Documentation ¶
Index ¶
- Constants
- Variables
- func ExtractTokenFromBearerHeader(token string) []byte
- func LoadPrivateKeyFromPEM(file string, alg TokenSignatureAlgorithm) (interface{}, error)
- func LoadPublicKeyFromPEM(file string, alg TokenSignatureAlgorithm) (interface{}, error)
- func LoadPublicKeyFromString(s string, alg TokenSignatureAlgorithm) (interface{}, error)
- func NewTokenWithClaims(method jwt.SigningMethod, kid string, claims jwt.Claims) *jwt.Token
- type Claims
- type JWToken
- func (t *JWToken) Audience() string
- func (t *JWToken) ExpiresAt() time.Time
- func (t *JWToken) ID() string
- func (t *JWToken) IssuedAt() time.Time
- func (t *JWToken) Issuer() string
- func (t *JWToken) NotBefore() time.Time
- func (t *JWToken) Payload() map[string]interface{}
- func (t *JWToken) Scopes() string
- func (t *JWToken) Subject() string
- func (t *JWToken) Type() string
- func (t *JWToken) UserID() string
- func (t *JWToken) Validate() error
- type StandardTokenClaims
- type Token
- type TokenSignatureAlgorithm
- func (alg TokenSignatureAlgorithm) MarshalJSON() ([]byte, error)
- func (alg TokenSignatureAlgorithm) MarshalYAML() (interface{}, error)
- func (alg TokenSignatureAlgorithm) String() string
- func (alg *TokenSignatureAlgorithm) UnmarshalJSON(data []byte) error
- func (alg *TokenSignatureAlgorithm) UnmarshalYAML(unmarshal func(interface{}) error) error
Constants ¶
const TokenHeaderKeyPrefix = "BEARER "
TokenHeaderKeyPrefix is a token prefix regarding RFCXXX.
Variables ¶
var ( // ErrWrongSignatureAlgorithm is for unsupported signature algorithm. ErrWrongSignatureAlgorithm = errors.New("Unsupported signature algorithm") // ErrEmptyToken is when token is empty. ErrEmptyToken = errors.New("Token is empty") // ErrTokenInvalid is when token is invalid. ErrTokenInvalid = errors.New("Token is invalid") )
var StrToTokenSignAlg = map[string]TokenSignatureAlgorithm{ "es256": TokenSignatureAlgorithmES256, "rs256": TokenSignatureAlgorithmRS256, "auto": TokenSignatureAlgorithmAuto}
StrToTokenSignAlg maps string token service algorithm names to values.
var TimeFunc = time.Now
TimeFunc provides the current time when parsing token to validate "exp" claim (expiration time). You can override it to use another time value. This is useful for testing or if your server uses a time zone different from your tokens'.
Functions ¶
func ExtractTokenFromBearerHeader ¶
ExtractTokenFromBearerHeader extracts token from the Bearer token header value.
func LoadPrivateKeyFromPEM ¶
func LoadPrivateKeyFromPEM(file string, alg TokenSignatureAlgorithm) (interface{}, error)
LoadPrivateKeyFromPEM loads private key from PEM file.
func LoadPublicKeyFromPEM ¶
func LoadPublicKeyFromPEM(file string, alg TokenSignatureAlgorithm) (interface{}, error)
LoadPublicKeyFromPEM loads public key from PEM file.
func LoadPublicKeyFromString ¶
func LoadPublicKeyFromString(s string, alg TokenSignatureAlgorithm) (interface{}, error)
LoadPublicKeyFromString loads public key from string.
func NewTokenWithClaims ¶
NewTokenWithClaims generates new JWT token with claims and keyID.
Types ¶
type Claims ¶
type Claims struct { Payload map[string]interface{} `json:"payload,omitempty"` Scopes string `json:"scopes,omitempty"` Type string `json:"type,omitempty"` KeyID string `json:"kid,omitempty"` // optional keyID jwt.StandardClaims }
Claims is an extended claims structure.
type JWToken ¶
JWToken represents JWT token.
type StandardTokenClaims ¶ added in v1.1.11
type StandardTokenClaims interface { Audience() string ExpiresAt() time.Time ID() string IssuedAt() time.Time Issuer() string NotBefore() time.Time Subject() string }
StandardTokenClaims structured version of Claims Section, as referenced at https://tools.ietf.org/html/rfc7519#section-4.1
type Token ¶
type Token interface { StandardTokenClaims Validate() error UserID() string Type() string Scopes() string Payload() map[string]interface{} }
Token is an abstract application token.
func ParseTokenWithPublicKey ¶
ParseTokenWithPublicKey parses token with provided public key.
type TokenSignatureAlgorithm ¶
type TokenSignatureAlgorithm int
TokenSignatureAlgorithm is a signing algorithm used by the token service. For now, we only support ES256 and RS256.
const ( // TokenSignatureAlgorithmES256 is a ES256 signature. TokenSignatureAlgorithmES256 TokenSignatureAlgorithm = iota + 1 // TokenSignatureAlgorithmRS256 is a RS256 signature. TokenSignatureAlgorithmRS256 // TokenSignatureAlgorithmAuto tries to detect algorithm on the fly. TokenSignatureAlgorithmAuto )
func LoadPublicKeyFromPEMAuto ¶ added in v0.0.10
func LoadPublicKeyFromPEMAuto(file string) (interface{}, TokenSignatureAlgorithm, error)
LoadPublicKeyFromPEMAuto loads keys from pem file with key algorithm auto detection
func LoadPublicKeyFromStringAuto ¶ added in v0.0.10
func LoadPublicKeyFromStringAuto(s string) (interface{}, TokenSignatureAlgorithm, error)
LoadPublicKeyFromStringAuto loads keys from string with key algorithm auto detection
func (TokenSignatureAlgorithm) MarshalJSON ¶
func (alg TokenSignatureAlgorithm) MarshalJSON() ([]byte, error)
MarshalJSON implements json.Marshaller.
func (TokenSignatureAlgorithm) MarshalYAML ¶
func (alg TokenSignatureAlgorithm) MarshalYAML() (interface{}, error)
MarshalYAML implements yaml.Marshaller.
func (TokenSignatureAlgorithm) String ¶
func (alg TokenSignatureAlgorithm) String() string
String implements Stringer.
func (*TokenSignatureAlgorithm) UnmarshalJSON ¶
func (alg *TokenSignatureAlgorithm) UnmarshalJSON(data []byte) error
UnmarshalJSON implements json.Unmarshaller.
func (*TokenSignatureAlgorithm) UnmarshalYAML ¶
func (alg *TokenSignatureAlgorithm) UnmarshalYAML(unmarshal func(interface{}) error) error
UnmarshalYAML implements yaml.Unmarshaller.