Documentation ¶
Index ¶
Constants ¶
const ( // SignatureAlgES is a hardcoded ES256 signature algorithm. // There is a number of options, we are stick to this value. // See https://tools.ietf.org/html/rfc7516 for details. SignatureAlgES = "ES256" // SignatureAlgRS is a hardcoded RS256 signature algorithm. SignatureAlgRS = "RS256" )
Variables ¶
var ( // ErrTokenValidationNoExpiration is when the token does not have an expiration date. ErrTokenValidationNoExpiration = errors.New("Token is invalid, no expire date") // ErrTokenValidationExpired is when the token expiration date has passed ErrTokenValidationExpired = errors.New("Token is invalid, token has expired") // ErrTokenValidationNoIAT is when IAT verification fails. ErrTokenValidationNoIAT = errors.New("Token is invalid, no issued at date") // ErrTokenValidationInvalidIssuer is when the token has invalid issuer. ErrTokenValidationInvalidIssuer = errors.New("Token is invalid, issuer is invalid") // ErrTokenValidationInvalidAudience is when the token has invalid audience. ErrTokenValidationInvalidAudience = errors.New("Token is invalid, audience is invalid") // ErrTokenValidationInvalidSubject is when subject claim is invalid. ErrTokenValidationInvalidSubject = errors.New("Token is invalid, subject is invalid") // ErrorTokenValidationTokenTypeMismatch is when the token has invalid type. ErrorTokenValidationTokenTypeMismatch = errors.New("Token is invalid, type is invalid") // ErrorConfigurationMissingPublicKey is when public key is missing ErrorConfigurationMissingPublicKey = errors.New("Missing public key to decode the token from string") )
Functions ¶
This section is empty.
Types ¶
type Config ¶ added in v0.0.10
type Config struct { Audience []string Issuer []string UserID []string TokenType []string PublicKey interface{} // PubKeyEnvName environment variable for public key, could be empty if you want to use file insted PubKeyEnvName string // PubKeyFileName file path with public key, could be empty if you want to use env variable. PubKeyFileName string // PubKeyURL URL for well-known JWKS PubKeyURL string // should we always check audience for the token. If yes and audience is empty the validation will fail. IsAudienceRequired bool // should we always check iss for the token. If yes and iss is empty the validation will fail. IsIssuerRequired bool }
Config is a struct to set all the required params for Validator
type Validator ¶
Validator is an abstract token validator.
func NewValidator ¶
NewValidator creates new JWT tokens validator. Arguments: - appID - application ID which have made the request, should be in audience field of JWT token. - issuer - this server name, should be the same as issuer of JWT token. - userID - user who have made the request. If this field is empty, we do not validate it.
func NewValidatorWithConfig ¶ added in v0.0.10
NewValidatorWithConfig creates new JWT tokens validator with public key from config file. Arguments: - appID - application ID which have made the request, should be in audience field of JWT token. - issuer - this server name, should be the same as issuer of JWT token. - userID - user who have made the request. If this field is empty, we do not validate it. - config - public key to parse the token.