Documentation
¶
Index ¶
Constants ¶
const ( // IdentityHeader defines the header that is transmitted // as the WirePact identity. This is a RSA256 signed JSONWebToken (JWT). IdentityHeader = "x-wirepact-identity" // AuthorizationHeader is the default HTTP header for authorization. AuthorizationHeader = "authorization" )
Variables ¶
This section is empty.
Functions ¶
func CreateSignedJWTForUser ¶
CreateSignedJWTForUser creates a valid signed JWT for the given userID. The JWT is signed with the private key (RSA256) from the key material. Additionally, the optional headers "x5c" and "x5t" (https://datatracker.ietf.org/doc/html/rfc7515#section-4.1.6) are added - as they are required by WirePact - to enable the receiver to validate the presented signature. The audience is always set to "WirePact".
func GetJWTUserSubject ¶
GetJWTUserSubject takes the WirePact encoded JWT and extracts the user subject. First, the function checks the x5c and x5t headers and validates the JWT signature against its own CA certificate. Then, if the JWT is valid the subject is extracted. If any error occurs (missing certificate headers, wrong certificate or other errors) the error is returned with an empty string.
Source Files