Documentation
¶
Overview ¶
Package iamgoogle provides Google-specific IAM primitives. See: https://developers.google.com/identity/protocols/oauth2/openid-connect
Index ¶
- func Email(payload *idtoken.Payload) (string, bool)
- func HostedDomain(payload *idtoken.Payload) (string, bool)
- func IsEmailVerified(payload *idtoken.Payload) bool
- func IsGoogleCloudServiceAccountEmail(payload *idtoken.Payload) bool
- func IsGoogleIdentityToken(token *iamv1.IdentityToken) bool
- func IsSignatureRemoved(identityToken *iamv1.IdentityToken) bool
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func HostedDomain ¶
HostedDomain returns the payload's `hd` claim.
func IsEmailVerified ¶
IsEmailVerified returns true if the payload has the `email_verified` claim.
func IsGoogleCloudServiceAccountEmail ¶
IsGoogleCloudServiceAccountEmail returns true if the payload has a verified email belonging to a Google Cloud service account.
func IsGoogleIdentityToken ¶ added in v0.36.0
func IsGoogleIdentityToken(token *iamv1.IdentityToken) bool
IsGoogleIdentityToken returns true if the JWT payload is from a Google ID token. See: https://developers.google.com/identity/protocols/oauth2/openid-connect
func IsSignatureRemoved ¶ added in v0.36.0
func IsSignatureRemoved(identityToken *iamv1.IdentityToken) bool
IsSignatureRemoved checks if the ID token's signature has been removed by Google. See: https://cloud.google.com/run/docs/troubleshooting#signature-removed
Types ¶
This section is empty.
Source Files