jwt

package

v0.0.0-...-c39e8e5 Latest Latest Go to latest Published: Oct 27, 2022 License: AGPL-3.0 Imports: 10 Imported by: 2

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/shanhuio/lib-misc

Documentation ¶

Index ¶

Constants
func CheckClaimSet(claims, tmpl *ClaimSet) error
func CheckTime(claims *ClaimSet, now time.Time) (time.Duration, error)
func EncodeAndSign(c *ClaimSet, s Signer) (string, error)
func Verify(tok *Token, v Verifier, t time.Time) error
type ClaimSet
- func (c *ClaimSet) ExtraString(k string) (string, bool)
type HS256
- func NewHS256(key []byte, kid string) *HS256
type Header
type Signer
type Token
- func Decode(token string) (*Token, error)
- func DecodeAndVerify(token string, v Verifier, t time.Time) (*Token, error)
type Verifier

Constants ¶

View Source

const (
	AlgHS256 = "HS256" // HMAC + SHA256
	AlgRS256 = "RS256" // RSA + SHA256
)

Signing algorithm codes.

View Source

const (
	DefaultType = "JWT"
)

The default type string.

Variables ¶

This section is empty.

Functions ¶

func CheckClaimSet ¶

func CheckClaimSet(claims, tmpl *ClaimSet) error

CheckClaimSet checks claims in claim set, see if it matches the values in the template.

func CheckTime ¶

func CheckTime(claims *ClaimSet, now time.Time) (time.Duration, error)

CheckTime checks if the token's claims is in valid at time now.

func EncodeAndSign ¶

func EncodeAndSign(c *ClaimSet, s Signer) (string, error)

EncodeAndSign signs and encodes a claim set and signs it.

func Verify ¶

func Verify(tok *Token, v Verifier, t time.Time) error

Verify verifies if a decoded token has the valid signature.

Types ¶

type ClaimSet ¶

type ClaimSet struct {
	Iss   string `json:"iss"`   // Issuer.
	Scope string `json:"scope"` // Scope, space-delimited list.
	Aud   string `json:"aud"`   // Audiance. Intended target.
	Exp   int64  `json:"exp"`   // Expiration time (Unix timestamp seconds)
	Iat   int64  `json:"iat"`   // Asserstion time (Unix timestamp seconds)
	Typ   string `json:"typ"`   // Token type.

	Sub string `json:"sub"`

	Extra map[string]interface{} `json:"-"`
}

ClaimSet contains the JWT claims

func (*ClaimSet) ExtraString ¶

func (c *ClaimSet) ExtraString(k string) (string, bool)

ExtraString reads an extra string field from the claim set.

type HS256 ¶

type HS256 struct {
	// contains filtered or unexported fields
}

HS256 implements the HS256 signing algorithm. It uses SHA256 hash and HMAC signing.

func NewHS256 ¶

func NewHS256(key []byte, kid string) *HS256

NewHS256 creates a new HS256 signer using the given key and key ID.

func (h *HS256) Header() (*Header, error)

Header returns the JWT header for this signer.

func (*HS256) Sign ¶

func (h *HS256) Sign(_ *Header, data []byte) ([]byte, error)

Sign signs the HS256 signature.

func (*HS256) Verify ¶

func (h *HS256) Verify(header *Header, data, sig []byte, _ time.Time) error

Verify verifies the HS256 signature.

type Header ¶

type Header struct {
	Alg   string `json:"alg"`
	Typ   string `json:"typ"`
	KeyID string `json:"kid,omitempty"` // Key ID.
}

Header is the JWT header.

type Signer ¶

type Signer interface {
	Header() (*Header, error)
	Sign(h *Header, data []byte) ([]byte, error)
}

Signer signs the token, returns the signature and the header.

type Token ¶

type Token struct {
	Header    *Header
	ClaimSet  *ClaimSet
	Payload   []byte
	Signature []byte
}

Token is a parsed JWT token.

func Decode ¶

func Decode(token string) (*Token, error)

Decode decodes the token without verifying it.

func DecodeAndVerify ¶

func DecodeAndVerify(token string, v Verifier, t time.Time) (*Token, error)

DecodeAndVerify decodes and verifies a token.

type Verifier ¶

type Verifier interface {
	Verify(h *Header, data, sig []byte, t time.Time) error
}

Verifier verifies the token.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL