jwt

package
v0.0.0-...-1305305 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 30, 2021 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

View Source
const (
	ValidationErrorMalformed        uint32 = 1 << iota // Token is malformed
	ValidationErrorUnverifiable                        // Token could not be verified because of signing problems
	ValidationErrorSignatureInvalid                    // Signature validation failed

	// Standard Claim validation errors
	ValidationErrorAudience      // AUD validation failed
	ValidationErrorExpired       // EXP validation failed
	ValidationErrorIssuedAt      // IAT validation failed
	ValidationErrorIssuer        // ISS validation failed
	ValidationErrorNotValidYet   // NBF validation failed
	ValidationErrorId            // JTI validation failed
	ValidationErrorClaimsInvalid // Generic claims validation error
)

The errors that might occur when parsing and validating a token

View Source
const (
	Review      Stage = "review"
	Approved          = "approved"
	Ready             = "ready"
	Initialized       = "initialized"
	Revoked           = "revoked"
)

Variables

View Source
var (
	ErrInvalidKey      = errors.New("key is invalid")
	ErrInvalidKeyType  = errors.New("key is of invalid type")
	ErrHashUnavailable = errors.New("the requested hash function is unavailable")
)

Error constants

View Source
var LOGGER = logging.MustGetLogger("jwt-helper")
View Source
var TimeFunc = time.Now

Functions

func CreateAndSign

func CreateAndSign(claims IJWTTokenClaim, hmacSampleSecret, keyID string) (string, error)

func InstitutionOwnsParticipantId

func InstitutionOwnsParticipantId(participantId string, institution Institution) bool

func ResponseError

func ResponseError(w http.ResponseWriter, statusCode int, err error)

func ResponseSuccess

func ResponseSuccess(w http.ResponseWriter, msg string)

func VerifyWWTokenCustom

func VerifyWWTokenCustom(decodedToken IJWTTokenClaim, nFromDb int, jtiFromDb, compareIncomingIp, compareEndpoint, compareAccount string) (bool, string)

Types

type General

type General struct {
	JTI string `json:"jti"`
}

type IJWTSecure

type IJWTSecure struct {
	ID     primitive.ObjectID `json:"_id" bson:"_id"`
	Secret string             `json:"secret" bson:"secret"`
	JTI    string             `json:"jti" bson:"jti"`
	Number int                `json:"number" bson:"number"`
}

type IJWTTokenClaim

type IJWTTokenClaim struct {
	jwt.StandardClaims
	Account     []string `json:"acc"`
	Version     string   `json:"ver"`
	IPs         []string `json:"ips"`
	Environment string   `json:"env"`
	Endpoints   []string `json:"enp"`
	Number      int      `json:"n"`
}

func CreateClaims

func CreateClaims(token Info, count int, iid, keyID string) IJWTTokenClaim

func Parse

func Parse(tokenString string) (*IJWTTokenClaim, string, error)

func Verify

func Verify(tokenString, secret string) (*IJWTTokenClaim, bool)

func (IJWTTokenClaim) Valid

func (c IJWTTokenClaim) Valid() error

Validates time based claims "exp, iat, nbf". There is no accounting for clock skew. As well, if any of the above claims are not in the token, it will still be considered a valid claim.

func (*IJWTTokenClaim) VerifyAudience

func (c *IJWTTokenClaim) VerifyAudience(cmp string, req bool) bool

Compares the aud claim against cmp. If required is false, this method will return true if the value matches or is unset

func (*IJWTTokenClaim) VerifyExpiresAt

func (c *IJWTTokenClaim) VerifyExpiresAt(cmp int64, req bool) bool

Compares the exp claim against cmp. If required is false, this method will return true if the value matches or is unset

func (*IJWTTokenClaim) VerifyIssuedAt

func (c *IJWTTokenClaim) VerifyIssuedAt(cmp int64, req bool) bool

Compares the iat claim against cmp. If required is false, this method will return true if the value matches or is unset

func (*IJWTTokenClaim) VerifyNotBefore

func (c *IJWTTokenClaim) VerifyNotBefore(cmp int64, req bool) bool

Compares the nbf claim against cmp. If required is false, this method will return true if the value matches or is unset

type IVerifyCompare

type IVerifyCompare struct {
	Endpoint string
	IP       string
	Account  string
	JTI      string
}

type Info

type Info struct {
	Acc         []string `json:"acc" bson:"acc"`
	Active      bool     `json:"active" bson:"active"`
	ApprovedAt  int64    `json:"approvedAt" bson:"approvedAt"`
	ApprovedBy  string   `json:"approvedBy" bson:"approvedBy"`
	Aud         string   `json:"aud" bson:"aud"`
	CreatedAt   int64    `json:"createdAt" bson:"createdAt"`
	CreatedBy   string   `json:"createdBy" bson:"createdBy"`
	Description string   `json:"description" bson:"description"`
	Enp         []string `json:"enp" bson:"enp"`
	Env         string   `json:"env" bson:"env"`
	IPs         []string `json:"ips" bson:"ips"`
	JTI         string   `json:"jti" bson:"jti"`
	Stage       Stage    `json:"stage" bson:"stage"`
	Sub         string   `json:"sub" bson:"sub"`
	RevokedAt   int64    `json:"revokedAt" bson:"revokedAt"`
	RevokedBy   string   `json:"revokedBy" bson:"revokedBy"`
	RefreshedAt int64    `json:"refreshedAt" bson:"refreshedAt"`
	Ver         string   `json:"ver" bson:"ver"`
	Institution string   `json:"institution" bson:"institution"`
}

type Institution

type Institution struct {
	ID    primitive.ObjectID `json:"_id" bson:"_id"`
	Info  InstitutionInfo    `json:"info" bson:"info"`
	Nodes []InstitutionNode  `json:"nodes" bson:"nodes"`
}

type InstitutionInfo

type InstitutionInfo struct {
	Address1      string `json:"address1" bson:"address1"`
	Address2      string `json:"address2" bson:"address2"`
	City          string `json:"city" bson:"city"`
	Country       string `json:"country" bson:"country"`
	GeoLat        string `json:"geo_lat" bson:"geo_lat"`
	GeoLon        string `json:"geo_lon" bson:"geo_lon"`
	InstitutionId string `json:"institutionId" bson:"institutionId"`
	Kind          string `json:"kind" bson:"kind"`
	LogoUrl       string `json:"logo_url" bson:"logo_url"`
	Name          string `json:"name" bson:"name"`
	SiteUrl       string `json:"site_url" bson:"site_url"`
	Slug          string `json:"slug" bson:"slug"`
	State         string `json:"state" bson:"state"`
	Status        string `json:"status" bson:"status"`
	Zip           string `json:"zip" bson:"zip"`
}

type InstitutionNode

type InstitutionNode struct {
	ApprovalIds   []string `json:"approvalIds" bson:"approvalIds"`
	BIC           string   `json:"bic" bson:"bic"`
	CountryCode   string   `json:"countryCode" bson:"countryCode"`
	Initialized   bool     `json:"initialized" bson:"initialized"`
	InstitutionId string   `json:"institutionId" bson:"institutionId"`
	ParticipantId string   `json:"participantId" bson:"participantId"`
	Role          string   `json:"role" bson:"role"`
	Status        []string `json:"status" bson:"status"`
	Version       string   `json:"version" bson:"version,omitempty"`
}

type InstitutionNodeUser

type InstitutionNodeUser struct {
	Profile Profile `json:"profile" bson:"profile"`
	Roles   Role    `json:"roles" bson:"roles"`
}

type Profile

type Profile struct {
	Email string `json:"email" bson:"email"`
}

type Role

type Role struct {
	Admin bool `json:"admin" bson:"admin"`
}

type Stage

type Stage string

type ValidationError

type ValidationError struct {
	Inner  error  // stores the error returned by external dependencies, i.e.: KeyFunc
	Errors uint32 // bitfield.  see ValidationError... constants
	// contains filtered or unexported fields
}

The error from Parse if token is not valid

func NewValidationError

func NewValidationError(errorText string, errorFlags uint32) *ValidationError

Helper for constructing a ValidationError with a string error message

func (ValidationError) Error

func (e ValidationError) Error() string

Validation error is an error type

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL