token

package

v0.7.0 Latest Latest Go to latest Published: Apr 3, 2021 License: MIT Imports: 17 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/macrat/lauth

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func TokenHash(token string) string
type AccessTokenClaims
- func (claims AccessTokenClaims) Validate(issuer *config.URL) error
type AuthorizedParties
- func (azp AuthorizedParties) Append(rp string) AuthorizedParties
- func (azp AuthorizedParties) Includes(rp string) bool
type CodeClaims
- func (claims CodeClaims) Validate(issuer *config.URL) error
type ExtraClaims
type IDTokenClaims
- func (claims IDTokenClaims) MarshalJSON() ([]byte, error)
- func (claims *IDTokenClaims) UnmarshalJSON(data []byte) error
- func (claims IDTokenClaims) Validate(issuer *config.URL, audience string) error
type JWK
type Manager
- func GenerateManager() (Manager, error)
- func NewManager(private *rsa.PrivateKey) (Manager, error)
- func NewManagerFromFile(file io.Reader) (Manager, error)
- func (m Manager) CreateAccessToken(issuer *config.URL, subject, clientID, scope string, authTime time.Time, ...) (string, error)
- func (m Manager) CreateCode(issuer *config.URL, subject, clientID, redirectURI, scope, nonce string, ...) (string, error)
- func (m Manager) CreateIDToken(issuer *config.URL, subject, audience, nonce, code, accessToken string, ...) (string, error)
- func (m Manager) CreateRefreshToken(issuer *config.URL, subject, clientID, scope, nonce string, authTime time.Time, ...) (string, error)
- func (m Manager) CreateRequestObject(issuer *config.URL, subject string, request RequestObjectClaims, ...) (string, error)
- func (m Manager) CreateSSOToken(issuer *config.URL, subject string, authorized AuthorizedParties, ...) (string, error)
- func (m Manager) JWKs(hostname string) ([]JWK, error)
- func (m Manager) KeyID() uuid.UUID
- func (m Manager) ParseAccessToken(token string) (AccessTokenClaims, error)
- func (m Manager) ParseCode(token string) (CodeClaims, error)
- func (m Manager) ParseIDToken(token string) (IDTokenClaims, error)
- func (m Manager) ParseRefreshToken(token string) (RefreshTokenClaims, error)
- func (m Manager) ParseRequestObject(token string, signKey string) (RequestObjectClaims, error)
- func (m Manager) ParseSSOToken(token string) (SSOTokenClaims, error)
- func (m Manager) PublicKey() *rsa.PublicKey
type OIDCClaims
- func (claims OIDCClaims) Validate(issuer *config.URL, audience string) error
type RefreshTokenClaims
- func (claims RefreshTokenClaims) Validate(issuer *config.URL) error
type RequestObjectClaims
- func (claims RequestObjectClaims) Validate(issuer string, audience *config.URL) error
type SSOTokenClaims
- func (claims SSOTokenClaims) Validate(issuer *config.URL) error

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	InvalidTokenError        = errors.New("invalid token")
	TokenExpiredError        = errors.New("token has already expired")
	UnexpectedIssuerError    = errors.New("unexpected issuer")
	UnexpectedAudienceError  = errors.New("unexpected audience")
	UnexpectedTokenTypeError = errors.New("unexpected token type")
	UnexpectedClientIDError  = errors.New("unexpected client_id")
)

View Source

var (
	NotJWEError = errors.New("not a valid JWE data")
)

Functions ¶

func TokenHash ¶

func TokenHash(token string) string

Types ¶

type AccessTokenClaims ¶

type AccessTokenClaims struct {
	OIDCClaims

	AuthorizedParties []string `json:"azp,omitempty"`
	Scope             string   `json:"scope,omitempty"`
}

func (AccessTokenClaims) Validate ¶

func (claims AccessTokenClaims) Validate(issuer *config.URL) error

type AuthorizedParties ¶ added in v0.4.0

type AuthorizedParties []string

func (AuthorizedParties) Append ¶ added in v0.4.0

func (azp AuthorizedParties) Append(rp string) AuthorizedParties

func (AuthorizedParties) Includes ¶ added in v0.4.0

func (azp AuthorizedParties) Includes(rp string) bool

type CodeClaims ¶

type CodeClaims struct {
	OIDCClaims

	ClientID    string `json:"client_id"`
	RedirectURI string `json:"redirect_uri"`
	Nonce       string `json:"nonce,omitempty"`
	Scope       string `json:"scope,omitempty"`
}

func (CodeClaims) Validate ¶

func (claims CodeClaims) Validate(issuer *config.URL) error

type ExtraClaims ¶

type ExtraClaims map[string]interface{}

type IDTokenClaims ¶

type IDTokenClaims struct {
	OIDCClaims

	Nonce           string      `json:"nonce,omitempty"`
	CodeHash        string      `json:"c_hash,omitempty"`
	AccessTokenHash string      `json:"at_hash,omitempty"`
	ExtraClaims     ExtraClaims `json:"-"`
}

func (IDTokenClaims) MarshalJSON ¶

func (claims IDTokenClaims) MarshalJSON() ([]byte, error)

func (*IDTokenClaims) UnmarshalJSON ¶

func (claims *IDTokenClaims) UnmarshalJSON(data []byte) error

func (IDTokenClaims) Validate ¶

func (claims IDTokenClaims) Validate(issuer *config.URL, audience string) error

type JWK ¶

type JWK struct {
	KeyID     string   `json:"kid"`
	Use       string   `json:"use"`
	Algorithm string   `json:"alg"`
	KeyType   string   `json:"kty"`
	E         string   `json:"e"`
	N         string   `json:"n"`
	X509      []string `json:"x5c"`
}

type Manager ¶

type Manager struct {
	// contains filtered or unexported fields
}

func GenerateManager ¶

func GenerateManager() (Manager, error)

func NewManager ¶

func NewManager(private *rsa.PrivateKey) (Manager, error)

func NewManagerFromFile ¶

func NewManagerFromFile(file io.Reader) (Manager, error)

func (Manager) CreateAccessToken ¶

func (m Manager) CreateAccessToken(issuer *config.URL, subject, clientID, scope string, authTime time.Time, expiresIn time.Duration) (string, error)

func (Manager) CreateCode ¶

func (m Manager) CreateCode(issuer *config.URL, subject, clientID, redirectURI, scope, nonce string, authTime time.Time, expiresIn time.Duration) (string, error)

func (Manager) CreateIDToken ¶

func (m Manager) CreateIDToken(issuer *config.URL, subject, audience, nonce, code, accessToken string, extraClaims ExtraClaims, authTime time.Time, expiresIn time.Duration) (string, error)

func (Manager) CreateRefreshToken ¶

func (m Manager) CreateRefreshToken(issuer *config.URL, subject, clientID, scope, nonce string, authTime time.Time, expiresIn time.Duration) (string, error)

func (Manager) CreateRequestObject ¶ added in v0.5.0

func (m Manager) CreateRequestObject(issuer *config.URL, subject string, request RequestObjectClaims, expiresAt time.Time) (string, error)

func (Manager) CreateSSOToken ¶

func (m Manager) CreateSSOToken(issuer *config.URL, subject string, authorized AuthorizedParties, authTime time.Time, expiresAt time.Time) (string, error)

func (Manager) JWKs ¶

func (m Manager) JWKs(hostname string) ([]JWK, error)

func (Manager) KeyID ¶

func (m Manager) KeyID() uuid.UUID

func (Manager) ParseAccessToken ¶

func (m Manager) ParseAccessToken(token string) (AccessTokenClaims, error)

func (Manager) ParseCode ¶

func (m Manager) ParseCode(token string) (CodeClaims, error)

func (Manager) ParseIDToken ¶

func (m Manager) ParseIDToken(token string) (IDTokenClaims, error)

func (Manager) ParseRefreshToken ¶

func (m Manager) ParseRefreshToken(token string) (RefreshTokenClaims, error)

func (Manager) ParseRequestObject ¶ added in v0.5.0

func (m Manager) ParseRequestObject(token string, signKey string) (RequestObjectClaims, error)

func (Manager) ParseSSOToken ¶ added in v0.4.0

func (m Manager) ParseSSOToken(token string) (SSOTokenClaims, error)

func (Manager) PublicKey ¶

func (m Manager) PublicKey() *rsa.PublicKey

type OIDCClaims ¶

type OIDCClaims struct {
	jwt.StandardClaims

	Type     string `json:"typ"`
	AuthTime int64  `json:"auth_time,omitempty"`
}

func (OIDCClaims) Validate ¶

func (claims OIDCClaims) Validate(issuer *config.URL, audience string) error

type RefreshTokenClaims ¶

type RefreshTokenClaims struct {
	OIDCClaims

	ClientID string `json:"client_id"`
	Scope    string `json:"scope,omitempty"`
	Nonce    string `json:"nonce,omitempty"`
}

func (RefreshTokenClaims) Validate ¶

func (claims RefreshTokenClaims) Validate(issuer *config.URL) error

type RequestObjectClaims ¶ added in v0.5.0

type RequestObjectClaims struct {
	jwt.StandardClaims

	ResponseType string `json:"response_type,omitempty"`
	ClientID     string `json:"client_id,omitempty"`
	RedirectURI  string `json:"redirect_uri,omitempty"`
	Scope        string `json:"scope,omitempty"`
	State        string `json:"state,omitempty"`
	Nonce        string `json:"nonce,omitempty"`
	MaxAge       int64  `json:"max_age,omitempty"`
	Prompt       string `json:"prompt,omitempty"`
	LoginHint    string `json:"login_hint,omitempty"`
}

func (RequestObjectClaims) Validate ¶ added in v0.5.0

func (claims RequestObjectClaims) Validate(issuer string, audience *config.URL) error

type SSOTokenClaims ¶ added in v0.4.0

type SSOTokenClaims struct {
	OIDCClaims

	Authorized AuthorizedParties `json:"azp,omitempty"`
}

func (SSOTokenClaims) Validate ¶ added in v0.4.0

func (claims SSOTokenClaims) Validate(issuer *config.URL) error

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL