jwt

Documentation

Overview

Package jwt contains functions related to JWT signing and validation.

Currently, only PS512 algorithm is supported, more methods will be added in future releases.

Index

• type Claims
  • func NewClaims() *Claims
  • func (c *Claims) WithDat(dat interface{}) *Claims
  • func (c *Claims) WithExpiry(expiry time.Time) *Claims
• type Manager
• type PS512Manager
  • func NewPS512Manager(publicKey *rsa.PublicKey, privateKey *rsa.PrivateKey) *PS512Manager
  • func (m *PS512Manager) Alg() string
  • func (m *PS512Manager) ParseCustom(token string) (<-chan *Claims, <-chan error)
  • func (m *PS512Manager) SignCustom(claims *Claims) (<-chan string, <-chan error)

Examples

• Claims.WithDat
• Claims.WithExpiry
• NewPS512Manager

Types

type Claims

type Claims struct {
	Dat interface{} `json:"dat,omitempty"`
	*jwt.StandardClaims
}

Claims represents a custom claim where the dat section is used for custom data.

TODO: make this generic in 2.0

func NewClaims

func NewClaims() *Claims

NewClaims creates a new instance of the custom JWT claims.

TODO: make this generic in 2.0

func (*Claims) WithDat

func (c *Claims) WithDat(dat interface{}) *Claims

WithDat adds a dat claim to the JWT token.

TODO: make this generic in 2.0

Example

package main

import (
	"fmt"

	"github.com/qqiao/webapp/v2/jwt"
)

func main() {
	claims := jwt.NewClaims().WithDat("123")

	fmt.Println(claims.Dat)

}

Output:

123

func (*Claims) WithExpiry

func (c *Claims) WithExpiry(expiry time.Time) *Claims

WithExpiry updates the expiry of the JWT token to the time specified.

Example

package main

import (
	"fmt"
	"time"

	"github.com/qqiao/webapp/v2/jwt"
)

func main() {
	now := time.Unix(0, 0).Add(1 * time.Hour)
	claims := jwt.NewClaims().WithExpiry(now)
	fmt.Printf("%d", claims.ExpiresAt)

}

Output:

3600

type Manager

type Manager interface {
	// Alg returns the signing algorithm supported by the current manager
	// instance.
	Alg() string

	// ParseCustom parses a JWT token with the claims and returns the claims of
	// the token.
	ParseCustom(token string) (<-chan *Claims, <-chan error)

	// SignCustom signs the JWT token with the given claims.
	SignCustom(claims *Claims) (<-chan string, <-chan error)
}

Manager is responsible for all the JWT token related operations.

type PS512Manager

type PS512Manager struct {
	// contains filtered or unexported fields
}

PS512Manager is responsible for creating and validating JWT tokens using PS512 algorithm.

Given that validating JWT comes with a hefty cost, internally, the manager caches already validated tokens, so if the same token is validated repeatedly, cached results will be returned.

func NewPS512Manager

func NewPS512Manager(publicKey *rsa.PublicKey, privateKey *rsa.PrivateKey) *PS512Manager

NewPS512Manager creates a new JWT client that signs and validates JWT tokens using the PS512 algorithm.

Example

package main

import (
	"crypto/rsa"
	"fmt"

	j "github.com/golang-jwt/jwt/v4"
	"github.com/qqiao/webapp/v2/jwt"
)

func init() {
	privateKey, _ := j.ParseRSAPrivateKeyFromPEM([]byte(`
-----BEGIN RSA PRIVATE KEY-----
MIIJKAIBAAKCAgEAwe3SUOlXW3TRxOs+CfJb9xABVCSW9LdjRKAvJvcAvbR5nVVX
fv078fVL+9a/mr+V2FzPXi/QRW7QeFEBT9gOpljYxRWH8T+6hA2UETrDaYGsjEcj
l1YridwlH5elVsn0tvcCE2B9lKYhAYwsMx3qmcaCUXonC21aa+uncGdrxCFkxh1u
osdCy81eaXMU5hyuDYRsddVcyG9XaZSFKmcPm2IFG1rwEDrl8AXjAo+h+u/7ekSz
YCwIckp6VbJ/FyD3p7OG8RtTIycbxceVaZcYAfjS2volBV+pjpsa5+LvU4AuYu4l
BOcfOyzLkIQUb6EVTnSVw4H7efahLkAfv3dWlbzu3gmYlFo5cd/tCqdXfm+xWYOx
GOw6ko7aS3C5W/zYBapyTfNnsHLpz447TvKzekYzcyu+bueFEUpCta3O6pi57HdI
95vNEcLz7hS1yzQme+zBY7liuQWQ/r0dVAnGksZnaHodfr/vGmeer0vahkpDgzzk
2ucbyX1n6YM6nnlFcCcRWkYs6bArz2xswhuuX38Ffkxe5i0ICG3OJks8de/1qb3f
cFv5Tlf6U9c/giZsrpjxDuK05QR+LOSHd6YyTEZPQCoOkZTAV0DmzZGu3LAsSZFJ
Du/Yp345CyWm1sY5RvqM4pyRcrgTRIdvoBPurxYt4E6zaoD1Ix9YXh2bKocCAwEA
AQKCAgEAu+CvlPu7SjtOzrwpCnHmbuDuqJoaNVNFtMKLa/B4o1EpUSfQ8JJddPf0
eTN/xWg+v7KKo/EmkV3eUfIIl1X2O2pv99/4J91Z0X1mKZsInjqm8/AnpwIwhArn
XEgKQp69mlSLikI857pa16j5WTxugDQ1JMJ2+TckFtHjEZ7gZM8FVnpFKSZqrA92
nCqF4LmAVlAo06+1h+l2gi8FJCNcl2jLEcl0MgUdpv/NAjos73N36uiL72w5cqB9
DHE1dy7VP39KCGQ0kyXcXiwRsI5VD/QEM2mMXDxlhGb4FhdhTUAtsGKPMsTHGQk4
3fVX5x3kCnIgdZyECZDKbohpOZFgK1f+ws7SuXSdXN4TmMe6+GXd9vKYQF4cBQTz
hHM8jGMMZ65ai6RPbOalxaIfO0/DFAElSYB+ISgqEmw2w8U3srmelAiwJgOvq+Xh
F5GPVjhnSKLRuFpGSAKrjemVz2D770I7tWwuO3DAO90mZd8zVf1oxz4Ybjy4sdn2
8EqHgcP0uHBCiQ8ii6vlh3UlypKNQ+y77c3EZtnpdExfmUkfocwqL1LvVQLNwBh6
NhaIYp0AePtmosgmhnQL4shJjE2t+IfR/X48yUg9nh8yW8izNwYxtcyu/uSJKzsX
rMLO6pHIqRnwKP+kMafIVbyG04HeUB3RSel7FzmvGyqA2u1LYQECggEBAPIDwIiq
0niKIn7DkcJBbhVrFOfbnZMXGPBCYs8SCOA9eBvxc2WFFebRdYQe4PvOZOSX8C2+
zdaN0zkxzdcvZbzWzFXvJ8QVUzowATqDrh9hPBu8tvvhiMQoyFNoKjOwzjdYOaMj
DLz7yPurEDJ9IDesy/M7OVqGzTxFadTFLsd2Rf2W4Cnn0dCE67BT5FF7/HSgFqcW
REKBiT0GpZ/zmB0CyAEaOR+xrQIYjLbR3DgI4MDP6FONTJS/PayaNBwd80F5du+r
/5xzh1KXLnvZw1VcJ8Yy1hZoGyFSXV9XSJevGI7esOpyQx7duyci0nUr6BfM0w3N
gC4/0Uzv0W6VVucCggEBAM0itp3bMWCRlIXJbzylbOAtBj1LckIz9h+2Teug+MOj
bbFUtAuO9XwZ+sFvSh2sUFgq2Mk6qsxgXtyhCrDq/5JatUTdLgfq5227FMptTebU
9CroBMRZMqu9qAvcH/RkcHVnX1IuffNKndSlRoigjQ0P0ZCYTueQfczQ+ont+dVM
BrVs5FKjl5TgqanBKdDf3a+k9IRbiDLf2m98Rl0HHe8HF53XnjhqAOKOrQtvkBJ4
z5Yq3fSs3ev4c6D3nZnwtkes8dJE/kwz0gY190LNJieahcLf2zIkuz74zqpxXst8
DsRY4Za3K874zvsw8zIVO1tV2Ak4W+CX2a2GBppSO2ECggEASgDrtt7FTSawNaMH
xybKyrHbyqpVHM1LSuyB2l/hZvBk8eZ7KufvMo2KKcRnd5g9MclkIBjgSGNF249n
Kg3MRlpIUV64AjWjJX/YYFQzwlSxVKn4Kj1k3Na7qwWHIhdGd5X6ye/FzWQQqSQ9
57JrT5r/InlRqGTgDTYMjotdKpD4BftEwIuqlOCQUXLVtjT7lY3+X0lnxg5mMMr/
ilGqifR3xB6IqTBjfuiS3rR9aoUMdOkeWa4zZKi16zmcBZ0C7Vp/C/rERsrs7kxc
YnLMUCXF481XubJL2XyeILFH+VoJYGaoIoieDaovuF/liv7KEb0ILIhSUdIh5izP
FcmEsQKCAQABlkIpaHeyUo3+lvdYVcNI3LBOqxXAM1y1FBj4OK+T++CuXYRjDoER
q7XH50+AeUPJ2tMAg4asvBYfyNMnWToO7Mq4NKnVf9i4fZkEk+HlZkJZTqAy0KnW
sEnrhZFtt5UzI1CWdyucRTiBW6H3Dp7oufWaE8OQgQqoGfnGNWQYZVUr9CK0DPXw
PeiyGn9zUTgK0tDdcUPVeOvcru5wa8yse7aQDwn3T8Kf/hCSpRNNQUgB1mUPLoMs
/ygN17yNY1JVrZ3VTZlWB5SZXbOC/clMxyI/xrGQar5UF2Kp6OSd2GDY3gMowlQB
buVTBibrfUSPSVO5hokXbLVPZVkJupchAoIBAEsz3i0TAjdONwarYJVQxXXgWaAZ
RvqCghs2a8ZGzIpUM+j5HUBnjB5A01CllBK7glDHYvQ15FFNmIATXhlbBPVMx8aI
3172i27hGdWiQ/zYtZCaysmx2fm/HU+Av8UAIe2YwHNpSQAkpazzoMssZQRAhnYp
gLsEcJPphUbk+cUKZFYImy3WVNCwNT4v69e7nD32b8P53RKOnC+EUJlaGRG4NGqX
t/j2Bziq1w53r62wYST9Hjivy0e73YYkCt+W2A6rT40Ebd3XCptxzSXuX6TFWOt/
wcwRjMU2zNSZq8CKTTyubm71fKrxq+Kp2UfYuf0e/W8oI8uFV5BdQWtavT8=
-----END RSA PRIVATE KEY-----
`))

	publicKey, _ := j.ParseRSAPublicKeyFromPEM([]byte(`
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwe3SUOlXW3TRxOs+CfJb
9xABVCSW9LdjRKAvJvcAvbR5nVVXfv078fVL+9a/mr+V2FzPXi/QRW7QeFEBT9gO
pljYxRWH8T+6hA2UETrDaYGsjEcjl1YridwlH5elVsn0tvcCE2B9lKYhAYwsMx3q
mcaCUXonC21aa+uncGdrxCFkxh1uosdCy81eaXMU5hyuDYRsddVcyG9XaZSFKmcP
m2IFG1rwEDrl8AXjAo+h+u/7ekSzYCwIckp6VbJ/FyD3p7OG8RtTIycbxceVaZcY
AfjS2volBV+pjpsa5+LvU4AuYu4lBOcfOyzLkIQUb6EVTnSVw4H7efahLkAfv3dW
lbzu3gmYlFo5cd/tCqdXfm+xWYOxGOw6ko7aS3C5W/zYBapyTfNnsHLpz447TvKz
ekYzcyu+bueFEUpCta3O6pi57HdI95vNEcLz7hS1yzQme+zBY7liuQWQ/r0dVAnG
ksZnaHodfr/vGmeer0vahkpDgzzk2ucbyX1n6YM6nnlFcCcRWkYs6bArz2xswhuu
X38Ffkxe5i0ICG3OJks8de/1qb3fcFv5Tlf6U9c/giZsrpjxDuK05QR+LOSHd6Yy
TEZPQCoOkZTAV0DmzZGu3LAsSZFJDu/Yp345CyWm1sY5RvqM4pyRcrgTRIdvoBPu
rxYt4E6zaoD1Ix9YXh2bKocCAwEAAQ==
-----END PUBLIC KEY-----
`))

	ps512 := jwt.NewPS512Manager(publicKey, privateKey)

	testCases = append(testCases, testCase{
		manager:  ps512,
		expected: "1",
		token:    `eyJhbGciOiJQUzUxMiIsInR5cCI6IkpXVCJ9.eyJkYXQiOiIxIiwiZXhwIjoyNTM0MDIyNzE5OTl9.acGc_2bhg9ELH0YCumW8BBrsI7nNXUw2CJWMOJVRXbYCGY3BvKBWkNKFuy-q_zRZ8RDlN1qI0oKokakHxk_94Gg8x7ttJbVg5-dysL3hhS0E5eZGpX40ujSSqW5s1bctBjOjAFU9weR7DKSqznglMgUL6_K11I2F8ZG3aTTtc8wFMN3D1wplqiw3RhbLbsyFJx8p2ZEokIzofNP7SIUcmKyXuVx9_me9BRdfTH8mwJ4miSfyW8Aq9vASGWYb8TDuTlPi4yGTrzzjvzdG8OLyfkoK4oaK_6uW2ZzAwkXFjMLiy1RuRkj36aH5IOGSoBdS8ns32wfeOu8mTOzn_dOa2ztIQD_iwX5z-3kcx_v1emAzvsPro7p6yPjE75Z5qU0rw7EgHYvCigg96hLs1ghNRHFN4Xx5ahMl4dqDJPA0L6EQsj80mqfDgAJ7285jYpZs28X7Ij19fqRoVw-fvsj_zcEI4WJnhapY9pbiOwbh8EUxtltgW3IiPzKLohgAF8JZ6rnnJJqOWi9TGbknfeLh6cXkohWMTlk8q6uu9g25SLdravvCUReFvIkJYIukO2y8wDPTlB9gOR9uQcdTKn-Wr6G43GS05hhappKjotAqxuvlaMEdaVHh_Qr1fLcy7erMd69irR7dbMsfZ5BriEyWE9OTAr8Ano7qoXMZlqt-37Q`,
		dat:      []string{"1", "中文"},
	})
}

func main() {
	// In real program usage, the private and public key pair has to be real
	// and should not be dummy ones like this
	privateKey := &rsa.PrivateKey{}
	publicKey := &rsa.PublicKey{}

	manager := jwt.NewPS512Manager(publicKey, privateKey)
	fmt.Println(manager.Alg())

}

Output:

PS512

func (*PS512Manager) Alg

func (m *PS512Manager) Alg() string

Alg returns the signing algorithm supported by the current manager instance.

func (*PS512Manager) ParseCustom

func (m *PS512Manager) ParseCustom(token string) (<-chan *Claims,
	<-chan error)

ParseCustom parses a JWT token with the claims and returns the claims of the token.

TODO: make this generic in 2.0

func (*PS512Manager) SignCustom

func (m *PS512Manager) SignCustom(claims *Claims) (<-chan string,
	<-chan error)

SignCustom signs the JWT token with the given claims.

TODO: make this generic in 2.0