Documentation ¶
Overview ¶
Package token provides support for parsing JSON Web Keys (JWK), creating signed JSON Web Tokens (JWT), and verifying JWT signatures.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ErrDuplicateKeyID = errors.New("Duplicate KeyID found")
ErrDuplicateKeyID is returned when initializing a verifier with multiple keys with the same KeyID. KeyIDs should be unique.
var ErrKeyIDNotFound = errors.New("Key ID not found for given token header")
ErrKeyIDNotFound is returned when trying to verify a token when there are no corresponding key IDs matching the token header.
Functions ¶
func LoadJSONWebKey ¶
func LoadJSONWebKey(json []byte, isPublic bool) (*jose.JSONWebKey, error)
LoadJSONWebKey loads and validates the given JWK.
Types ¶
type Signer ¶
Signer supports operations on a private JWK.
type Verifier ¶
type Verifier struct {
// contains filtered or unexported fields
}
Verifier supports operations on a public JWK.
func NewVerifier ¶
NewVerifier accepts serialized, public JWKs and creates a new Verifier instance. Caller may pass multiple verifier keys to recognize and support key rotation of signer keys, or multiple issuers. When providing multiple keys each must have a distinct "keyid". An error derived from ErrDuplicateKeyID is returned when keys have the same keyid.
func (*Verifier) Claims ¶
Claims extracts the claims from a signed token, but does not validate them against any expected claims. Useful for extracting only the claims object.