Why Go
- Case Studies
  
  Common problems companies solve with Go
- Use Cases
  
  Stories about how and why companies use Go
- Security Policy
  
  How Go can help keep you secure by default
Learn
Docs
- Effective Go
  
  Tips for writing clear, performant, and idiomatic Go code
- Go User Manual
  
  A complete introduction to building software with Go
- Standard library
  
  Reference documentation for Go's standard library
- Release Notes
  
  Learn what's new in each Go release
Packages
Community
- Recorded Talks
  
  Videos from prior events
- Meetups
  
  Meet other local Go developers
- Conferences
  
  Learn and network with Go developers from around the world
- Go blog
  
  The Go project's official blog.
- Go project
  
  Get help and stay informed from Go
- Get connected

tokens

package

Go to main page

Versions in this module

v0

v0.0.13

Dec 1, 2022

Changes in this version

+ const ClaimAuthorization

+ const ClaimClientID

+ const ClaimEmail

+ const ClaimNetlifyAppMetaData

+ const ClaimNetlifyUserMetaData

+ const ClaimRoles

+ const ClaimScope

+ var ErrChallengeFailed = errors.New("code verification challenge failed")

+ var ErrInvalidToken = errors.New("invalid or unknown token")

+ var ErrTokenExpired = errors.New("token has expired")

+ var ErrTokenInvalidClientId = errors.New("token has been issued for different client id")

+ var ErrTokenNotFound = errors.New("unknown token")

+ var ErrTokenRevoked = errors.New("token has been revoked")

+ type CommonToken struct

+ func (c *CommonToken) Audience() []string

+ func (c *CommonToken) AuthorizationID() string

+ func (c *CommonToken) ClientID() string

+ func (c *CommonToken) Email() string

+ func (c *CommonToken) Expiration() time.Time

+ func (c *CommonToken) IssuedAt() time.Time

+ func (c *CommonToken) Issuer() string

+ func (c *CommonToken) Roles() []string

+ func (c *CommonToken) Scope() string

+ func (c *CommonToken) Subject() string

+ func (c *CommonToken) Type() string

+ type CommonTokenInserter interface

+ InsertCommonToken func(ctx context.Context, authorizationID uuid.UUID, tokenType string, token string, ...) (int, error)

+ type CommonTokenType string

+ const AccessTokenType

+ const AuthorizationCodeType

+ const RefreshTokenType

+ const RememberMeTokenType

+ type CommonTokenUpdater interface

+ CommonTokenDetails func(ctx context.Context, tokenType string, token string) (*db.CommonTokenDetails, error)

+ RedeemCommonToken func(ctx context.Context, tokenType string, token string) error

+ RevokeCommonToken func(ctx context.Context, tokenType string, token string) error

+ RevokeCommonTokensForAuthorization func(ctx context.Context, authorizationID uuid.UUID) (int, error)

+ type Dispatcher interface

+ Dispatch func(event events.Event)

+ type Fetcher interface

+ ApplicationByClientID func(ctx context.Context, clientID string) (*tables.ApplicationTable, error)

+ CommonTokenDetails func(ctx context.Context, tokenType string, token string) (*db.CommonTokenDetails, error)

+ UserByID func(ctx context.Context, id uuid.UUID) (*db.UserData, error)

+ type TokenIssuer struct

+ func NewIssuer(log *zap.Logger, cfg *config.JWTConfiguration, storage CommonTokenInserter) *TokenIssuer

+ func (t *TokenIssuer) Alg() string

+ func (t *TokenIssuer) AsJWKSet() (jwk.Set, error)

+ func (t *TokenIssuer) AsPublicOnlyJWKSet() (jwk.Set, error)

+ func (t *TokenIssuer) Audience() []string

+ func (t *TokenIssuer) IssueAccessTokenForMachineClient(clientID string, scopes []string) (jwt.Token, error)

+ func (t *TokenIssuer) IssueAccessTokenForUser(user *user.SignedInUser, authorizationID uuid.UUID, clientID string, ...) (jwt.Token, error)

+ func (t *TokenIssuer) IssueAuthorizationCode(ctx context.Context, authorizationID uuid.UUID, codeChallenge string, ...) (string, error)

+ func (t *TokenIssuer) IssueNetlifyAccessTokenForUser(user *user.SignedInUser, authorizationID uuid.UUID, clientID string, ...) (jwt.Token, error)

+ func (t *TokenIssuer) IssueRefreshToken(ctx context.Context, authorizationID uuid.UUID) (string, error)

+ func (t *TokenIssuer) IssueRememberMeToken(ctx context.Context, authorizationID uuid.UUID) (string, error)

+ func (t *TokenIssuer) Issuer() string

+ func (t *TokenIssuer) KeyID() string

+ func (t *TokenIssuer) PrivateKey() jwk.Key

+ func (t *TokenIssuer) PublicKey() jwk.Key

+ func (t *TokenIssuer) RememberMeDuration() time.Duration

+ func (t *TokenIssuer) Sign(token jwt.Token) ([]byte, error)

+ type TokenRotator struct

+ func NewRotator(updater CommonTokenUpdater, dispatcher Dispatcher, log *zap.Logger) *TokenRotator

+ func (t *TokenRotator) PreRotationChallenge(ctx context.Context, authorizationCode string, codeVerifier string) error

+ func (t *TokenRotator) RevokeCommonToken(ctx context.Context, tokenType CommonTokenType, token string, autID uuid.UUID) error

+ func (t *TokenRotator) RevokeCommonTokensForAuthorization(ctx context.Context, autID uuid.UUID) error

+ func (t *TokenRotator) RotateCommonToken(ctx context.Context, tokenType CommonTokenType, token string, clientID string) error

+ type TokenVerifier struct

+ func NewTokenVerifier(log *zap.Logger, issuer *TokenIssuer, loader Fetcher, ...) *TokenVerifier

+ func (t *TokenVerifier) ParseAndValidateAccessToken(accessToken string) (jwt.Token, error)

+ func (t *TokenVerifier) ValidateAccessTokenDetails(ctx context.Context, accessToken string) (*CommonToken, error)

+ func (t *TokenVerifier) ValidateRefreshTokenDetails(ctx context.Context, refreshToken string) (*CommonToken, error)