ed25519url

package

v0.0.0-...-405e369 Latest Latest Go to latest Published: Jun 4, 2023 License: MIT Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/lusis/prototokens

Links

Open Source Insights

Documentation ¶

Overview ¶

Package ed25519url implements prototokens.TokenManager via ed25519 signatures and url-safe encoded strings

Index ¶

type KeyDataFunc
type Manager
- func New(keyDataFunc KeyDataFunc) (*Manager, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type KeyDataFunc ¶

type KeyDataFunc func(context.Context) []byte

KeyDataFunc is a func that can return the seed passed to ed25519.NewFromSeed and optional error

type Manager ¶

type Manager struct {
	*prototokens.UnimplementedTokenManager
	// contains filtered or unexported fields
}

Manager is an implementation of prototokens.TokenManager that: - signs tokens with ed25519 with [keyDataFunc] returning the seed that will be passed to ed25519.NewFromSeed - encodes/decodes with base64.RawURLEncoding.EncodeToString

func New ¶

func New(keyDataFunc KeyDataFunc) (*Manager, error)

New returns a new [sharedkey.Manager]

func (*Manager) Decode ¶

func (skm *Manager) Decode(ctx context.Context, s string) (*tokenpb.SignedToken, error)

Decode decodes a signed token from a url-safe string representation

func (*Manager) Encode ¶

func (skm *Manager) Encode(ctx context.Context, st *tokenpb.SignedToken) (string, error)

Encode encodes a signed token as a url-safe string

func (*Manager) GetValidatedToken ¶

func (skm *Manager) GetValidatedToken(ctx context.Context, token *tokenpb.SignedToken) (*tokenpb.ProtoToken, error)

GetValidatedToken turns a tokenpb.SignedToken into a tokenpb.ProtoToken after validation

func (*Manager) Sign ¶

func (skm *Manager) Sign(ctx context.Context, pt *tokenpb.ProtoToken) (*tokenpb.SignedToken, error)

Sign signs the token

func (*Manager) ValidFor ¶

func (skm *Manager) ValidFor(ctx context.Context, st *tokenpb.SignedToken, usage tokenpb.TokenUsages) error

ValidFor checks if a token is valid for a specific usage

func (*Manager) Validate ¶

func (skm *Manager) Validate(ctx context.Context, st *tokenpb.SignedToken) error

Validate checks if the token is valid we do the validation in layers based on how expensive it is to validate - unmarshal the token bytes. we need to do that for the later checks. failure means its not valid - validate the signature to ensure the message hasn't been tampered with - check timestamps in the token now that we know we can trust it

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL