jwkset

package module
v2.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 6, 2024 License: BSD-3-Clause Imports: 14 Imported by: 0

README

go-jwkset

Go BSD License

go-jwkset is a library to fetch JSON Web Key ("JWK") Set on top of go-jose/go-jose/v4 library. go-jwkset allows you to build a cache-ware custom fetcher for JWKSet.

v2

The master branch is for v2 version of the library. Please import the library with the following.

import "github.com/nabeken/go-jwkset/v2"

Built-in fetcher implementation

Versioning

This library follows Semantic Versions.

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Decode

func Decode(r io.Reader) ([]jose.JSONWebKey, error)

Decode decodes the data with reading from r into JWKs.

func DecodeSigPublicKey

func DecodeSigPublicKey(data []byte, kid string, algo jose.SignatureAlgorithm) ([]jose.JSONWebKey, error)

DecodeSigPublicKey decodes the plain public key into JWKs used for sigining. https://github.com/square/go-jose/blob/v2.4.1/jose-util/utils.go#L42

Types

type ALBFetcher

type ALBFetcher struct {
	Client *http.Client
	Region string
	Algo   jose.SignatureAlgorithm
}

ALBFetcher fetchs a public key from AWS's Application Load Balancer and decodes it into JWK.

func (*ALBFetcher) FetchJWKs

func (f *ALBFetcher) FetchJWKs(kid string) (*Response, error)

type Cacher

type Cacher struct {
	// contains filtered or unexported fields
}

Cacher fetches JWKs via Cache if available.

func NewCacher

func NewCacher(defaultExpiration, cleanupInterval time.Duration, f Fetcher) *Cacher

NewCacher returns Cacher with initializing cache store.

func (*Cacher) FetchJWKs

func (c *Cacher) FetchJWKs(cacheKey string) (*Response, error)

FetchJWKs tries to retrieve JWKs from Cache. If the cache is not available, it will call Fetcher.FetchJWKs and cache the result for future request.

type Fetcher

type Fetcher interface {
	// FetchJWKs retrieves JWKSet from path.
	FetchJWKs(path string) (*Response, error)
}

Fetcher is an interface that represents JWKs fetcher.

type HTTPFetcher

type HTTPFetcher struct {
	Client *http.Client
}

HTTPFetcher fetches JWKs over HTTP.

func (*HTTPFetcher) FetchJWKs

func (f *HTTPFetcher) FetchJWKs(uri string) (*Response, error)

FetchJWKs implements Fetcher interface by using http.Client. FetchJWKs tries to retrieve JWKSet from uri.

type InMemoryFetcher

type InMemoryFetcher struct {
	RAWJWKs []byte
}

InMemoryFetcher fetches JWKs from its memory.

func (*InMemoryFetcher) FetchJWKs

func (f *InMemoryFetcher) FetchJWKs(_ string) (*Response, error)

FetchJWKs implements Fetcher interface by using internal JWKs.

type Response

type Response struct {
	Keys []jose.JSONWebKey

	TTL time.Duration // This would be used as TTL for caching.
}

Response represents a response of JWK Set. This contains a TTL (Time to Live) for caching purpose.

type S3Fetcher

type S3Fetcher struct {
	S3Svc s3iface.S3API
}

S3Fetcher fetches JWKs via S3.

func (*S3Fetcher) FetchJWKs

func (f *S3Fetcher) FetchJWKs(path string) (*Response, error)

FetchJWKs implements JWKsS3Fetcher by using S3. It tries to retrieve an S3 object from path. path must be in s3://<bucket>/<key>.

Directories

Path Synopsis
cmd

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL