Documentation ¶
Overview ¶
Package claims collects common jwt types.
Index ¶
Constants ¶
const ( // DefaultLeeway defines the default leeway to verify time claim. DefaultLeeway = time.Minute )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type InvalidError ¶
type InvalidError struct { Claims Standard Opts VerifyOptions Reason InvalidReason }
InvalidError results when an odd error occurs in Standard.Verify.
func (InvalidError) Error ¶
func (e InvalidError) Error() string
type InvalidReason ¶
type InvalidReason int
InvalidReason represents claim verification error reason.
const ( // Expired results when a claim has expired, based on the time // given in the VerifyOptions. Expired InvalidReason = iota // NotBefore results when a claim not yet valid, based on the time // given in the VerifyOptions. NotBefore // IssuerMismatch results when the issuer name of a claim // does not match the issuer name given in the VerifyOptions. IssuerMismatch // IssuedAtFuture results when the issued at (iat) time of a claim, // is after the time given in the VerifyOptions. IssuedAtFuture // AudienceNotFound results when a claim audience // does not have one of the audiences given in the VerifyOptions. AudienceNotFound )
type Standard ¶
type Standard struct { Scope StringOrList `json:"scope,omitempty"` Audience StringOrList `json:"aud,omitempty"` ExpiresAt *Time `json:"exp,omitempty"` IssuedAt *Time `json:"iat,omitempty"` NotBefore *Time `json:"nbf,omitempty"` Subject string `json:"sub,omitempty"` Issuer string `json:"iss,omitempty"` JWTID string `json:"jti,omitempty"` }
Standard provide a starting point for a set of useful interoperable claims as defined in RFC 7519.
func (Standard) Verify ¶
func (s Standard) Verify(opts VerifyOptions) error
Verify attempts to verify s using opts.
type StringOrList ¶
type StringOrList []string
StringOrList define a type for a claim that can be either a string or list of strings.
func (StringOrList) Split ¶
func (s StringOrList) Split() []string
Split slices claim string into all substrings separated by comma or space and returns a slice of the substrings between those separators. Otherwise, it returns claim list as is.
func (*StringOrList) UnmarshalJSON ¶
func (s *StringOrList) UnmarshalJSON(b []byte) error
UnmarshalJSON to string or array of strings.
type Time ¶
Time defines a timestamp encoded as time.Unix in JSON
func (Time) MarshalJSON ¶
MarshalJSON encode t as time.Unix.
func (*Time) UnmarshalJSON ¶
UnmarshalJSON decode json time.Unix to t.
type VerifyOptions ¶
type VerifyOptions struct { // Audience represents targeted claim audiences. Audience []string // Issuer represents claim issuer. Issuer string // Time returns the current time. // If Time is nil, Standard.Verify uses time.Now with DefaultLeeway. // Recommended to add leeway window before return t to account for clock skew, // https://tools.ietf.org/html/rfc7519#section-4.1.4. // // func() (time.Time) { // return time.Now().Add(-leeway) // } Time func() (t time.Time) // Extra parameters. Extra map[string]any }
VerifyOptions contains parameters for Standard.Verify.