jwt

package
v2.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 12, 2024 License: MIT Imports: 7 Imported by: 9

Documentation

Overview

Package jwt provides operations for decoding and validating JSON Web Tokens.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Decode 

func Decode(_ context.Context, params *DecodeParams) (*clerk.UnverifiedToken, error)

Decode decodes a JWT without verifying it. WARNING: The token is not validated, therefore the returned Claims should NOT be trusted.

func GetJSONWebKey added in v2.0.3 

func GetJSONWebKey(ctx context.Context, params *GetJSONWebKeyParams) (*clerk.JSONWebKey, error)

GetJSONWebKey fetches the JSON Web Key Set from the Clerk API and returns the JSON Web Key corresponding to the provided KeyID. A default client will be initialized if the provided JWKSClient is nil.

func Verify 

func Verify(ctx context.Context, params *VerifyParams) (*clerk.SessionClaims, error)

Verify verifies a Clerk session JWT and returns the parsed clerk.SessionClaims.

Types

type AuthorizedPartyHandler 

type AuthorizedPartyHandler func(string) bool

AuthorizedPartyHandler is a type that can be used to perform checks on the 'azp' claim.

type CustomClaimsConstructor 

type CustomClaimsConstructor func(context.Context) any

CustomClaimsConstructor can initialize structs for holding custom JWT claims.

type DecodeParams 

type DecodeParams struct {
	Token string
}

type GetJSONWebKeyParams added in v2.0.3 

type GetJSONWebKeyParams struct {
	// KeyID is the token's 'kid' claim.
	KeyID string
	// JWKSClient can be used to call the jwks Get Clerk API operation.
	JWKSClient *jwks.Client
}

type VerifyParams 

type VerifyParams struct {
	// Token is the JWT that will be verified. Required.
	Token string
	// JWK is the custom JSON Web Key that will be used to verify the
	// Token with.
	// If the JWK parameter is provided, the Verify method won't
	// fetch the JSON Web Key Set and there's no need to provide
	// the JWKSClient parameter.
	JWK *clerk.JSONWebKey
	// JWKSClient is a jwks API client that will be used to fetch the
	// JSON Web Key Set for verifying the Token with.
	// If the JWK parameter is provided, the JWKSClient is not needed.
	// If no JWK or JWKSClient is provided, the Verify method will use
	// a JWKSClient with the default Backend.
	JWKSClient *jwks.Client
	// Clock can be used to keep track of time and will replace usage of
	// the [time] package. Pass a custom Clock to control the source of
	// time or facilitate testing chronologically sensitive flows.
	Clock clerk.Clock
	// CustomClaimsConstructor will be called when parsing the Token's
	// claims. It's useful for parsing custom claims into user-defined
	// types.
	// Make sure it returns a pointer to a type (struct) that describes
	// any custom claims schema with the correct JSON tags.
	//	type MyCustomClaims struct {}
	//	VerifyParams{
	//		CustomClaimsConstructor: func(_ context.Context) any {
	//			return &MyCustomClaims{}
	//		},
	//	}
	CustomClaimsConstructor CustomClaimsConstructor
	// Leeway is the duration which the JWT is considered valid after
	// it's expired. Useful for defending against server clock skews.
	Leeway time.Duration
	// IsSatellite signifies that the JWT is verified on a satellite domain.
	IsSatellite bool
	// ProxyURL is the URL of the server that proxies the Clerk Frontend API.
	ProxyURL *string
	// AuthorizedPartyHandler can be used to perform validations on the
	// 'azp' claim.
	AuthorizedPartyHandler AuthorizedPartyHandler
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.