Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( ErrInvalidContentType = errors.New("should have a JSON content type for JWKS endpoint") ErrInvalidAlgorithm = errors.New("algorithm is invalid") )
var ( ErrNoKeyFound = errors.New("no Keys has been found") ErrKeyExpired = errors.New("key exists but is expired") // Configuring with MaxKeyAgeNoCheck will skip key expiry check MaxKeyAgeNoCheck = time.Duration(-1) // Configuring with MaxCacheSizeNoCheck will skip key cache size check MaxCacheSizeNoCheck = -1 )
var ( // ErrNoJWTHeaders is returned when there are no headers in the JWT. ErrNoJWTHeaders = errors.New("No headers in the token") )
var ( // ErrTokenNotFound is returned by the ValidateRequest if the token was not // found in the request. ErrTokenNotFound = errors.New("Token not found") )
Functions ¶
func FromBearer ¶
func FromBearer(bearer string) (*jwt.JSONWebToken, error)
Types ¶
type Configuration ¶
type Configuration struct {
// contains filtered or unexported fields
}
Configuration contains all the information about the Auth0 service.
func NewConfiguration ¶
func NewConfiguration(provider SecretProvider, audience []string, issuer string, method jose.SignatureAlgorithm) Configuration
NewConfiguration creates a configuration for server
func NewConfigurationTrustProvider ¶
func NewConfigurationTrustProvider(provider SecretProvider, audience []string, issuer string) Configuration
NewConfigurationTrustProvider creates a configuration for server with no enforcement for token sig alg type, instead trust provider
type JWKClient ¶
type JWKClient struct {
// contains filtered or unexported fields
}
func NewJWKClient ¶
func NewJWKClient(options JWKClientOptions, extractor RequestTokenExtractor) *JWKClient
NewJWKClient creates a new JWKClient instance from the provided options.
func NewJWKClientWithCache ¶
func NewJWKClientWithCache(options JWKClientOptions, extractor RequestTokenExtractor, keyCacher KeyCacher) *JWKClient
NewJWKClientWithCache creates a new JWKClient instance from the provided options and a custom keycacher interface. Passing nil to keyCacher will create a persistent key cacher
type JWKClientOptions ¶
type JWKS ¶
type JWKS struct {
Keys []jose.JSONWebKey `json:"keys"`
}
type JWTValidator ¶
type JWTValidator struct {
// contains filtered or unexported fields
}
JWTValidator helps middleware to validate token
func NewValidator ¶
func NewValidator(config Configuration, extractor RequestTokenExtractor) *JWTValidator
NewValidator creates a new validator with the provided configuration.
func (*JWTValidator) Claims ¶
func (v *JWTValidator) Claims(bearer string, token *jwt.JSONWebToken, values ...interface{}) error
Claims unmarshall the claims of the provided token
func (*JWTValidator) ValidateRequest ¶
func (v *JWTValidator) ValidateRequest(bearer string) (*jwt.JSONWebToken, error)
ValidateRequest validates the token within the http request. A default leeway value of one minute is used to compare time values.
func (*JWTValidator) ValidateRequestWithLeeway ¶
func (v *JWTValidator) ValidateRequestWithLeeway(bearer string, leeway time.Duration) (*jwt.JSONWebToken, error)
ValidateRequestWithLeeway validates the token within the http request. The provided leeway value is used to compare time values.
type KeyCacher ¶
type KeyCacher interface { Get(keyID string) (*jose.JSONWebKey, error) Add(keyID string, webKeys []jose.JSONWebKey) (*jose.JSONWebKey, error) }
type RequestTokenExtractor ¶
type RequestTokenExtractor interface {
Extract(bearer string) (*jwt.JSONWebToken, error)
}
RequestTokenExtractor can extract a JWT from a request.
func FromMultiple ¶
func FromMultiple(extractors ...RequestTokenExtractor) RequestTokenExtractor
FromMultiple combines multiple extractors by chaining.
type RequestTokenExtractorFunc ¶
type RequestTokenExtractorFunc func(bearer string) (*jwt.JSONWebToken, error)
RequestTokenExtractorFunc function conforming to the RequestTokenExtractor interface.
func (RequestTokenExtractorFunc) Extract ¶
func (f RequestTokenExtractorFunc) Extract(bearer string) (*jwt.JSONWebToken, error)
Extract calls f(r)
type SecretProvider ¶
SecretProvider will provide everything needed retrieve the secret.
func NewKeyProvider ¶
func NewKeyProvider(key interface{}) SecretProvider
NewKeyProvider provide a simple passphrase key provider.
type SecretProviderFunc ¶
SecretProviderFunc simple wrappers to provide secret with functions.
func (SecretProviderFunc) GetSecret ¶
func (f SecretProviderFunc) GetSecret(bearer string) (interface{}, error)
GetSecret implements the SecretProvider interface.