Documentation ¶
Overview ¶
Package jwt implements JSON Web Tokens as described in https://tools.ietf.org/html/rfc7519
This file is auto-generated. DO NOT EDIT
Index ¶
- Constants
- type Clock
- type ClockFunc
- type Option
- type StringList
- type Token
- func (t Token) Audience() StringList
- func (t Token) Expiration() time.Time
- func (t *Token) Get(s string) (interface{}, bool)
- func (t Token) IssuedAt() time.Time
- func (t Token) Issuer() string
- func (t Token) JwtID() string
- func (t Token) MarshalJSON() ([]byte, error)
- func (t Token) NotBefore() time.Time
- func (t *Token) Set(name string, v interface{}) error
- func (t *Token) Sign(method jwa.SignatureAlgorithm, key interface{}) ([]byte, error)
- func (t Token) Subject() string
- func (t *Token) UnmarshalJSON(data []byte) error
- func (t *Token) Verify(options ...Option) error
- type VerifyParameters
Examples ¶
Constants ¶
const ( AudienceKey = "aud" ExpirationKey = "exp" IssuedAtKey = "iat" IssuerKey = "iss" JwtIDKey = "jti" NotBeforeKey = "nbf" SubjectKey = "sub" )
Key names for standard claims
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Option ¶
func WithAcceptableSkew ¶
WithAcceptableSkew specifies the duration in which exp and nbf claims may differ by. This value should be positive
func WithAudience ¶
WithAudience specifies that expected audience value. Verify will return true if one of the values in the `aud` element matches this value. If not specified, the value of issuer is not verified at all.
func WithIssuer ¶
WithIssuer specifies that expected issuer value. If not specified, the value of issuer is not verified at all.
func WithJwtID ¶
WithJwtID specifies that expected jti value. If not specified, the value of jti is not verified at all.
func WithSubject ¶
WithSubject specifies that expected subject value. If not specified, the value of subject is not verified at all.
func WithVerify ¶
func WithVerify(alg jwa.SignatureAlgorithm, key interface{}) Option
type StringList ¶
type StringList []string
func (*StringList) Accept ¶
func (l *StringList) Accept(v interface{}) error
func (*StringList) UnmarshalJSON ¶
func (l *StringList) UnmarshalJSON(data []byte) error
type Token ¶
type Token struct {
// contains filtered or unexported fields
}
Token represents a JWT token. The object has convenience accessors to 7 standard claims including "aud", "exp", "iat", "iss", "jti", "nbf" and "sub" which are type-aware (to an extent). Other claims may be accessed via the `Get`/`Set` methods but their types are not taken into consideration at all. If you have non-standard claims that you must frequently access, consider wrapping the token in a wrapper by embedding the jwt.Token type in it
Example ¶
t := jwt.New() t.Set(jwt.SubjectKey, `https://github.com/lestrrat-go/jwx/jwt`) t.Set(jwt.AudienceKey, `Golang Users`) t.Set(jwt.IssuedAtKey, time.Unix(aLongLongTimeAgo, 0)) t.Set(`privateClaimKey`, `Hello, World!`) buf, err := json.MarshalIndent(t, "", " ") if err != nil { fmt.Printf("failed to generate JSON: %s\n", err) return } fmt.Printf("%s\n", buf) fmt.Printf("aud -> '%s'\n", t.Audience()) fmt.Printf("iat -> '%s'\n", t.IssuedAt().Format(time.RFC3339)) if v, ok := t.Get(`privateClaimKey`); ok { fmt.Printf("privateClaimKey -> '%s'\n", v) } fmt.Printf("sub -> '%s'\n", t.Subject())
Output: { "aud": [ "Golang Users" ], "iat": 233431200, "sub": "https://github.com/lestrrat-go/jwx/jwt", "privateClaimKey": "Hello, World!" } aud -> '[Golang Users]' iat -> '1977-05-25T18:00:00Z' privateClaimKey -> 'Hello, World!' sub -> 'https://github.com/lestrrat-go/jwx/jwt'
func Parse ¶
Parse parses the JWT token payload and creates a new `jwt.Token` object. The token must be encoded in either JSON format or compact format.
If the token is signed and you want to verify the payload, you must pass the jwt.WithVerify(alg, key) option. If you do not specify these parameters, no verification will be performed.
func ParseBytes ¶
ParseString calls Parse with the given byte sequence
func ParseString ¶
ParseString calls Parse with the given string
func ParseVerify ¶
ParseVerify is a function that is similar to Parse(), but does not allow for parsing without signature verification parameters.
func (Token) Audience ¶
func (t Token) Audience() StringList
func (Token) Expiration ¶
func (Token) MarshalJSON ¶
MarshalJSON serializes the token in JSON format. This exists to allow flattening of private claims.
func (*Token) Sign ¶
func (t *Token) Sign(method jwa.SignatureAlgorithm, key interface{}) ([]byte, error)
Sign is a convenience function to create a signed JWT token serialized in compact form. `key` must match the key type required by the given signature method `method`
func (*Token) UnmarshalJSON ¶
UnmarshalJSON deserializes data from a JSON data buffer into a Token
type VerifyParameters ¶
type VerifyParameters interface { Algorithm() jwa.SignatureAlgorithm Key() interface{} }