Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrTokenInvalidAudience = errors.New("token has invalid audience") ErrTokenExpired = errors.New("token is expired") ErrTokenUsedBeforeIssued = errors.New("token used before issued") ErrTokenNotValidYet = errors.New("token is not valid yet") )
View Source
var ( ErrKeyMustBePEMEncoded = errors.New("invalid key: Key must be a PEM encoded PKCS1 or PKCS8 key") ErrNotRSAPrivateKey = errors.New("key is not a valid RSA private key") ErrNotRSAPublicKey = errors.New("key is not a valid RSA public key") )
View Source
var ( ErrNoPrivKeyFile = errors.New("private key file unreadable") ErrInvalidPrivKey = errors.New("RSA private key invalid") )
View Source
var ( // ErrInvalidSigningAlgorithm indicates signing algorithm is invalid, needs to be RS256, RS384 or RS512 ErrInvalidSigningAlgorithm = errors.New("invalid signing algorithm") ErrTokenInvalidClaims = errors.New("token has invalid claims") ErrNoPubKeyFile = errors.New("public key file unreadable") ErrInvalidPubKey = errors.New("RSA public key invalid") )
Functions ¶
func ParseRSAPrivateKeyFromPEM ¶
func ParseRSAPrivateKeyFromPEM(key []byte) (*rsa.PrivateKey, error)
ParseRSAPrivateKeyFromPEM parses a PEM encoded PKCS1 or PKCS8 private key
Types ¶
type SignerConfig ¶
type SignerConfig struct { PrivateKey string `mapstructure:"private_key" yaml:"private_key" env:"PRIVATE_KEY" env-required:"true"` Audience []string `mapstructure:"audience" yaml:"audience" env:"AUDIENCE" env-required:"true"` Algorithm jwt.Algorithm `mapstructure:"algorithm" yaml:"algorithm" env:"ALGORITHM" env-default:"RS256"` TTL time.Duration `mapstructure:"ttl" yaml:"ttl" env:"TTL" env-default:"5m"` }
func (*SignerConfig) Generator ¶
func (cfg *SignerConfig) Generator() (*generator, error)
func (*SignerConfig) NewGenerator ¶
func (cfg *SignerConfig) NewGenerator(privKey *rsa.PrivateKey) (*generator, error)
type UserClaims ¶
type UserClaims struct { jwt.RegisteredClaims Name string `json:"name,omitempty"` Email string `json:"email,omitempty"` Roles []string `json:"roles,omitempty"` Metadata any `json:"metadata,omitempty"` }
func Unmarshal ¶
func Unmarshal(claims json.RawMessage) (UserClaims, error)
func (UserClaims) User ¶
func (uc UserClaims) User() User
func (UserClaims) Validate ¶
func (uc UserClaims) Validate(audience string) error
type VerifierConfig ¶
type VerifierConfig struct { PublicKey string `mapstructure:"public_key" yaml:"public_key" env:"PUBLIC_KEY" env-required:"true"` Audience string `mapstructure:"audience" yaml:"audience" env:"AUDIENCE" env-required:"true"` Algorithm jwt.Algorithm `mapstructure:"algorithm" yaml:"algorithm" env:"ALGORITHM" env-default:"RS256"` }
func (*VerifierConfig) NewVerifier ¶
func (cfg *VerifierConfig) NewVerifier(pubKey *rsa.PublicKey) (*verifier, error)
func (*VerifierConfig) Verifier ¶
func (cfg *VerifierConfig) Verifier() (*verifier, error)
Click to show internal directories.
Click to hide internal directories.