ErrInvalidJwtType = newInvalidDPoPProofError("invalid DPoP jwt typ")
View Source
var ErrMalformedJwt = newInvalidDPoPProofError("malformed DPoP jwt")
View Source
var ErrProofExpired = newInvalidDPoPProofError("DPoP proof expired")
View Source
var ErrUnmatchedMethod = newInvalidDPoPProofError("htm in the DPoP proof does not match request method")
View Source
var ErrUnmatchedURI = newInvalidDPoPProofError("htu in the DPoP proof does not match request uri")
View Source
var ErrUnsupportedAlg = newInvalidDPoPProofError("unsupported alg in DPoP jwt")
View Source
var InvalidDPoPProof = "invalid_dpop_proof"

From https://datatracker.ietf.org/doc/html/rfc9449#section-12.2

View Source
var SupportedAlgorithms = []string{"ES256", "RS256"}

Functions

func GetDPoPProofJKT

func GetDPoPProofJKT(ctx context.Context) (string, bool)

func IsSupportedAlgorithms

func IsSupportedAlgorithms(alg string) bool

func WithDPoPProof

func WithDPoPProof(ctx context.Context, proof *DPoPProof) context.Context

Types

type DPoPProof

type DPoPProof struct {
	JTI string   `json:"jti"` // An unique identifier of the DPoP jwt
	HTM string   `json:"htm"` // The request method
	HTU *url.URL `json:"htu"` // The request uri

	// https://datatracker.ietf.org/doc/html/rfc9449#section-6.1
	JKT string `json:"jkt"` // base64url encoding of the JWK SHA-256 Thumbprint
}

https://datatracker.ietf.org/doc/html/rfc9449#section-4.2

func GetDPoPProof

func GetDPoPProof(ctx context.Context) *DPoPProof

type Middleware

type Middleware struct {
	DPoPProvider *Provider
}

func (*Middleware) Handle

func (m *Middleware) Handle(next http.Handler) http.Handler

type Provider

type Provider struct {
	Clock      clock.Clock
	HTTPOrigin httputil.HTTPOrigin
}

func (*Provider) CompareHTM

func (p *Provider) CompareHTM(proof *DPoPProof, requestMethod string) error

func (*Provider) CompareHTU

func (p *Provider) CompareHTU(proof *DPoPProof, req *http.Request) error

func (*Provider) ParseProof

func (p *Provider) ParseProof(jwtStr string) (*DPoPProof, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL