jwk

package
v1.0.0-beta.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 7, 2018 License: Apache-2.0 Imports: 30 Imported by: 173

Documentation

Index

Constants

View Source 
const (
	IDTokenKeyName    = "hydra.openid.id-token"
	KeyHandlerPath    = "/keys"
	WellKnownKeysPath = "/.well-known/jwks.json"
)

Variables

This section is empty.

Functions

func FindKeyByPrefix 

func FindKeyByPrefix(set *jose.JSONWebKeySet, prefix string) (key *jose.JSONWebKey, err error)

func FindKeysByPrefix 

func FindKeysByPrefix(set *jose.JSONWebKeySet, prefix string) (*jose.JSONWebKeySet, error)

func First 

func First(keys []jose.JSONWebKey) *jose.JSONWebKey

func MustRSAPrivate 

func MustRSAPrivate(key *jose.JSONWebKey) *rsa.PrivateKey

func MustRSAPublic 

func MustRSAPublic(key *jose.JSONWebKey) *rsa.PublicKey

func PEMBlockForKey 

func PEMBlockForKey(key interface{}) (*pem.Block, error)

func RandomBytes 

func RandomBytes(n int) ([]byte, error)

func TestHelperManagerKey 

func TestHelperManagerKey(m Manager, keys *jose.JSONWebKeySet, suffix string) func(t *testing.T)

func TestHelperManagerKeySet 

func TestHelperManagerKeySet(m Manager, keys *jose.JSONWebKeySet, suffix string) func(t *testing.T)

func ToRSAPrivate 

func ToRSAPrivate(key *jose.JSONWebKey) (*rsa.PrivateKey, error)

func ToRSAPublic 

func ToRSAPublic(key *jose.JSONWebKey) (*rsa.PublicKey, error)

Types

type AEAD 

type AEAD struct {
	Key []byte
}

func (*AEAD) Decrypt 

func (c *AEAD) Decrypt(ciphertext string) ([]byte, error)

func (*AEAD) Encrypt 

func (c *AEAD) Encrypt(plaintext []byte) (string, error)

type ECDSA256Generator 

type ECDSA256Generator struct{}

func (*ECDSA256Generator) Generate 

func (g *ECDSA256Generator) Generate(id, use string) (*jose.JSONWebKeySet, error)

type ECDSA512Generator 

type ECDSA512Generator struct{}

func (*ECDSA512Generator) Generate 

func (g *ECDSA512Generator) Generate(id, use string) (*jose.JSONWebKeySet, error)

type HS256Generator 

type HS256Generator struct{}

func (*HS256Generator) Generate 

func (g *HS256Generator) Generate(id, use string) (*jose.JSONWebKeySet, error)

type HS512Generator 

type HS512Generator struct{}

func (*HS512Generator) Generate 

func (g *HS512Generator) Generate(id, use string) (*jose.JSONWebKeySet, error)

type Handler 

type Handler struct {
	Manager    Manager
	Generators map[string]KeyGenerator
	H          herodot.Writer
}

func (*Handler) Create 

func (h *Handler) Create(w http.ResponseWriter, r *http.Request, ps httprouter.Params)

swagger:route POST /keys/{set} jsonWebKey createJsonWebKeySet

Generate a new JSON Web Key

This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys (RS256, ECDSA). If the specified JSON Web Key Set does not exist, it will be created.

A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. 

Consumes:
- application/json

Produces:
- application/json

Schemes: http, https

Responses:
  200: jsonWebKeySet
  401: genericError
  403: genericError
  500: genericError

func (*Handler) DeleteKey 

func (h *Handler) DeleteKey(w http.ResponseWriter, r *http.Request, ps httprouter.Params)

swagger:route DELETE /keys/{set}/{kid} jsonWebKey deleteJsonWebKey

Delete a JSON Web Key

Use this endpoint to delete a single JSON Web Key.

A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. 

Consumes:
- application/json

Produces:
- application/json

Schemes: http, https

Responses:
  204: emptyResponse
  401: genericError
  403: genericError
  500: genericError

func (*Handler) DeleteKeySet 

func (h *Handler) DeleteKeySet(w http.ResponseWriter, r *http.Request, ps httprouter.Params)

swagger:route DELETE /keys/{set} jsonWebKey deleteJsonWebKeySet

Delete a JSON Web Key Set

Use this endpoint to delete a complete JSON Web Key Set and all the keys in that set.

A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. 

Consumes:
- application/json

Produces:
- application/json

Schemes: http, https

Responses:
  204: emptyResponse
  401: genericError
  403: genericError
  500: genericError

func (*Handler) GetGenerators added in v0.2.0 

func (h *Handler) GetGenerators() map[string]KeyGenerator

func (*Handler) GetKey 

func (h *Handler) GetKey(w http.ResponseWriter, r *http.Request, ps httprouter.Params)

swagger:route GET /keys/{set}/{kid} jsonWebKey getJsonWebKey

Retrieve a JSON Web Key

This endpoint can be used to retrieve JWKs stored in ORY Hydra.

A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. 

Consumes:
- application/json

Produces:
- application/json

Schemes: http, https

Responses:
  200: jsonWebKeySet
  401: genericError
  403: genericError
  500: genericError

func (*Handler) GetKeySet 

func (h *Handler) GetKeySet(w http.ResponseWriter, r *http.Request, ps httprouter.Params)

swagger:route GET /keys/{set} jsonWebKey getJsonWebKeySet

Retrieve a JSON Web Key Set

This endpoint can be used to retrieve JWK Sets stored in ORY Hydra.

A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. 

Consumes:
- application/json

Produces:
- application/json

Schemes: http, https

Responses:
  200: jsonWebKeySet
  401: genericError
  403: genericError
  500: genericError

func (*Handler) SetRoutes 

func (h *Handler) SetRoutes(r *httprouter.Router)

func (*Handler) UpdateKey 

func (h *Handler) UpdateKey(w http.ResponseWriter, r *http.Request, ps httprouter.Params)

swagger:route PUT /keys/{set}/{kid} jsonWebKey updateJsonWebKey

Update a JSON Web Key

Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your own.

A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. 

Consumes:
- application/json

Produces:
- application/json

Schemes: http, https

Responses:
  200: jsonWebKey
  401: genericError
  403: genericError
  500: genericError

func (*Handler) UpdateKeySet 

func (h *Handler) UpdateKeySet(w http.ResponseWriter, r *http.Request, ps httprouter.Params)

swagger:route PUT /keys/{set} jsonWebKey updateJsonWebKeySet

Update a JSON Web Key Set

Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your own.

A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. 

Consumes:
- application/json

Produces:
- application/json

Schemes: http, https

Responses:
  200: jsonWebKeySet
  401: genericError
  403: genericError
  500: genericError

func (*Handler) WellKnown 

func (h *Handler) WellKnown(w http.ResponseWriter, r *http.Request, ps httprouter.Params)

swagger:route GET /.well-known/jwks.json oAuth2 wellKnown

Get Well-Known JSON Web Keys

Returns metadata for discovering important JSON Web Keys. Currently, this endpoint returns the public key for verifying OpenID Connect ID Tokens.

A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. 

Consumes:
- application/json

Produces:
- application/json

Schemes: http, https

Responses:
  200: jsonWebKeySet
  401: genericError
  403: genericError
  500: genericError

type KeyGenerator 

type KeyGenerator interface {
	Generate(id, use string) (*jose.JSONWebKeySet, error)
}

type Manager 

type Manager interface {
	AddKey(set string, key *jose.JSONWebKey) error

	AddKeySet(set string, keys *jose.JSONWebKeySet) error

	GetKey(set, kid string) (*jose.JSONWebKeySet, error)

	GetKeySet(set string) (*jose.JSONWebKeySet, error)

	DeleteKey(set, kid string) error

	DeleteKeySet(set string) error
}

type MemoryManager 

type MemoryManager struct {
	Keys map[string]*jose.JSONWebKeySet
	sync.RWMutex
}

func (*MemoryManager) AddKey 

func (m *MemoryManager) AddKey(set string, key *jose.JSONWebKey) error

func (*MemoryManager) AddKeySet 

func (m *MemoryManager) AddKeySet(set string, keys *jose.JSONWebKeySet) error

func (*MemoryManager) DeleteKey 

func (m *MemoryManager) DeleteKey(set, kid string) error

func (*MemoryManager) DeleteKeySet 

func (m *MemoryManager) DeleteKeySet(set string) error

func (*MemoryManager) GetKey 

func (m *MemoryManager) GetKey(set, kid string) (*jose.JSONWebKeySet, error)

func (*MemoryManager) GetKeySet 

func (m *MemoryManager) GetKeySet(set string) (*jose.JSONWebKeySet, error)

type RS256Generator 

type RS256Generator struct {
	KeyLength int
}

func (*RS256Generator) Generate 

func (g *RS256Generator) Generate(id, use string) (*jose.JSONWebKeySet, error)

type RS256JWTStrategy 

type RS256JWTStrategy struct {
	RS256JWTStrategy *jwt.RS256JWTStrategy
	Manager          Manager
	Set              string
	// contains filtered or unexported fields
}

func NewRS256JWTStrategy 

func NewRS256JWTStrategy(m Manager, set string) (*RS256JWTStrategy, error)

func (*RS256JWTStrategy) Decode 

func (j *RS256JWTStrategy) Decode(token string) (*jwt2.Token, error)

func (*RS256JWTStrategy) Generate 

func (j *RS256JWTStrategy) Generate(claims jwt2.Claims, header jwt.Mapper) (string, string, error)

func (*RS256JWTStrategy) GetPublicKeyID 

func (j *RS256JWTStrategy) GetPublicKeyID() (string, error)

func (*RS256JWTStrategy) GetSignature 

func (j *RS256JWTStrategy) GetSignature(token string) (string, error)

func (*RS256JWTStrategy) GetSigningMethodLength 

func (j *RS256JWTStrategy) GetSigningMethodLength() int

GetSigningMethodLength will return the length of the signing method

func (*RS256JWTStrategy) Hash 

func (j *RS256JWTStrategy) Hash(in []byte) ([]byte, error)

func (*RS256JWTStrategy) Validate 

func (j *RS256JWTStrategy) Validate(token string) (string, error)

type SQLManager 

type SQLManager struct {
	DB     *sqlx.DB
	Cipher *AEAD
}

func (*SQLManager) AddKey 

func (m *SQLManager) AddKey(set string, key *jose.JSONWebKey) error

func (*SQLManager) AddKeySet 

func (m *SQLManager) AddKeySet(set string, keys *jose.JSONWebKeySet) error

func (*SQLManager) CreateSchemas 

func (m *SQLManager) CreateSchemas() (int, error)

func (*SQLManager) DeleteKey 

func (m *SQLManager) DeleteKey(set, kid string) error

func (*SQLManager) DeleteKeySet 

func (m *SQLManager) DeleteKeySet(set string) error

func (*SQLManager) GetKey 

func (m *SQLManager) GetKey(set, kid string) (*jose.JSONWebKeySet, error)

func (*SQLManager) GetKeySet 

func (m *SQLManager) GetKeySet(set string) (*jose.JSONWebKeySet, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.