jwt

package
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 2, 2023 License: Apache-2.0 Imports: 17 Imported by: 12

Documentation

Index

Constants

View Source 
const (
	// TypeJWT defines JWT type.
	TypeJWT = "JWT"

	// AlgorithmNone used to indicate unsecured JWT.
	AlgorithmNone = "none"
)

Variables

This section is empty.

Functions

func IsJWS added in v0.1.3 

func IsJWS(s string) bool

IsJWS checks if JWT is a JWS of valid structure.

func IsJWTUnsecured added in v0.1.3 

func IsJWTUnsecured(s string) bool

IsJWTUnsecured checks if JWT is an unsecured JWT of valid structure.

func PayloadToMap added in v0.1.9 

func PayloadToMap(i interface{}) (map[string]interface{}, error)

PayloadToMap transforms interface to map.

func UnsecuredJWTVerifier 

func UnsecuredJWTVerifier() jose.SignatureVerifier

UnsecuredJWTVerifier provides verifier for unsecured JWT.

func VerifyEdDSA 

func VerifyEdDSA(pubKey *verifier.PublicKey, message, signature []byte) error

VerifyEdDSA verifies EdDSA signature.

func VerifyRS256 

func VerifyRS256(pubKey *verifier.PublicKey, message, signature []byte) error

VerifyRS256 verifies RS256 signature.

Types

type BasicVerifier 

type BasicVerifier struct {
	// contains filtered or unexported fields
}

BasicVerifier defines basic Signed JWT verifier based on Issuer Claim and Key ID JOSE Header.

func GetVerifier added in v0.1.9 

func GetVerifier(publicKey *verifier.PublicKey) (*BasicVerifier, error)

GetVerifier returns new BasicVerifier based on *verifier.PublicKey.

func NewVerifier 

func NewVerifier(resolver KeyResolver) *BasicVerifier

NewVerifier creates a new basic Verifier.

func (BasicVerifier) Verify 

func (v BasicVerifier) Verify(joseHeaders jose.Headers, payload, signingInput, signature []byte) error

Verify verifies JSON Web Token. Public key is fetched using Issuer Claim and Key ID JOSE Header.

type Claims 

type Claims jwt.Claims

Claims defines JSON Web Token Claims (https://tools.ietf.org/html/rfc7519#section-4)

type JSONWebToken 

type JSONWebToken struct {
	Headers jose.Headers

	Payload map[string]interface{}
	// contains filtered or unexported fields
}

JSONWebToken defines JSON Web Token (https://tools.ietf.org/html/rfc7519)

func NewSigned added in v0.1.3 

func NewSigned(claims interface{}, headers jose.Headers, signer jose.Signer) (*JSONWebToken, error)

NewSigned creates new signed JSON Web Token based on input claims.

func NewUnsecured added in v0.1.3 

func NewUnsecured(claims interface{}, headers jose.Headers) (*JSONWebToken, error)

NewUnsecured creates new unsecured JSON Web Token based on input claims.

func Parse 

func Parse(jwtSerialized string, opts ...ParseOpt) (*JSONWebToken, []byte, error)

Parse parses input JWT in serialized form into JSON Web Token. Currently JWS and unsecured JWT is supported.

func (*JSONWebToken) DecodeClaims 

func (j *JSONWebToken) DecodeClaims(c interface{}) error

DecodeClaims fills input c with claims of a token.

func (*JSONWebToken) LookupStringHeader 

func (j *JSONWebToken) LookupStringHeader(name string) string

LookupStringHeader makes look up of particular header with string value.

func (*JSONWebToken) Serialize added in v0.1.3 

func (j *JSONWebToken) Serialize(detached bool) (string, error)

Serialize makes (compact) serialization of token.

type JoseED25519Signer added in v0.1.9 

type JoseED25519Signer struct {
	// contains filtered or unexported fields
}

JoseED25519Signer is a Jose compliant signer.

func NewEd25519Signer added in v0.1.9 

func NewEd25519Signer(privKey []byte) *JoseED25519Signer

NewEd25519Signer returns a Jose compliant signer that can be passed as a signer to jwt.NewSigned().

func (JoseED25519Signer) Headers added in v0.1.9 

func (s JoseED25519Signer) Headers() jose.Headers

Headers returns the signer's headers map.

func (JoseED25519Signer) Sign added in v0.1.9 

func (s JoseED25519Signer) Sign(data []byte) ([]byte, error)

Sign data.

type JoseEd25519Verifier added in v0.1.9 

type JoseEd25519Verifier struct {
	// contains filtered or unexported fields
}

JoseEd25519Verifier is a Jose compliant verifier.

func NewEd25519Verifier added in v0.1.9 

func NewEd25519Verifier(pubKey []byte) (*JoseEd25519Verifier, error)

NewEd25519Verifier returns a Jose compliant verifier that can be passed as a verifier option to jwt.Parse().

func (JoseEd25519Verifier) Verify added in v0.1.9 

func (v JoseEd25519Verifier) Verify(joseHeaders jose.Headers, _, signingInput, signature []byte) error

Verify signingInput against signature. it validates that joseHeaders contains EdDSA alg for this implementation.

type KeyResolver 

type KeyResolver interface {

	// Resolve resolves public key.
	Resolve(what, kid string) (*verifier.PublicKey, error)
}

KeyResolver resolves public key based on what and kid.

type KeyResolverFunc added in v0.1.3 

type KeyResolverFunc func(what, kid string) (*verifier.PublicKey, error)

KeyResolverFunc defines function.

func (KeyResolverFunc) Resolve added in v0.1.3 

func (k KeyResolverFunc) Resolve(what, kid string) (*verifier.PublicKey, error)

Resolve resolves public key.

type ParseOpt 

type ParseOpt func(opts *parseOpts)

ParseOpt is the JWT Parser option.

func WithIgnoreClaimsMapDecoding added in v0.3.0 

func WithIgnoreClaimsMapDecoding(ignoreClaimsMapDecoding bool) ParseOpt

WithIgnoreClaimsMapDecoding option is for ignore decoding claims into .Payload map[string]interface. Decoding to map[string]interface is pretty expensive, so this option can be used for performance critical operations.

func WithJWTDetachedPayload 

func WithJWTDetachedPayload(payload []byte) ParseOpt

WithJWTDetachedPayload option is for definition of JWT detached payload.

func WithSignatureVerifier 

func WithSignatureVerifier(signatureVerifier jose.SignatureVerifier) ParseOpt

WithSignatureVerifier option is for definition of JWT detached payload.

type RS256Signer added in v0.1.9 

type RS256Signer struct {
	// contains filtered or unexported fields
}

RS256Signer is a Jose complient signer.

func NewRS256Signer added in v0.1.9 

func NewRS256Signer(privKey *rsa.PrivateKey, headers map[string]interface{}) *RS256Signer

NewRS256Signer returns a Jose compliant signer that can be passed as a signer to jwt.NewSigned().

func (RS256Signer) Headers added in v0.1.9 

func (s RS256Signer) Headers() jose.Headers

Headers returns the signer's headers map.

func (RS256Signer) Sign added in v0.1.9 

func (s RS256Signer) Sign(data []byte) ([]byte, error)

Sign data.

type RS256Verifier added in v0.1.9 

type RS256Verifier struct {
	// contains filtered or unexported fields
}

RS256Verifier is a Jose compliant verifier.

func NewRS256Verifier added in v0.1.9 

func NewRS256Verifier(pubKey *rsa.PublicKey) *RS256Verifier

NewRS256Verifier returns a Jose compliant verifier that can be passed as a verifier option to jwt.Parse().

func (RS256Verifier) Verify added in v0.1.9 

func (v RS256Verifier) Verify(joseHeaders jose.Headers, _, signingInput, signature []byte) error

Verify signingInput against the signature. It also validates that joseHeaders includes the right alg.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.