jwt

package

v0.0.0-...-645ee15 Latest Latest Go to latest Published: Dec 4, 2020 License: GPL-3.0 Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/bitcubix/goah

Documentation ¶

Index ¶

Constants
Variables
func Base64UrlDecode(value string) ([]byte, error)
func Base64UrlEncode(value []byte) string
func RegisterSigningMethod(algorithm Algorithm, f func() SigningMethod)
type Algorithm
type ClaimName
type Claims
- func (c *Claims) Get(key string) interface{}
- func (c *Claims) Set(key string, value interface{})
type Header
type JOSEHeaderParameter
type JWT
- func New(method SigningMethod) *JWT
- func NewWithClaims(method SigningMethod, claims Claims) *JWT
type Key
type SigningMethod
- func GetSigningMethod(algorithm Algorithm) (SigningMethod, error)
type SigningMethodHMAC
- func (m *SigningMethodHMAC) Algo() Algorithm
- func (m *SigningMethodHMAC) Sign(signing string, key Key) (string, error)
- func (m *SigningMethodHMAC) Verify(signing, signature string, key Key) (bool, error)
type SigningMethodNONE
- func (m *SigningMethodNONE) Algo() Algorithm
- func (m *SigningMethodNONE) Sign(_ string, _ Key) (string, error)
- func (m *SigningMethodNONE) Verify(_, _ string, _ Key) (bool, error)

Constants ¶

View Source

const (
	// AlgorithmNone if the JWT should not be signed or encrypted
	AlgorithmNone = "none"
	// AlgorithmHS256 uses HMAC SHA-256 to sign the JWT
	AlgorithmHS256 = "HS256"
)

Algorithms specified in RFC section 8.

Variables ¶

View Source

var (
	// ErrUnknownAlgorithm: unknown algorithm
	ErrUnknownAlgorithm = errors.New("unknown algorithm")
	// ErrInvalidKeyType: key is of invalid type
	ErrInvalidKeyType = errors.New("key is of invalid type")
	// ErrHashUnavailable: the requested hash function is unavailable
	ErrHashUnavailable = errors.New("the requested hash function is unavailable")
	// ErrSignatureInvalid: signature is invalid
	ErrSignatureInvalid = errors.New("signature is invalid")
)

errors defined for the jwt package

Functions ¶

func Base64UrlDecode ¶

func Base64UrlDecode(value string) ([]byte, error)

Base64UrlDecode decode JWT specific base64url encoding

func Base64UrlEncode ¶

func Base64UrlEncode(value []byte) string

Base64UrlEncode encode JWT specific base64url encoding

func RegisterSigningMethod ¶

func RegisterSigningMethod(algorithm Algorithm, f func() SigningMethod)

RegisterSigningMethod use to add a SigningMethod

Types ¶

type Algorithm ¶

type Algorithm string

Algorithm to sign or encrypt the JWT

type ClaimName ¶

type ClaimName = string

ClaimName Unique Key of Claims JSON Object

const (
	// RegisteredClaimIssuer RFC 4.1.1. Registered JWT Claim "iss" Issuer
	RegisteredClaimIssuer ClaimName = "iss"
	// RegisteredClaimSubject RFC 4.1.2. Registered JWT Claim "sub" Subject
	RegisteredClaimSubject ClaimName = "sub"
	// RegisteredClaimAudience RFC 4.1.3. Registered JWT Claim "aud" Audience
	RegisteredClaimAudience ClaimName = "aud"
	// RegisteredClaimExpirationTime RFC 4.1.4. Registered JWT Claim "exp" Expiration Time
	RegisteredClaimExpirationTime ClaimName = "exp"
	// RegisteredClaimNotBefore RFC 4.1.5. Registered JWT Claim "nbf" Not Before
	RegisteredClaimNotBefore ClaimName = "nbf"
	// RegisteredClaimIssuedAt RFC 4.1.6. Registered JWT Claim "iat" Issued At
	RegisteredClaimIssuedAt ClaimName = "iat"
	// RegisteredClaimJWTID RFC 4.1.7. Registered JWT Claim "jti" JWT ID
	RegisteredClaimJWTID ClaimName = "jti"
)

Registered Claim Names RFC 4.1.

type Claims ¶

type Claims map[string]interface{}

Claims contains all values for the JWT payload

func (*Claims) Get ¶

func (c *Claims) Get(key string) interface{}

Get Claim from Claims by key string

func (*Claims) Set ¶

func (c *Claims) Set(key string, value interface{})

Set new Claim to Claims map

type Header ¶

type Header map[string]interface{}

Header contains all values for the JWT header

type JOSEHeaderParameter ¶

type JOSEHeaderParameter = string

JOSEHeaderParameter Unique Key of JOSE Header JSON Object

const (
	// JOSEHeaderParameterType RFC 5.1. Header Parameter "typ" Type
	JOSEHeaderParameterType JOSEHeaderParameter = "typ" // RECOMMENDED Value is "JWT"
	// JOSEHeaderParameterContentType RFC 5.2. Header Parameter "cty" Content Type
	JOSEHeaderParameterContentType JOSEHeaderParameter = "cty"
	// JOSEHeaderParameterAlgorithm ? Header Parameter "alg" Algorithm
	JOSEHeaderParameterAlgorithm JOSEHeaderParameter = "alg"
)

JOSE Header Parameters RFC 5.

type JWT ¶

type JWT struct {
	// Raw hole token is set when you parse the JWT
	Raw string
	// Method the SigningMethod for signing the JWT
	Method SigningMethod
	// Header map for Headers the first part of the JWT
	Header Header
	// Claims values for the second part of the JWT
	Claims Claims
	// Signature third part of the JWT signature of part one and two of the JWT is set when you parse the JWT
	Signature string
	// Valid is the JWT valid is set when you parse the JWT
	Valid bool
}

JWT type for the JWT itself

func New ¶

func New(method SigningMethod) *JWT

New creates an JWT with empty Claims

func NewWithClaims ¶

func NewWithClaims(method SigningMethod, claims Claims) *JWT

New creates an JWT with direct filled in Claims

type Key ¶

type Key interface{}

Key is universal type for Key used in different signing methods

type SigningMethod ¶

type SigningMethod interface {
	Sign(signing string, key Key) (string, error)            // Returns encoded signature or error
	Verify(signing, signature string, key Key) (bool, error) // Returns true and nil if signing is verified, false and error if signing is invalid
	Algo() Algorithm                                         // Returns Algorithm use in Signing Method for example AlgorithmHS256
}

SigningMethod interface for implementing method to sign and verify tokens

func GetSigningMethod ¶

func GetSigningMethod(algorithm Algorithm) (SigningMethod, error)

GetSigningMethod use to get SigningMethod to Algorithm

type SigningMethodHMAC ¶

type SigningMethodHMAC struct {
	Algorithm Algorithm
	Hash      crypto.Hash
}

SigningMethodHMAC implements the HMAC-SHA family of signing methods

var (
	// SigningMethodHS256 using HMAC with SHA256 to signing the JWT
	SigningMethodHS256 *SigningMethodHMAC
)

Specific Algorithm of the HMAC-SHA family

func (*SigningMethodHMAC) Algo ¶

func (m *SigningMethodHMAC) Algo() Algorithm

Algo returns the Algorithm of the SigningMethodHMAC

func (*SigningMethodHMAC) Sign ¶

func (m *SigningMethodHMAC) Sign(signing string, key Key) (string, error)

Sign the signing string with HSXXX

func (*SigningMethodHMAC) Verify ¶

func (m *SigningMethodHMAC) Verify(signing, signature string, key Key) (bool, error)

Verify the signature of HSXXX tokens

type SigningMethodNONE ¶

type SigningMethodNONE struct {
	Algorithm Algorithm
}

only for special use cases NOT RECOMMENDED only here because its defined in RFC SigningMethodNONE the SigningMethod for AlgorithmNone

var (
	// SigningMethodNone return empty but valid signature used for Unsecured JWTs RFC 6.
	SigningMethodNone *SigningMethodNONE
)

specific SigningMethods for SigningMethodNONE

func (*SigningMethodNONE) Algo ¶

func (m *SigningMethodNONE) Algo() Algorithm

Algo returns the Algorithm of the SigningMethodNONE

func (*SigningMethodNONE) Sign ¶

func (m *SigningMethodNONE) Sign(_ string, _ Key) (string, error)

Sign return empty string and nil error

func (*SigningMethodNONE) Verify ¶

func (m *SigningMethodNONE) Verify(_, _ string, _ Key) (bool, error)

Verify returns true and nil error

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL