authhack

Documentation

Index

• Variables
• func AvailableJWTTokensAlgs() []string
• func JwtChangeAlgToNone(token string) (string, error)
• func JwtGenerate(alg string, extraData map[string]interface{}, typ string, key []byte) (string, error)
• func JwtParse(tokenStr string, keys ...string) (*jwt.Token, []byte, error)
• func NewJWTHelper(alg string) (*jwt.Token, error)
• type AuthHackJWTSigningNone
  • func (m *AuthHackJWTSigningNone) Alg() string
  • func (m *AuthHackJWTSigningNone) Sign(signingString string, key interface{}) (string, error)
  • func (m *AuthHackJWTSigningNone) Verify(signingString, signature string, key interface{}) (err error)

Variables

var JWTExports = map[string]interface{}{
	"Parse": JwtParse,
	"JWTGenerate": func(alg string, i interface{}, key []byte) (string, error) {
		return JwtGenerate(alg, utils.InterfaceToMapInterface(i), "JWT", key)
	},
	"JWSGenerate": func(alg string, i interface{}, key []byte) (string, error) {
		return JwtGenerate(alg, utils.InterfaceToMapInterface(i), "JWS", key)
	},
	"RemoveAlg": JwtChangeAlgToNone,
	"AllAlgs":   AvailableJWTTokensAlgs,
}

var (
	JwtAlgs = []jwt.SigningMethod{
		jwt.SigningMethodES384,
		jwt.SigningMethodES256,
		jwt.SigningMethodES512,

		jwt.SigningMethodHS256,
		jwt.SigningMethodHS384,
		jwt.SigningMethodES512,

		jwt.SigningMethodPS256,
		jwt.SigningMethodPS384,
		jwt.SigningMethodPS512,

		jwt.SigningMethodRS256,
		jwt.SigningMethodPS384,
		jwt.SigningMethodPS512,

		&AuthHackJWTSigningNone{},
	}
)

Functions

func AvailableJWTTokensAlgs

func AvailableJWTTokensAlgs() []string

func JwtChangeAlgToNone

func JwtChangeAlgToNone(token string) (string, error)

func JwtGenerate

func JwtGenerate(alg string, extraData map[string]interface{}, typ string, key []byte) (string, error)

func JwtParse

func JwtParse(tokenStr string, keys ...string) (*jwt.Token, []byte, error)

func NewJWTHelper

func NewJWTHelper(alg string) (*jwt.Token, error)

Types

type AuthHackJWTSigningNone

type AuthHackJWTSigningNone struct{}

Implements the none signing method. This is required by the spec but you probably should never use it.

func (*AuthHackJWTSigningNone) Alg

func (m *AuthHackJWTSigningNone) Alg() string

func (*AuthHackJWTSigningNone) Sign

func (m *AuthHackJWTSigningNone) Sign(signingString string, key interface{}) (string, error)

Only allow 'none' signing if UnsafeAllowNoneSignatureType is specified as the key

func (*AuthHackJWTSigningNone) Verify

func (m *AuthHackJWTSigningNone) Verify(signingString, signature string, key interface{}) (err error)

Only allow 'none' alg type if UnsafeAllowNoneSignatureType is specified as the key