token

package
v0.7.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 3, 2021 License: MIT Imports: 17 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	InvalidTokenError        = errors.New("invalid token")
	TokenExpiredError        = errors.New("token has already expired")
	UnexpectedIssuerError    = errors.New("unexpected issuer")
	UnexpectedAudienceError  = errors.New("unexpected audience")
	UnexpectedTokenTypeError = errors.New("unexpected token type")
	UnexpectedClientIDError  = errors.New("unexpected client_id")
)
View Source
var (
	NotJWEError = errors.New("not a valid JWE data")
)

Functions

func TokenHash

func TokenHash(token string) string

Types

type AccessTokenClaims

type AccessTokenClaims struct {
	OIDCClaims

	AuthorizedParties []string `json:"azp,omitempty"`
	Scope             string   `json:"scope,omitempty"`
}

func (AccessTokenClaims) Validate

func (claims AccessTokenClaims) Validate(issuer *config.URL) error

type AuthorizedParties added in v0.4.0

type AuthorizedParties []string

func (AuthorizedParties) Append added in v0.4.0

func (AuthorizedParties) Includes added in v0.4.0

func (azp AuthorizedParties) Includes(rp string) bool

type CodeClaims

type CodeClaims struct {
	OIDCClaims

	ClientID    string `json:"client_id"`
	RedirectURI string `json:"redirect_uri"`
	Nonce       string `json:"nonce,omitempty"`
	Scope       string `json:"scope,omitempty"`
}

func (CodeClaims) Validate

func (claims CodeClaims) Validate(issuer *config.URL) error

type ExtraClaims

type ExtraClaims map[string]interface{}

type IDTokenClaims

type IDTokenClaims struct {
	OIDCClaims

	Nonce           string      `json:"nonce,omitempty"`
	CodeHash        string      `json:"c_hash,omitempty"`
	AccessTokenHash string      `json:"at_hash,omitempty"`
	ExtraClaims     ExtraClaims `json:"-"`
}

func (IDTokenClaims) MarshalJSON

func (claims IDTokenClaims) MarshalJSON() ([]byte, error)

func (*IDTokenClaims) UnmarshalJSON

func (claims *IDTokenClaims) UnmarshalJSON(data []byte) error

func (IDTokenClaims) Validate

func (claims IDTokenClaims) Validate(issuer *config.URL, audience string) error

type JWK

type JWK struct {
	KeyID     string   `json:"kid"`
	Use       string   `json:"use"`
	Algorithm string   `json:"alg"`
	KeyType   string   `json:"kty"`
	E         string   `json:"e"`
	N         string   `json:"n"`
	X509      []string `json:"x5c"`
}

type Manager

type Manager struct {
	// contains filtered or unexported fields
}

func GenerateManager

func GenerateManager() (Manager, error)

func NewManager

func NewManager(private *rsa.PrivateKey) (Manager, error)

func NewManagerFromFile

func NewManagerFromFile(file io.Reader) (Manager, error)

func (Manager) CreateAccessToken

func (m Manager) CreateAccessToken(issuer *config.URL, subject, clientID, scope string, authTime time.Time, expiresIn time.Duration) (string, error)

func (Manager) CreateCode

func (m Manager) CreateCode(issuer *config.URL, subject, clientID, redirectURI, scope, nonce string, authTime time.Time, expiresIn time.Duration) (string, error)

func (Manager) CreateIDToken

func (m Manager) CreateIDToken(issuer *config.URL, subject, audience, nonce, code, accessToken string, extraClaims ExtraClaims, authTime time.Time, expiresIn time.Duration) (string, error)

func (Manager) CreateRefreshToken

func (m Manager) CreateRefreshToken(issuer *config.URL, subject, clientID, scope, nonce string, authTime time.Time, expiresIn time.Duration) (string, error)

func (Manager) CreateRequestObject added in v0.5.0

func (m Manager) CreateRequestObject(issuer *config.URL, subject string, request RequestObjectClaims, expiresAt time.Time) (string, error)

func (Manager) CreateSSOToken

func (m Manager) CreateSSOToken(issuer *config.URL, subject string, authorized AuthorizedParties, authTime time.Time, expiresAt time.Time) (string, error)

func (Manager) JWKs

func (m Manager) JWKs(hostname string) ([]JWK, error)

func (Manager) KeyID

func (m Manager) KeyID() uuid.UUID

func (Manager) ParseAccessToken

func (m Manager) ParseAccessToken(token string) (AccessTokenClaims, error)

func (Manager) ParseCode

func (m Manager) ParseCode(token string) (CodeClaims, error)

func (Manager) ParseIDToken

func (m Manager) ParseIDToken(token string) (IDTokenClaims, error)

func (Manager) ParseRefreshToken

func (m Manager) ParseRefreshToken(token string) (RefreshTokenClaims, error)

func (Manager) ParseRequestObject added in v0.5.0

func (m Manager) ParseRequestObject(token string, signKey string) (RequestObjectClaims, error)

func (Manager) ParseSSOToken added in v0.4.0

func (m Manager) ParseSSOToken(token string) (SSOTokenClaims, error)

func (Manager) PublicKey

func (m Manager) PublicKey() *rsa.PublicKey

type OIDCClaims

type OIDCClaims struct {
	jwt.StandardClaims

	Type     string `json:"typ"`
	AuthTime int64  `json:"auth_time,omitempty"`
}

func (OIDCClaims) Validate

func (claims OIDCClaims) Validate(issuer *config.URL, audience string) error

type RefreshTokenClaims

type RefreshTokenClaims struct {
	OIDCClaims

	ClientID string `json:"client_id"`
	Scope    string `json:"scope,omitempty"`
	Nonce    string `json:"nonce,omitempty"`
}

func (RefreshTokenClaims) Validate

func (claims RefreshTokenClaims) Validate(issuer *config.URL) error

type RequestObjectClaims added in v0.5.0

type RequestObjectClaims struct {
	jwt.StandardClaims

	ResponseType string `json:"response_type,omitempty"`
	ClientID     string `json:"client_id,omitempty"`
	RedirectURI  string `json:"redirect_uri,omitempty"`
	Scope        string `json:"scope,omitempty"`
	State        string `json:"state,omitempty"`
	Nonce        string `json:"nonce,omitempty"`
	MaxAge       int64  `json:"max_age,omitempty"`
	Prompt       string `json:"prompt,omitempty"`
	LoginHint    string `json:"login_hint,omitempty"`
}

func (RequestObjectClaims) Validate added in v0.5.0

func (claims RequestObjectClaims) Validate(issuer string, audience *config.URL) error

type SSOTokenClaims added in v0.4.0

type SSOTokenClaims struct {
	OIDCClaims

	Authorized AuthorizedParties `json:"azp,omitempty"`
}

func (SSOTokenClaims) Validate added in v0.4.0

func (claims SSOTokenClaims) Validate(issuer *config.URL) error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL