tokens

package
v4.12.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 19, 2022 License: MIT Imports: 16 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// KeyIDHeaderName is the expected header name in a JWT token
	KeyIDHeaderName = "kid"
)

Variables

View Source
var (
	// ErrKeyNotFound occurs when the key function cannot find a key in the cache
	ErrKeyNotFound = errors.New("specified key not found")
	// ErrMalformedKeyID occurs when the `KeyIDHeaderName` value in JWT header is absent or has a wrong type
	ErrMalformedKeyID = errors.New("malformed key ID in the JWT header")
	// ErrUnsupportedSigningMethod occurs when a JWT header specifies an unsupported signing method
	ErrUnsupportedSigningMethod = errors.New("signing method is not supported")
)
View Source
var (
	// ErrNoPrivateKeySpecified occurs when the private key was not set
	// and there was an attempt to create a token
	ErrNoPrivateKeySpecified = errors.New("private key is nil")
)

Functions

This section is empty.

Types

type Creator

type Creator interface {
	// Create creates a signed token that can be used for interservice communication.
	Create(reference string, opts Options) (string, error)
}

Creator creates all kinds of signed tokens for the background tasks

func NewCreator

func NewCreator(issuer string, privateKey *rsa.PrivateKey, lifetime time.Duration) Creator

NewCreator creates a new token creator for tasks

type CreatorMock

type CreatorMock struct {
	Err   error
	Token string
	Opts  Options
}

CreatorMock is a utility function to simplify writing tests that use the Creator

func (*CreatorMock) Create

func (m *CreatorMock) Create(reference string, opts Options) (string, error)

Create implements tokens.Creator

type Options

type Options struct {
	// Audience is a name of the service that receives the request. Other
	// services should not validate tokens intended for other services.
	Audience string
	// ProjectID is the UUID string for a project that the token should be
	// considered a member and an admin of. This value is deprecated, but
	// exists for backwards compatibility during the transition to `azp`.
	ProjectID string
	// ID is the UUID string to identify this token.
	// It will be a random UUID if not specified.
	ID string
	// UserID is the UUID string to identify the user that the token is
	// intended for. It will be the null UUID when not specified
	UserID string
}

Options control the value or the generation of the claims in the resulting token. All values are optional and the empty value will be ignored.

type PublicKeyMap added in v4.8.0

type PublicKeyMap interface {
	// MaintainCache runs a synchronization loop that reads the public keys directory
	// and refreshes the in-memory cache for quick access.
	MaintainCache(ctx context.Context, interval time.Duration) error
	// KeyFunction is a key function that can be used in the JWT library
	KeyFunction(token *jwt.Token) (interface{}, error)
}

PublicKeyMap defines operations on the map of public keys used for JWT validation

func NewPublicKeyMap added in v4.8.0

func NewPublicKeyMap(directoryPath string) (PublicKeyMap, error)

NewPublicKeyMap returns a public key map for a given directory path

func NewPublicKeyMapWithFS added in v4.8.0

func NewPublicKeyMapWithFS(fileSys fs.FS, directoryPath string) (PublicKeyMap, error)

NewPublicKeyMapWithFS returns a public key map for a given directory path in the given FS

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL