tokenmanager

package
v0.8.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 8, 2024 License: MIT Imports: 26 Imported by: 0

Documentation

Overview

Package tokenmanager implements a simple JSON Web Token (JWT) and JSON Web Key (JWK) management system. It manages key rotation, token creation, and token validation.

Index

Constants

View Source
const (
	SessionIDCookieName = "TLSPROXYSID"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type TokenManager

type TokenManager struct {
	// contains filtered or unexported fields
}

TokenManager implements a simple JSON Web Token (JWT) and JSON Web Key (JWK) management system. It manages key rotation, token creation, and token validation.

func New

func New(store *storage.Storage, tpm *tpm.TPM) (*TokenManager, error)

New returns a new TokenManager.

func (*TokenManager) CreateToken

func (tm *TokenManager) CreateToken(claims jwt.Claims, alg string) (string, error)

CreateToken creates a new JSON Web Token (JWT) with the provided claims.

func (*TokenManager) KeyRotationLoop

func (tm *TokenManager) KeyRotationLoop(ctx context.Context)

KeyRotationLoop takes care of key rotation. It runs until ctx is canceled.

func (*TokenManager) ServeJWKS

func (tm *TokenManager) ServeJWKS(w http.ResponseWriter, req *http.Request)

ServeJWKS returns the current public keys as a JSON Web Key Set (JWKS).

func (*TokenManager) URLToken added in v0.4.4

func (tm *TokenManager) URLToken(w http.ResponseWriter, req *http.Request, u *url.URL) (string, string, error)

URLToken returns a signed token for URL u in the context of request req.

func (*TokenManager) ValidateToken

func (tm *TokenManager) ValidateToken(t string, opts ...jwt.ParserOption) (*jwt.Token, error)

ValidateToken validates a JSON Web Token (JWT).

func (*TokenManager) ValidateURLToken added in v0.4.4

func (tm *TokenManager) ValidateURLToken(w http.ResponseWriter, req *http.Request, token string) (*url.URL, error)

ValidateURLToken validates a signed token and returns the URL. The request must on the same host as the one where the token was created.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL