token

package
v0.14.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 13, 2024 License: AGPL-3.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

View Source
const (
	GoogleOpenIDConfigurationURI = "https://accounts.google.com/.well-known/openid-configuration"
	GoogleJWKSURI                = "https://www.googleapis.com/oauth2/v3/certs"

	UseSignature = "sig"

	HeaderAlgorithm = "alg"
	HeaderKeyID     = "kid"

	ClaimIssuer     = "iss"
	ClaimAudience   = "aud"
	ClaimSubject    = "sub"
	ClaimExpiration = "exp"
	ClaimNotBefore  = "nbf"
	ClaimIssuedAt   = "iat"
)

Variables

View Source
var (
	ErrExpectedRSA256     = errors.New("Token signature must be RS256")
	ErrKeyNotFound        = errors.New("Key not found")
	ErrSigningKeyRequired = errors.New("Signing key required")
	ErrAudience           = errors.New("Audience mismatch")
)

Functions

func ValidateGoogleToken

func ValidateGoogleToken(client client.Getter, tokenString, audience string) error

Types

type JSONWebKey

type JSONWebKey struct {
	KeyID     string `json:"kid"`
	KeyType   string `json:"kty"`
	Algorithm string `json:"alg"`
	Use       string `json:"use"`
	N         string `json:"n"` // modulus
	E         string `json:"e"` // public exponent
}

func GoogleWebKey

func GoogleWebKey(client client.Getter, kid string) (JSONWebKey, error)

func (JSONWebKey) PublicKey

func (k JSONWebKey) PublicKey() (*rsa.PublicKey, error)

type JWKS

type JWKS struct {
	Keys []JSONWebKey `json:"keys"`
}

func GetJWKS

func GetJWKS(c client.Getter, url string) (JWKS, error)

type OpenIDConfiguration

type OpenIDConfiguration struct {
	Issuer                            string   `json:"issuer"`
	AuthorizationEndpoint             string   `json:"authorization_endpoint"`
	DeviceAuthorizationEndpoint       string   `json:"device_authorization_endpoint"`
	TokenEndpoint                     string   `json:"token_endpoint"`
	UserInfoEndpoint                  string   `json:"userinfo_endpoint"`
	RevocationEndpoint                string   `json:"revocation_endpoint"`
	JWKS_URI                          string   `json:"jwks_uri"`
	ResponseTypesSupported            []string `json:"response_types_supported"`
	SubjectTypesSupported             []string `json:"subject_types_supported"`
	IdTokenSigningAlgValuesSupported  []string `json:"id_token_signing_alg_values_supported"`
	ScopesSupported                   []string `json:"scopes_supported"`
	TokenEndpointAuthMethodsSupported []string `json:"code_challenge_methods_supported"`
	GrantTypesSupported               []string `json:"grant_types_supported"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL