claims

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 11, 2023 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Overview

Package claims collects common jwt types.

Index

Constants

View Source
const (
	// DefaultLeeway defines the default leeway to verify time claim.
	DefaultLeeway = time.Minute
)

Variables

This section is empty.

Functions

This section is empty.

Types

type InvalidError

type InvalidError struct {
	Claims Standard
	Opts   VerifyOptions
	Reason InvalidReason
}

InvalidError results when an odd error occurs in Standard.Verify.

func (InvalidError) Error

func (e InvalidError) Error() string

type InvalidReason

type InvalidReason int

InvalidReason represents claim verification error reason.

const (
	// Expired results when a claim has expired, based on the time
	// given in the VerifyOptions.
	Expired InvalidReason = iota
	// NotBefore results when a claim not yet valid, based on the time
	// given in the VerifyOptions.
	NotBefore
	// IssuerMismatch results when the issuer name of a claim
	// does not match the issuer name given in the VerifyOptions.
	IssuerMismatch
	// IssuedAtFuture results when the issued at (iat) time of a claim,
	// is after the time given in the VerifyOptions.
	IssuedAtFuture
	// AudienceNotFound results when a claim audience
	// does not have one of the audiences given in the VerifyOptions.
	AudienceNotFound
)

type Standard

type Standard struct {
	Scope     StringOrList `json:"scope,omitempty"`
	Audience  StringOrList `json:"aud,omitempty"`
	ExpiresAt *Time        `json:"exp,omitempty"`
	IssuedAt  *Time        `json:"iat,omitempty"`
	NotBefore *Time        `json:"nbf,omitempty"`
	Subject   string       `json:"sub,omitempty"`
	Issuer    string       `json:"iss,omitempty"`
	JWTID     string       `json:"jti,omitempty"`
}

Standard provide a starting point for a set of useful interoperable claims as defined in RFC 7519.

func (Standard) Verify

func (s Standard) Verify(opts VerifyOptions) error

Verify attempts to verify s using opts.

type StringOrList

type StringOrList []string

StringOrList define a type for a claim that can be either a string or list of strings.

func (StringOrList) Split

func (s StringOrList) Split() []string

Split slices claim string into all substrings separated by comma or space and returns a slice of the substrings between those separators. Otherwise, it returns claim list as is.

func (*StringOrList) UnmarshalJSON

func (s *StringOrList) UnmarshalJSON(b []byte) error

UnmarshalJSON to string or array of strings.

type Time

type Time time.Time

Time defines a timestamp encoded as time.Unix in JSON

func (Time) MarshalJSON

func (t Time) MarshalJSON() ([]byte, error)

MarshalJSON encode t as time.Unix.

func (*Time) UnmarshalJSON

func (t *Time) UnmarshalJSON(b []byte) (err error)

UnmarshalJSON decode json time.Unix to t.

type VerifyOptions

type VerifyOptions struct {
	// Audience represents targeted claim audiences.
	Audience []string
	// Issuer represents claim issuer.
	Issuer string
	// Time returns the current time.
	// If Time is nil, Standard.Verify uses time.Now with DefaultLeeway.
	// Recommended to add leeway window before return t to account for clock skew,
	// https://tools.ietf.org/html/rfc7519#section-4.1.4.
	//
	// 		func() (time.Time) {
	//	        return time.Now().Add(-leeway)
	//       }
	Time func() (t time.Time)
	// Extra parameters.
	Extra map[string]any
}

VerifyOptions contains parameters for Standard.Verify.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL