openid

package
v3.0.0-alpha1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 1, 2024 License: MIT Imports: 14 Imported by: 0

Documentation

Overview

Package openid provides a specialized token that provides utilities to work with OpenID JWT tokens.

In order to use OpenID claims, you specify the token to use in the jwt.Parse method 

jwt.Parse(data, jwt.WithToken(openid.New())

Index

Constants

View Source 
const (
	AddressFormattedKey     = "formatted"
	AddressStreetAddressKey = "street_address"
	AddressLocalityKey      = "locality"
	AddressRegionKey        = "region"
	AddressPostalCodeKey    = "postal_code"
	AddressCountryKey       = "country"
)
View Source 
const (
	AddressKey             = "address"
	AudienceKey            = "aud"
	BirthdateKey           = "birthdate"
	EmailKey               = "email"
	EmailVerifiedKey       = "email_verified"
	ExpirationKey          = "exp"
	FamilyNameKey          = "family_name"
	GenderKey              = "gender"
	GivenNameKey           = "given_name"
	IssuedAtKey            = "iat"
	IssuerKey              = "iss"
	JwtIDKey               = "jti"
	LocaleKey              = "locale"
	MiddleNameKey          = "middle_name"
	NameKey                = "name"
	NicknameKey            = "nickname"
	NotBeforeKey           = "nbf"
	PhoneNumberKey         = "phone_number"
	PhoneNumberVerifiedKey = "phone_number_verified"
	PictureKey             = "picture"
	PreferredUsernameKey   = "preferred_username"
	ProfileKey             = "profile"
	SubjectKey             = "sub"
	UpdatedAtKey           = "updated_at"
	WebsiteKey             = "website"
	ZoneinfoKey            = "zoneinfo"
)

Variables

This section is empty.

Functions

func RegisterCustomField 

func RegisterCustomField(name string, object interface{})

RegisterCustomField allows users to specify that a private field be decoded as an instance of the specified type. This option has a global effect.

For example, suppose you have a custom field `x-birthday`, which you want to represent as a string formatted in RFC3339 in JSON, but want it back as `time.Time`.

In that case you would register a custom field as follows 

jwt.RegisterCustomField(`x-birthday`, timeT)

Then `token.Get("x-birthday")` will still return an `interface{}`, but you can convert its type to `time.Time` 

bdayif, _ := token.Get(`x-birthday`)
bday := bdayif.(time.Time)

Types

type AddressClaim 

type AddressClaim struct {
	// contains filtered or unexported fields
}

AddressClaim is the address claim as described in https://openid.net/specs/openid-connect-core-1_0.html#AddressClaim

func NewAddress 

func NewAddress() *AddressClaim

func (*AddressClaim) Accept 

func (t *AddressClaim) Accept(v interface{}) error

func (AddressClaim) Country 

func (t AddressClaim) Country() string

Country is a convenience function to retrieve the corresponding value store in the token if there is a problem retrieving the value, the zero value is returned. If you need to differentiate between existing/non-existing values, use `Get` instead

func (AddressClaim) Formatted 

func (t AddressClaim) Formatted() string

Formatted is a convenience function to retrieve the corresponding value store in the token if there is a problem retrieving the value, the zero value is returned. If you need to differentiate between existing/non-existing values, use `Get` instead

func (*AddressClaim) Get 

func (t *AddressClaim) Get(s string) (interface{}, bool)

func (AddressClaim) Locality 

func (t AddressClaim) Locality() string

Locality is a convenience function to retrieve the corresponding value store in the token if there is a problem retrieving the value, the zero value is returned. If you need to differentiate between existing/non-existing values, use `Get` instead

func (AddressClaim) MarshalJSON 

func (t AddressClaim) MarshalJSON() ([]byte, error)

MarshalJSON serializes the token in JSON format.

func (AddressClaim) PostalCode 

func (t AddressClaim) PostalCode() string

PostalCode is a convenience function to retrieve the corresponding value store in the token if there is a problem retrieving the value, the zero value is returned. If you need to differentiate between existing/non-existing values, use `Get` instead

func (AddressClaim) Region 

func (t AddressClaim) Region() string

Region is a convenience function to retrieve the corresponding value store in the token if there is a problem retrieving the value, the zero value is returned. If you need to differentiate between existing/non-existing values, use `Get` instead

func (*AddressClaim) Set 

func (t *AddressClaim) Set(key string, value interface{}) error

func (AddressClaim) StreetAddress 

func (t AddressClaim) StreetAddress() string

StreetAddress is a convenience function to retrieve the corresponding value store in the token if there is a problem retrieving the value, the zero value is returned. If you need to differentiate between existing/non-existing values, use `Get` instead

func (*AddressClaim) UnmarshalJSON 

func (t *AddressClaim) UnmarshalJSON(data []byte) error

UnmarshalJSON deserializes data from a JSON data buffer into a AddressClaim

type BirthdateClaim 

type BirthdateClaim struct {
	// contains filtered or unexported fields
}

func (*BirthdateClaim) Accept 

func (b *BirthdateClaim) Accept(v interface{}) error

Accepts a value read from JSON, and converts it to a BirthdateClaim. This method DOES NOT verify the correctness of a date. Consumers should check for validity of dates such as Apr 31 et al

func (BirthdateClaim) Day 

func (b BirthdateClaim) Day() int

func (BirthdateClaim) MarshalText 

func (b BirthdateClaim) MarshalText() ([]byte, error)

func (BirthdateClaim) Month 

func (b BirthdateClaim) Month() int

func (BirthdateClaim) String 

func (b BirthdateClaim) String() string

func (*BirthdateClaim) UnmarshalJSON 

func (b *BirthdateClaim) UnmarshalJSON(data []byte) error

func (BirthdateClaim) Year 

func (b BirthdateClaim) Year() int

type Builder 

type Builder struct {
	// contains filtered or unexported fields
}

Builder is a convenience wrapper around the New() constructor and the Set() methods to assign values to Token claims. Users can successively call Claim() on the Builder, and have it construct the Token when Build() is called. This alleviates the need for the user to check for the return value of every single Set() method call. Note that each call to Claim() overwrites the value set from the previous call.

func NewBuilder 

func NewBuilder() *Builder

func (*Builder) Address 

func (b *Builder) Address(v *AddressClaim) *Builder

func (*Builder) Audience 

func (b *Builder) Audience(v []string) *Builder

func (*Builder) Birthdate 

func (b *Builder) Birthdate(v *BirthdateClaim) *Builder

func (*Builder) Build 

func (b *Builder) Build() (Token, error)

Build creates a new token based on the claims that the builder has received so far. If a claim cannot be set, then the method returns a nil Token with a en error as a second return value

Once `Build()` is called, all claims are cleared from the Builder, and the Builder can be reused to build another token

func (*Builder) Claim 

func (b *Builder) Claim(name string, value interface{}) *Builder

func (*Builder) Email 

func (b *Builder) Email(v string) *Builder

func (*Builder) EmailVerified 

func (b *Builder) EmailVerified(v bool) *Builder

func (*Builder) Expiration 

func (b *Builder) Expiration(v time.Time) *Builder

func (*Builder) FamilyName 

func (b *Builder) FamilyName(v string) *Builder

func (*Builder) Gender 

func (b *Builder) Gender(v string) *Builder

func (*Builder) GivenName 

func (b *Builder) GivenName(v string) *Builder

func (*Builder) IssuedAt 

func (b *Builder) IssuedAt(v time.Time) *Builder

func (*Builder) Issuer 

func (b *Builder) Issuer(v string) *Builder

func (*Builder) JwtID 

func (b *Builder) JwtID(v string) *Builder

func (*Builder) Locale 

func (b *Builder) Locale(v string) *Builder

func (*Builder) MiddleName 

func (b *Builder) MiddleName(v string) *Builder

func (*Builder) Name 

func (b *Builder) Name(v string) *Builder

func (*Builder) Nickname 

func (b *Builder) Nickname(v string) *Builder

func (*Builder) NotBefore 

func (b *Builder) NotBefore(v time.Time) *Builder

func (*Builder) PhoneNumber 

func (b *Builder) PhoneNumber(v string) *Builder

func (*Builder) PhoneNumberVerified 

func (b *Builder) PhoneNumberVerified(v bool) *Builder

func (*Builder) Picture 

func (b *Builder) Picture(v string) *Builder

func (*Builder) PreferredUsername 

func (b *Builder) PreferredUsername(v string) *Builder

func (*Builder) Profile 

func (b *Builder) Profile(v string) *Builder

func (*Builder) Subject 

func (b *Builder) Subject(v string) *Builder

func (*Builder) UpdatedAt 

func (b *Builder) UpdatedAt(v time.Time) *Builder

func (*Builder) Website 

func (b *Builder) Website(v string) *Builder

func (*Builder) Zoneinfo 

func (b *Builder) Zoneinfo(v string) *Builder

type DecodeCtx 

type DecodeCtx = json.DecodeCtx

type Token 

type Token interface {
	// Address returns the value for "address" field of the token
	Address() (*AddressClaim, bool)

	// Audience returns the value for "aud" field of the token
	Audience() ([]string, bool)

	// Birthdate returns the value for "birthdate" field of the token
	Birthdate() (*BirthdateClaim, bool)

	// Email returns the value for "email" field of the token
	Email() (string, bool)

	// EmailVerified returns the value for "email_verified" field of the token
	EmailVerified() (bool, bool)

	// Expiration returns the value for "exp" field of the token
	Expiration() (time.Time, bool)

	// FamilyName returns the value for "family_name" field of the token
	FamilyName() (string, bool)

	// Gender returns the value for "gender" field of the token
	Gender() (string, bool)

	// GivenName returns the value for "given_name" field of the token
	GivenName() (string, bool)

	// IssuedAt returns the value for "iat" field of the token
	IssuedAt() (time.Time, bool)

	// Issuer returns the value for "iss" field of the token
	Issuer() (string, bool)

	// JwtID returns the value for "jti" field of the token
	JwtID() (string, bool)

	// Locale returns the value for "locale" field of the token
	Locale() (string, bool)

	// MiddleName returns the value for "middle_name" field of the token
	MiddleName() (string, bool)

	// Name returns the value for "name" field of the token
	Name() (string, bool)

	// Nickname returns the value for "nickname" field of the token
	Nickname() (string, bool)

	// NotBefore returns the value for "nbf" field of the token
	NotBefore() (time.Time, bool)

	// PhoneNumber returns the value for "phone_number" field of the token
	PhoneNumber() (string, bool)

	// PhoneNumberVerified returns the value for "phone_number_verified" field of the token
	PhoneNumberVerified() (bool, bool)

	// Picture returns the value for "picture" field of the token
	Picture() (string, bool)

	// PreferredUsername returns the value for "preferred_username" field of the token
	PreferredUsername() (string, bool)

	// Profile returns the value for "profile" field of the token
	Profile() (string, bool)

	// Subject returns the value for "sub" field of the token
	Subject() (string, bool)

	// UpdatedAt returns the value for "updated_at" field of the token
	UpdatedAt() (time.Time, bool)

	// Website returns the value for "website" field of the token
	Website() (string, bool)

	// Zoneinfo returns the value for "zoneinfo" field of the token
	Zoneinfo() (string, bool)

	// Get is used to extract the value of any claim, including non-standard claims, out of the token.
	//
	// The first argument is the name of the claim. The second argument is a pointer
	// to a variable that will receive the value of the claim. The method returns
	// an error if the claim does not exist, or if the value cannot be assigned to
	// the destination variable.  Note that a field is considered to "exist" even if
	// the value is empty-ish (e.g. 0, false, ""), as long as it is explicitly set.
	//
	// For standard claims, you can use the corresponding getter method, such as
	// `Issuer()`, `Subject()`, `Audience()`, `IssuedAt()`, `NotBefore()`, `ExpiresAt()`
	//
	// Note that fields of JWS/JWE are NOT accessible through this method. You need
	// to use `jws.Parse` and `jwe.Parse` to obtain the JWS/JWE message (and NOT
	// the payload, which presumably is the JWT), and then use their `Get` methods in their respective packages
	Get(string, interface{}) error

	// Set assigns a value to the corresponding field in the token. Some
	// pre-defined fields such as `nbf`, `iat`, `iss` need their values to
	// be of a specific type. See the other getter methods in this interface
	// for the types of each of these fields
	Set(string, interface{}) error

	// Has returns true if the specified claim has a value, even if
	// the value is empty-ish (e.g. 0, false, "")  as long as it has been
	// explicitly set.
	Has(string) bool
	Remove(string) error

	// Options returns the per-token options associated with this token.
	// The options set value will be copied when the token is cloned via `Clone()`
	// but it will not survive when the token goes through marshaling/unmarshaling
	// such as `json.Marshal` and `json.Unmarshal`
	Options() *jwt.TokenOptionSet
	Clone() (jwt.Token, error)
	Keys() []string
}

func New 

func New() Token

New creates a standard token, with minimal knowledge of possible claims. Standard claims include"address", "aud", "birthdate", "email", "email_verified", "exp", "family_name", "gender", "given_name", "iat", "iss", "jti", "locale", "middle_name", "name", "nickname", "nbf", "phone_number", "phone_number_verified", "picture", "preferred_username", "profile", "sub", "updated_at", "website" and "zoneinfo". Convenience accessors are provided for these standard claims

type TokenWithDecodeCtx 

type TokenWithDecodeCtx = json.DecodeCtxContainer

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.