Documentation
¶
Overview ¶
Package jwtauth contains JWT and authentication-related helpers
Index ¶
- func BuildAPIAccessToken(sdkKeys []string, ttl time.Duration, key []byte) (tokenString string, err error)
- func BuildAdminAccessToken(ttl time.Duration, key []byte) (tokenString string, err error)
- func DecodeConfigValue(configSecretHash string) ([]byte, error)
- func GenerateClientSecretAndHash() (secretStr, hashStr string, err error)
- func ValidateClientSecret(reqSecret string, configSecretHash []byte) (bool, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func BuildAPIAccessToken ¶
func BuildAPIAccessToken(sdkKeys []string, ttl time.Duration, key []byte) (tokenString string, err error)
BuildAPIAccessToken returns a token for accessing the API service using the argument SDK keys and TTL. It also returns the expiration timestamp.
func BuildAdminAccessToken ¶
BuildAdminAccessToken returns a token for accessing the Admin service using the argument TTL. It also returns the expiration timestamp.
func DecodeConfigValue ¶ added in v1.0.0
DecodeConfigValue returns the decoded value from configuration a byte slice, or an error if decoding failed
func GenerateClientSecretAndHash ¶ added in v0.13.0
GenerateClientSecretAndHash returns a random secret and its hash, for use with Agent's authN/authZ workflow. - The first return value is the secret - 32 random bytes, base64-encoded. - The second return value is the bcrypt hash of the secret. - The hash should be included in Agent's auth configuration as the client_secret value. - The secret should be sent in the request to the token issuer endpoint.
func ValidateClientSecret ¶ added in v0.13.0
ValidateClientSecret returns true if the hash of the secret provided in config matches the secret provided in the request. Returns an error if the req secret fails base64 decoding.
Types ¶
This section is empty.
Source Files