Documentation ¶
Overview ¶
Package signer implemnts a common signing/verification interface for OIDC usage.
Index ¶
- type CryptoSigner
- func (c *CryptoSigner) PublicKeys(_ context.Context) (*jose.JSONWebKeySet, error)
- func (c *CryptoSigner) Sign(ctx context.Context, data []byte) (signed []byte, err error)
- func (c *CryptoSigner) SignerAlg(_ context.Context) (jose.SignatureAlgorithm, error)
- func (c *CryptoSigner) VerifySignature(ctx context.Context, jwt string) (payload []byte, err error)
- type StaticSigner
- func (s *StaticSigner) PublicKeys(_ context.Context) (*jose.JSONWebKeySet, error)
- func (s *StaticSigner) Sign(ctx context.Context, data []byte) (signed []byte, err error)
- func (s *StaticSigner) SignerAlg(_ context.Context) (jose.SignatureAlgorithm, error)
- func (s *StaticSigner) VerifySignature(ctx context.Context, jwt string) (payload []byte, err error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CryptoSigner ¶
type CryptoSigner struct {
// contains filtered or unexported fields
}
func NewFromCrypto ¶
func NewFromCrypto(signer crypto.Signer, keyID string) (*CryptoSigner, error)
NewFromCrypto returns a new Signer, that wraps a crypto.Signer for the actual signing/public key options. keyID is used to set the `kid` (https://tools.ietf.org/html/rfc7517#section-4.5) field for the returned JWK, as there's no good way to infer it from the given signer.
func (*CryptoSigner) PublicKeys ¶
func (c *CryptoSigner) PublicKeys(_ context.Context) (*jose.JSONWebKeySet, error)
PublicKeys returns the public key set this signer is valid for
func (*CryptoSigner) SignerAlg ¶
func (c *CryptoSigner) SignerAlg(_ context.Context) (jose.SignatureAlgorithm, error)
SignerAlg returns the algorithm this signer uses
func (*CryptoSigner) VerifySignature ¶
VerifySignature verifies the signature given token against the current signers
type StaticSigner ¶
type StaticSigner struct {
// contains filtered or unexported fields
}
StaticSigner uses a fixed set of keys to manage signing operations
func NewStatic ¶
func NewStatic(signingKey jose.SigningKey, verificationKeys []jose.JSONWebKey) *StaticSigner
NewStatic returns a StaticSigner with the provided keys
func (*StaticSigner) PublicKeys ¶
func (s *StaticSigner) PublicKeys(_ context.Context) (*jose.JSONWebKeySet, error)
PublicKeys returns a keyset of all valid signer public keys considered valid for signed tokens
func (*StaticSigner) SignerAlg ¶
func (s *StaticSigner) SignerAlg(_ context.Context) (jose.SignatureAlgorithm, error)
SignerAlg returns the algorithm the signer uses
func (*StaticSigner) VerifySignature ¶
VerifySignature verifies the signature given token against the current signers