jwk

package
v2.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 12, 2024 License: Apache-2.0 Imports: 38 Imported by: 2

Documentation

Index

Constants

View Source 
const (
	KeyHandlerPath    = "/keys"
	WellKnownKeysPath = "/.well-known/jwks.json"
)

Variables

View Source 
var ErrMinimalRsaKeyLength = &fosite.RFC6749Error{
	CodeField:        http.StatusBadRequest,
	ErrorField:       http.StatusText(http.StatusBadRequest),
	DescriptionField: "Unsupported RSA key length",
}
View Source 
var ErrUnsupportedEllipticCurve = &fosite.RFC6749Error{
	CodeField:        http.StatusBadRequest,
	ErrorField:       http.StatusText(http.StatusBadRequest),
	DescriptionField: "Unsupported elliptic curve",
}
View Source 
var ErrUnsupportedKeyAlgorithm = &fosite.RFC6749Error{
	CodeField:        http.StatusBadRequest,
	ErrorField:       http.StatusText(http.StatusBadRequest),
	DescriptionField: "Unsupported key algorithm",
}

Functions

func EnsureAsymmetricKeypairExists 

func EnsureAsymmetricKeypairExists(ctx context.Context, r InternalRegistry, alg, set string) error

func ExcludeOpaquePrivateKeys 

func ExcludeOpaquePrivateKeys(set *jose.JSONWebKeySet) *jose.JSONWebKeySet

func ExcludePrivateKeys 

func ExcludePrivateKeys(set *jose.JSONWebKeySet) *jose.JSONWebKeySet

func ExcludePublicKeys 

func ExcludePublicKeys(set *jose.JSONWebKeySet) *jose.JSONWebKeySet

func FindPrivateKey 

func FindPrivateKey(set *jose.JSONWebKeySet) (key *jose.JSONWebKey, err error)

func FindPublicKey 

func FindPublicKey(set *jose.JSONWebKeySet) (key *jose.JSONWebKey, err error)

func First 

func First(keys []jose.JSONWebKey) *jose.JSONWebKey

func GenerateJWK 

func GenerateJWK(ctx context.Context, alg jose.SignatureAlgorithm, kid, use string) (*jose.JSONWebKeySet, error)

func GetOrGenerateKeys 

func GetOrGenerateKeys(ctx context.Context, r InternalRegistry, m Manager, set, kid, alg string) (private *jose.JSONWebKey, err error)

func MustRSAPrivate 

func MustRSAPrivate(key *jose.JSONWebKey) *rsa.PrivateKey

func MustRSAPublic 

func MustRSAPublic(key *jose.JSONWebKey) *rsa.PublicKey

func OnlyPublicSDKKeys added in v2.2.0 

func OnlyPublicSDKKeys(in []hydra.JsonWebKey) (out []hydra.JsonWebKey, _ error)

func PEMBlockForKey 

func PEMBlockForKey(key interface{}) (*pem.Block, error)

func RandomBytes 

func RandomBytes(n int) ([]byte, error)

func TestHelperManagerGenerateAndPersistKeySet 

func TestHelperManagerGenerateAndPersistKeySet(m Manager, alg string, parallel bool) func(t *testing.T)

func TestHelperManagerKey 

func TestHelperManagerKey(m Manager, algo string, keys *jose.JSONWebKeySet, suffix string) func(t *testing.T)

func TestHelperManagerKeySet 

func TestHelperManagerKeySet(m Manager, algo string, keys *jose.JSONWebKeySet, suffix string, parallel bool) func(t *testing.T)

func TestHelperManagerNIDIsolationKeySet 

func TestHelperManagerNIDIsolationKeySet(t1 Manager, t2 Manager, alg string) func(t *testing.T)

func TestHelperNID 

func TestHelperNID(t1ValidNID Manager, t2InvalidNID Manager) func(t *testing.T)

func ToRSAPrivate 

func ToRSAPrivate(key *jose.JSONWebKey) (*rsa.PrivateKey, error)

func ToRSAPublic 

func ToRSAPublic(key *jose.JSONWebKey) (*rsa.PublicKey, error)

Types

type DefaultJWTSigner 

type DefaultJWTSigner struct {
	*jwt.DefaultSigner
	// contains filtered or unexported fields
}

func NewDefaultJWTSigner 

func NewDefaultJWTSigner(c *config.DefaultProvider, r InternalRegistry, setID string) *DefaultJWTSigner

func (*DefaultJWTSigner) GetPublicKey 

func (j *DefaultJWTSigner) GetPublicKey(ctx context.Context) (jose.JSONWebKey, error)

func (*DefaultJWTSigner) GetPublicKeyID 

func (j *DefaultJWTSigner) GetPublicKeyID(ctx context.Context) (string, error)

type Handler 

type Handler struct {
	// contains filtered or unexported fields
}

func NewHandler 

func NewHandler(r InternalRegistry) *Handler

func (*Handler) SetRoutes 

func (h *Handler) SetRoutes(admin *httprouterx.RouterAdmin, public *httprouterx.RouterPublic, corsMiddleware func(http.Handler) http.Handler)

type InternalRegistry 

type InternalRegistry interface {
	x.RegistryWriter
	x.RegistryLogger
	Registry
}

type JWTSigner 

type JWTSigner interface {
	GetPublicKeyID(ctx context.Context) (string, error)
	GetPublicKey(ctx context.Context) (jose.JSONWebKey, error)
	jwt.Signer
}

type KeyGenerator 

type KeyGenerator interface {
	Generate(id, use string) (*jose.JSONWebKeySet, error)
}

type Manager 

type Manager interface {
	GenerateAndPersistKeySet(ctx context.Context, set, kid, alg, use string) (*jose.JSONWebKeySet, error)

	AddKey(ctx context.Context, set string, key *jose.JSONWebKey) error

	AddKeySet(ctx context.Context, set string, keys *jose.JSONWebKeySet) error

	UpdateKey(ctx context.Context, set string, key *jose.JSONWebKey) error

	UpdateKeySet(ctx context.Context, set string, keys *jose.JSONWebKeySet) error

	GetKey(ctx context.Context, set, kid string) (*jose.JSONWebKeySet, error)

	GetKeySet(ctx context.Context, set string) (*jose.JSONWebKeySet, error)

	DeleteKey(ctx context.Context, set, kid string) error

	DeleteKeySet(ctx context.Context, set string) error
}

type ManagerStrategy 

type ManagerStrategy struct {
	// contains filtered or unexported fields
}

func NewManagerStrategy 

func NewManagerStrategy(hardwareKeyManager Manager, softwareKeyManager Manager) *ManagerStrategy

func (ManagerStrategy) AddKey 

func (m ManagerStrategy) AddKey(ctx context.Context, set string, key *jose.JSONWebKey) error

func (ManagerStrategy) AddKeySet 

func (m ManagerStrategy) AddKeySet(ctx context.Context, set string, keys *jose.JSONWebKeySet) error

func (ManagerStrategy) DeleteKey 

func (m ManagerStrategy) DeleteKey(ctx context.Context, set, kid string) error

func (ManagerStrategy) DeleteKeySet 

func (m ManagerStrategy) DeleteKeySet(ctx context.Context, set string) error

func (ManagerStrategy) GenerateAndPersistKeySet 

func (m ManagerStrategy) GenerateAndPersistKeySet(ctx context.Context, set, kid, alg, use string) (*jose.JSONWebKeySet, error)

func (ManagerStrategy) GetKey 

func (m ManagerStrategy) GetKey(ctx context.Context, set, kid string) (*jose.JSONWebKeySet, error)

func (ManagerStrategy) GetKeySet 

func (m ManagerStrategy) GetKeySet(ctx context.Context, set string) (*jose.JSONWebKeySet, error)

func (ManagerStrategy) UpdateKey 

func (m ManagerStrategy) UpdateKey(ctx context.Context, set string, key *jose.JSONWebKey) error

func (ManagerStrategy) UpdateKeySet 

func (m ManagerStrategy) UpdateKeySet(ctx context.Context, set string, keys *jose.JSONWebKeySet) error

type Registry 

type Registry interface {
	config.Provider
	KeyManager() Manager
	SoftwareKeyManager() Manager
	KeyCipher() *aead.AESGCM
}

type SQLData 

type SQLData struct {
	ID  uuid.UUID `db:"pk"`
	NID uuid.UUID `json:"-" db:"nid"`
	// This field is deprecated and will be removed
	PKDeprecated int64     `json:"-" db:"pk_deprecated"`
	Set          string    `db:"sid"`
	KID          string    `db:"kid"`
	Version      int       `db:"version"`
	CreatedAt    time.Time `db:"created_at"`
	Key          string    `db:"keydata"`
}

func (SQLData) TableName 

func (d SQLData) TableName() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.