servicetokens

package
v10.341.1+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 23, 2021 License: Apache-2.0 Imports: 11 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CreateAndSign

func CreateAndSign(server string, profile, scopes []string, id string, validity time.Duration, gkey interface{}, pingPayload *policy.PingPayload) (string, error)

CreateAndSign creates a new JWT token based on the Aporeto identities.

Types

type JWTClaims

type JWTClaims struct {
	jwt.StandardClaims
	Scopes      []string
	Profile     []string
	Data        map[string]string
	PingPayload *policy.PingPayload `json:",omitempty"`
}

JWTClaims is the structure of the claims we are sending on the wire.

type Verifier

type Verifier struct {
	sync.RWMutex
	// contains filtered or unexported fields
}

Verifier keeps all the structures for processing tokens.

func NewVerifier

func NewVerifier(s secrets.Secrets, globalCertificate *x509.Certificate) *Verifier

NewVerifier creates a new Aporeto JWT Verifier. The globalCertificate is optional and is needed for configurations that do not transmit the token over the wire.

func (*Verifier) ParseToken

func (p *Verifier) ParseToken(token string, publicKey string) (string, []string, []string, *policy.PingPayload, error)

ParseToken parses and validates the JWT token, give the publicKey. It returns the scopes the identity and the subject of the provided token. These tokens are strictly signed with EC. TODO: We can be more flexible with the algorithm selection here.

func (*Verifier) UpdateSecrets

func (p *Verifier) UpdateSecrets(s secrets.Secrets, globalCert *x509.Certificate)

UpdateSecrets updates the secrets of the token Verifier.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL