keyfunc

package
v0.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 12, 2022 License: MIT Imports: 15 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (

	// ErrKIDNotFound indicates that the given key ID was not found in the JWKs.
	ErrKIDNotFound = errors.New("the given key ID was not found in the JWKs")

	// ErrMissingAssets indicates there are required assets missing to create a public key.
	ErrMissingAssets = errors.New("required assets are missing to create a public key")
)
View Source 
var (

	// ErrKID indicates that the JWT had an invalid kid.
	ErrKID = errors.New("the JWT has an invalid kid")

	// ErrUnsupportedKeyType indicates the JWT key type is an unsupported type.
	ErrUnsupportedKeyType = errors.New("the JWT key type is unsupported")
)

Functions

This section is empty.

Types

type ErrorHandler 

type ErrorHandler func(err error)

ErrorHandler is a function signature that consumes an error.

type JSONKey 

type JSONKey struct {
	Curve    string `json:"crv"`
	Exponent string `json:"e"`
	ID       string `json:"kid"`
	Modulus  string `json:"n"`
	X        string `json:"x"`
	Y        string `json:"y"`
	// contains filtered or unexported fields
}

JSONKey represents a raw key inside a JWKs.

func (*JSONKey) ECDSA 

func (j *JSONKey) ECDSA() (publicKey *ecdsa.PublicKey, err error)

ECDSA parses a JSONKey and turns it into an ECDSA public key.

func (*JSONKey) RSA 

func (j *JSONKey) RSA() (publicKey *rsa.PublicKey, err error)

RSA parses a JSONKey and turns it into an RSA public key.

type JWKs 

type JWKs struct {
	Keys map[string]*JSONKey
	// contains filtered or unexported fields
}

JWKs represents a JSON Web Key Set.

func Get 

func Get(jwksURL string, options ...Options) (jwks *JWKs, err error)

Get loads the JWKs at the given URL.

func New 

func New(jwksBytes json.RawMessage) (jwks *JWKs, err error)

New creates a new JWKs from a raw JSON message.

func (*JWKs) EndBackground 

func (j *JWKs) EndBackground()

EndBackground ends the background goroutine to update the JWKs. It can only happen once and is only effective if the JWKs has a background goroutine refreshing the JWKs keys.

func (*JWKs) KeyFunc 

func (j *JWKs) KeyFunc(token *jwt.Token) (interface{}, error)

KeyFunc is a compatibility function that matches the signature of github.com/dgrijalva/jwt-go's KeyFunc function.

type Options 

type Options struct {

	// Client is the HTTP client used to get the JWKs via HTTP.
	Client *http.Client

	// RefreshInterval is the duration to refresh the JWKs in the background via a new HTTP request.
	// If this is not nil,
	// then a background refresh will be performed in a separate goroutine until the JWKs method
	// EndBackground is
	// called.
	RefreshInterval *time.Duration

	// RefreshTimeout is the duration for the context used to create the HTTP request for a refresh
	// of the JWKs. This
	// defaults to one minute. This is only effectual if RefreshInterval is not nil.
	RefreshTimeout *time.Duration

	// RefreshErrorHandler is a function that consumes errors that happen during a JWKs refresh.
	// This is only effectual
	// if RefreshInterval is not nil.
	RefreshErrorHandler ErrorHandler

	// RefreshUnknownKID indicates that the JWKs should be refreshed via HTTP every time a kid that
	// isn't known is
	// found. This means that a malicious client could self-sign X JWTs, send them to this service,
	// then cause
	// potentially high network usage proportional to X.
	RefreshUnknownKID *bool
}

Options represents the configuration options for a JWKs.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.