Why Go
- Case Studies
  
  Common problems companies solve with Go
- Use Cases
  
  Stories about how and why companies use Go
- Security Policy
  
  How Go can help keep you secure by default
Learn
Docs
- Effective Go
  
  Tips for writing clear, performant, and idiomatic Go code
- Go User Manual
  
  A complete introduction to building software with Go
- Standard library
  
  Reference documentation for Go's standard library
- Release Notes
  
  Learn what's new in each Go release
Packages
Community
- Recorded Talks
  
  Videos from prior events
- Meetups
  
  Meet other local Go developers
- Conferences
  
  Learn and network with Go developers from around the world
- Go blog
  
  The Go project's official blog.
- Go project
  
  Get help and stay informed from Go
- Get connected

jwt

package module

Go to main page

Versions in this module

v0

v0.0.8

Dec 1, 2020

Changes in this version

+ var Clock = time.Now

+ var ErrBlocked = errors.New("token is blocked")

+ var ErrDecrypt = errors.New("decrypt: payload authentication failed")

+ var ErrExpected = errors.New("field not match")

+ var ErrExpired = errors.New("token expired")

+ var ErrInvalidKey = errors.New("invalid key")

+ var ErrIssuedInTheFuture = errors.New("token issued in the future")

+ var ErrMissing = errors.New("token is empty")

+ var ErrMissingKey = errors.New("token is missing a required field")

+ var ErrNotValidYet = errors.New("token not valid yet")

+ var ErrTokenAlg = errors.New("unexpected token algorithm")

+ var ErrTokenForm = errors.New("invalid token form")

+ var ErrTokenSignature = errors.New("invalid token signature")

+ var Marshal = func(v interface{}) ([]byte, error)

+ var Plain = TokenValidatorFunc(func(token []byte, standardClaims Claims, err error) error { ... })

+ var ReadFile = ioutil.ReadFile

+ var Unmarshal = defaultUnmarshal

+ func Base64Decode(src []byte) ([]byte, error)

+ func Base64Encode(src []byte) []byte

+ func BytesQuote(b []byte) []byte

+ func BytesToString(b []byte) string

+ func HasRequiredJSONTag(field reflect.StructField) bool

+ func LoadHMAC(filenameOrRaw string) ([]byte, error)

+ func LoadPrivateKeyECDSA(filename string) (*ecdsa.PrivateKey, error)

+ func LoadPrivateKeyEdDSA(filename string) (ed25519.PrivateKey, error)

+ func LoadPrivateKeyRSA(filename string) (*rsa.PrivateKey, error)

+ func LoadPublicKeyECDSA(filename string) (*ecdsa.PublicKey, error)

+ func LoadPublicKeyEdDSA(filename string) (ed25519.PublicKey, error)

+ func LoadPublicKeyRSA(filename string) (*rsa.PublicKey, error)

+ func MaxAgeMap(maxAge time.Duration, claims Map)

+ func Merge(claims interface{}, other interface{}) []byte

+ func MustGenerateRandom(n int) []byte

+ func MustLoadECDSA(privateKeyFilename, publicKeyFilename string) (*ecdsa.PrivateKey, *ecdsa.PublicKey)

+ func MustLoadEdDSA(privateKeyFilename, publicKeyFilename string) (ed25519.PrivateKey, ed25519.PublicKey)

+ func MustLoadHMAC(filenameOrRaw string) []byte

+ func MustLoadRSA(privateKeyFilename, publicKeyFilename string) (*rsa.PrivateKey, *rsa.PublicKey)

+ func ParsePrivateKeyECDSA(key []byte) (*ecdsa.PrivateKey, error)

+ func ParsePrivateKeyEdDSA(key []byte) (ed25519.PrivateKey, error)

+ func ParsePrivateKeyRSA(key []byte) (*rsa.PrivateKey, error)

+ func ParsePublicKeyECDSA(key []byte) (*ecdsa.PublicKey, error)

+ func ParsePublicKeyEdDSA(key []byte) (ed25519.PublicKey, error)

+ func ParsePublicKeyRSA(key []byte) (*rsa.PublicKey, error)

+ func Sign(alg Alg, key PrivateKey, claims interface{}, opts ...SignOption) ([]byte, error)

+ func SignEncrypted(alg Alg, key PrivateKey, encrypt InjectFunc, claims interface{}, ...) ([]byte, error)

+ func UnmarshalWithRequired(payload []byte, dest interface{}) error

+ type Alg interface

+ Name func() string

+ Sign func(key PrivateKey, headerAndPayload []byte) ([]byte, error)

+ Verify func(key PublicKey, headerAndPayload []byte, signature []byte) error

+ var ES256 Alg = &algECDSA{ ... }

+ var ES384 Alg = &algECDSA{ ... }

+ var ES512 Alg = &algECDSA{ ... }

+ var EdDSA Alg = &algEdDSA{ ... }

+ var HS256 Alg = &algHMAC{ ... }

+ var HS384 Alg = &algHMAC{ ... }

+ var HS512 Alg = &algHMAC{ ... }

+ var NONE Alg = &algNONE{}

+ var PS256 Alg = &algRSAPSS{ ... }

+ var PS384 Alg = &algRSAPSS{ ... }

+ var PS512 Alg = &algRSAPSS{ ... }

+ var RS256 Alg = &algRSA{ ... }

+ var RS384 Alg = &algRSA{ ... }

+ var RS512 Alg = &algRSA{ ... }

+ type Blocklist struct

+ Clock func() time.Time

+ GetKey func(token []byte, claims Claims) string

+ func NewBlocklist(gcEvery time.Duration) *Blocklist

+ func NewBlocklistContext(ctx context.Context, gcEvery time.Duration) *Blocklist

+ func (b *Blocklist) Count() (int64, error)

+ func (b *Blocklist) Del(key string) error

+ func (b *Blocklist) GC() int

+ func (b *Blocklist) Has(key string) (bool, error)

+ func (b *Blocklist) InvalidateToken(token []byte, c Claims) error

+ func (b *Blocklist) ValidateToken(token []byte, c Claims, err error) error

+ type Claims struct

+ Audience []string

+ Expiry int64

+ ID string

+ IssuedAt int64

+ Issuer string

+ NotBefore int64

+ Subject string

+ func (c Claims) Age() time.Duration

+ func (c Claims) ApplyClaims(dest *Claims)

+ func (c Claims) ExpiresAt() time.Time

+ func (c Claims) Timeleft() time.Duration

+ type Expected Claims

+ func (e Expected) ValidateToken(token []byte, c Claims, err error) error

+ type InjectFunc func(plainPayload []byte) ([]byte, error)

+ func GCM(key, additionalData []byte) (encrypt, decrypt InjectFunc, err error)

+ type Map = map[string]interface

+ type PrivateKey interface

+ type PublicKey interface

+ type SignOption interface

+ ApplyClaims func(*Claims)

+ type SignOptionFunc func(*Claims)

+ func MaxAge(maxAge time.Duration) SignOptionFunc

+ func (f SignOptionFunc) ApplyClaims(c *Claims)

+ type TokenPair struct

+ AccessToken json.RawMessage

+ RefreshToken json.RawMessage

+ func NewTokenPair(accessToken, refreshToken []byte) TokenPair

+ type TokenValidator interface

+ ValidateToken func(token []byte, standardClaims Claims, err error) error

+ type TokenValidatorFunc func(token []byte, standardClaims Claims, err error) error

+ func Leeway(leeway time.Duration) TokenValidatorFunc

+ func (fn TokenValidatorFunc) ValidateToken(token []byte, standardClaims Claims, err error) error

+ type VerifiedToken struct

+ Header []byte

+ Payload []byte

+ Signature []byte

+ StandardClaims Claims

+ Token []byte

+ func Verify(alg Alg, key PublicKey, token []byte, validators ...TokenValidator) (*VerifiedToken, error)

+ func VerifyEncrypted(alg Alg, key PublicKey, decrypt InjectFunc, token []byte, ...) (*VerifiedToken, error)

+ func (t *VerifiedToken) Claims(dest interface{}) error