README
¶
kmsjwt
This little utility library provides an AWS KMS-based implementation of jwt.SigningMethod.
You will be using an instance of context.Context as the encryption key.
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type KMS ¶
type KMS interface {
GetPublicKey(context.Context, *kms.GetPublicKeyInput, ...func(*kms.Options)) (*kms.GetPublicKeyOutput, error)
Sign(context.Context, *kms.SignInput, ...func(*kms.Options)) (*kms.SignOutput, error)
}
KMS defines a small part of the AWS KMS interface, that is required by the signer to work.
type KMSJWT ¶
type KMSJWT struct {
// contains filtered or unexported fields
}
KMSJWT is a JWT signing method implementation using an asymmetric AWS KMS key. The signing is done by KMS service, so there is a network call on every sign action. The verification is done on the client side with the exported public key. The public key is retrieved from KMS on initialization.
func (KMSJWT) Alg ¶
Alg returns the signing algorithm as defined in https://datatracker.ietf.org/doc/html/rfc7518#section-3.1.
func (KMSJWT) Sign ¶
Sign signs the signingString with AWS KMS using the key ID stored on the object. The key parameter expects a context.Context that is used for the network call to KMS.
Source Files