Documentation ¶
Overview ¶
JWT extension
Index ¶
- func GenerateJWT(signingMethod jwt.SigningMethod, signedKey []byte, claims *Oauth2Claims) (access string, err error)
- func NewJWTTokenStore(cfg JWTConfig) (store oauth2.TokenStore, err error)
- func ParseAccessTokenInfo(signingMethod jwt.SigningMethod, signedKey []byte, access string) (tokenInfo oauth2.TokenInfo, err error)
- func ParseRefreshTokenInfo(signingMethod jwt.SigningMethod, signedKey []byte, refresh string) (tokenInfo oauth2.TokenInfo, err error)
- type JWTAccessGenerate
- type JWTConfig
- type JWTTokenStore
- func (ts *JWTTokenStore) Create(info oauth2.TokenInfo) (err error)
- func (ts *JWTTokenStore) GetByAccess(access string) (ti oauth2.TokenInfo, err error)
- func (ts *JWTTokenStore) GetByCode(code string) (ti oauth2.TokenInfo, err error)
- func (ts *JWTTokenStore) GetByRefresh(refresh string) (ti oauth2.TokenInfo, err error)
- func (ts *JWTTokenStore) RemoveByAccess(access string) (err error)
- func (ts *JWTTokenStore) RemoveByCode(code string) (err error)
- func (ts *JWTTokenStore) RemoveByRefresh(refresh string) (err error)
- type Oauth2Claims
- func (c Oauth2Claims) Valid() error
- func (c *Oauth2Claims) VerifyAudience(cmp string, req bool) bool
- func (c *Oauth2Claims) VerifyExpiresAt(cmp int64, req bool) bool
- func (c *Oauth2Claims) VerifyIssuedAt(cmp int64, req bool) bool
- func (c *Oauth2Claims) VerifyIssuer(cmp string, req bool) bool
- func (c *Oauth2Claims) VerifyNotBefore(cmp int64, req bool) bool
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GenerateJWT ¶
func GenerateJWT(signingMethod jwt.SigningMethod, signedKey []byte, claims *Oauth2Claims) (access string, err error)
GenerateJWT jwt token
func NewJWTTokenStore ¶
NewJWTTokenStore create a token store instance for jwt, which not store token exactly, but parse and valid the token instead
func ParseAccessTokenInfo ¶
func ParseAccessTokenInfo(signingMethod jwt.SigningMethod, signedKey []byte, access string) (tokenInfo oauth2.TokenInfo, err error)
ParseAccessTokenInfo from access
func ParseRefreshTokenInfo ¶
func ParseRefreshTokenInfo(signingMethod jwt.SigningMethod, signedKey []byte, refresh string) (tokenInfo oauth2.TokenInfo, err error)
ParseRefreshTokenInfo from refresh
Types ¶
type JWTAccessGenerate ¶
type JWTAccessGenerate struct {
// contains filtered or unexported fields
}
JWTAccessGenerate generate the jwt access token
func NewJWTAccessGenerate ¶
func NewJWTAccessGenerate(cfg JWTConfig) *JWTAccessGenerate
NewJWTAccessGenerate create to generate the jwt access token instance
func (*JWTAccessGenerate) Token ¶
func (a *JWTAccessGenerate) Token(data *oauth2.GenerateBasic, isGenRefresh bool) (access, refresh string, err error)
Token based on the UUID generated token Registered Claim Names: https://tools.ietf.org/html/rfc7519#section-4.1
type JWTConfig ¶
type JWTConfig struct { SignedKey []byte SigningMethod jwt.SigningMethod }
JWTConfig jwt config
type JWTTokenStore ¶
type JWTTokenStore struct {
// contains filtered or unexported fields
}
JWTTokenStore jwt token store
func (*JWTTokenStore) Create ¶
func (ts *JWTTokenStore) Create(info oauth2.TokenInfo) (err error)
Create create and store the new token information
func (*JWTTokenStore) GetByAccess ¶
func (ts *JWTTokenStore) GetByAccess(access string) (ti oauth2.TokenInfo, err error)
GetByAccess use the access token for token information data
func (*JWTTokenStore) GetByCode ¶
func (ts *JWTTokenStore) GetByCode(code string) (ti oauth2.TokenInfo, err error)
GetByCode use the authorization code for token information data
func (*JWTTokenStore) GetByRefresh ¶
func (ts *JWTTokenStore) GetByRefresh(refresh string) (ti oauth2.TokenInfo, err error)
GetByRefresh use the refresh token for token information data
func (*JWTTokenStore) RemoveByAccess ¶
func (ts *JWTTokenStore) RemoveByAccess(access string) (err error)
RemoveByAccess use the access token to delete the token information
func (*JWTTokenStore) RemoveByCode ¶
func (ts *JWTTokenStore) RemoveByCode(code string) (err error)
RemoveByCode use the authorization code to delete the token information
func (*JWTTokenStore) RemoveByRefresh ¶
func (ts *JWTTokenStore) RemoveByRefresh(refresh string) (err error)
RemoveByRefresh use the refresh token to delete the token information
type Oauth2Claims ¶
type Oauth2Claims struct { Audience string `json:"aud,omitempty"` ExpiresAt int64 `json:"exp,omitempty"` ID string `json:"jti,omitempty"` IssuedAt int64 `json:"iat,omitempty"` Issuer string `json:"iss,omitempty"` NotBefore int64 `json:"nbf,omitempty"` Subject string `json:"sub,omitempty"` Scope string `json:"scp,omitempty"` }
Oauth2Claims jwt claims Structured version of Claims Section, as referenced at https://tools.ietf.org/html/rfc7519#section-4.1 See examples for how to use this with your own claim types
func AccessClaims ¶
func AccessClaims(tokenInfo oauth2.TokenInfo) *Oauth2Claims
AccessClaims from token info
func ParseClaims ¶
func ParseClaims(signingMethod jwt.SigningMethod, signedKey []byte, access string) (claims *Oauth2Claims, err error)
ParseClaims jwt token
func RefreshClaims ¶
func RefreshClaims(tokenInfo oauth2.TokenInfo) *Oauth2Claims
RefreshClaims from token info
func (Oauth2Claims) Valid ¶
func (c Oauth2Claims) Valid() error
Valid time based claims "exp, iat, nbf". There is no accounting for clock skew. As well, if any of the above claims are not in the token, it will still be considered a valid claim.
func (*Oauth2Claims) VerifyAudience ¶
func (c *Oauth2Claims) VerifyAudience(cmp string, req bool) bool
VerifyAudience compares the aud claim against cmp. If required is false, this method will return true if the value matches or is unset
func (*Oauth2Claims) VerifyExpiresAt ¶
func (c *Oauth2Claims) VerifyExpiresAt(cmp int64, req bool) bool
VerifyExpiresAt compares the exp claim against cmp. If required is false, this method will return true if the value matches or is unset
func (*Oauth2Claims) VerifyIssuedAt ¶
func (c *Oauth2Claims) VerifyIssuedAt(cmp int64, req bool) bool
VerifyIssuedAt compares the iat claim against cmp. If required is false, this method will return true if the value matches or is unset
func (*Oauth2Claims) VerifyIssuer ¶
func (c *Oauth2Claims) VerifyIssuer(cmp string, req bool) bool
VerifyIssuer compares the iss claim against cmp. If required is false, this method will return true if the value matches or is unset
func (*Oauth2Claims) VerifyNotBefore ¶
func (c *Oauth2Claims) VerifyNotBefore(cmp int64, req bool) bool
VerifyNotBefore compares the nbf claim against cmp. If required is false, this method will return true if the value matches or is unset