Documentation ¶
Overview ¶
Package jwt implements the OAuth 2.0 JSON Web Token flow, commonly known as "two-legged OAuth 2.0".
See: https://tools.ietf.org/html/draft-ietf-oauth-jwt-bearer-12
Index ¶
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct { // Email is the OAuth client identifier used when communicating with // the configured OAuth provider. Email string // PrivateKey contains the contents of an RSA private key or the // contents of a PEM file that contains a private key. The provided // private key is used to sign JWT payloads. // PEM containers with a passphrase are not supported. // Use the following command to convert a PKCS 12 file into a PEM. // // $ openssl pkcs12 -in key.p12 -out key.pem -nodes // PrivateKey []byte // PrivateKeyID contains an optional hint indicating which key is being // used. PrivateKeyID string // Subject is the optional user to impersonate. Subject string // Scopes optionally specifies a list of requested permission scopes. Scopes []string // TokenURL is the endpoint required to complete the 2-legged JWT flow. TokenURL string // Expires optionally specifies how long the token is valid for. Expires time.Duration // Audience optionally specifies the intended audience of the // request. If empty, the value of TokenURL is used as the // intended audience. Audience string // PrivateClaims optionally specifies custom private claims in the JWT. // See http://tools.ietf.org/html/draft-jones-json-web-token-10#section-4.3 PrivateClaims map[string]interface{} // UseIDToken optionally specifies whether ID token should be used instead // of access token when the server returns both. UseIDToken bool }
Config is the configuration for using JWT to fetch tokens, commonly known as "two-legged OAuth 2.0".
Example ¶
package main import ( "context" "golang.org/x/oauth2/jwt" ) func main() { ctx := context.Background() conf := &jwt.Config{ Email: "xxx@developer.com", // The contents of your RSA private key or your PEM file // that contains a private key. // If you have a p12 file instead, you // can use `openssl` to export the private key into a pem file. // // $ openssl pkcs12 -in key.p12 -out key.pem -nodes // // It only supports PEM containers with no passphrase. PrivateKey: []byte("-----BEGIN RSA PRIVATE KEY-----..."), Subject: "user@example.com", TokenURL: "https://provider.com/o/oauth2/token", } // Initiate an http.Client, the following GET request will be // authorized and authenticated on the behalf of user@example.com. client := conf.Client(ctx) client.Get("...") }
Output:
func (*Config) Client ¶
Client returns an HTTP client wrapping the context's HTTP transport and adding Authorization headers with tokens obtained from c.
The returned client and its Transport should not be modified.
func (*Config) TokenSource ¶
func (c *Config) TokenSource(ctx context.Context) oauth2.TokenSource
TokenSource returns a JWT TokenSource using the configuration in c and the HTTP client from the provided context.
Click to show internal directories.
Click to hide internal directories.