jwt

package

v0.0.0-...-57c6170 Latest Latest Go to latest Published: Mar 1, 2023 License: Apache-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/merembablas/aries-framework-go

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func IsJWS(s string) bool
func IsJWTUnsecured(s string) bool
func PayloadToMap(i interface{}) (map[string]interface{}, error)
func UnsecuredJWTVerifier() jose.SignatureVerifier
func VerifyEdDSA(pubKey *verifier.PublicKey, message, signature []byte) error
func VerifyRS256(pubKey *verifier.PublicKey, message, signature []byte) error
type BasicVerifier
- func GetVerifier(publicKey *verifier.PublicKey) (*BasicVerifier, error)
- func NewVerifier(resolver KeyResolver) *BasicVerifier
- func (v BasicVerifier) Verify(joseHeaders jose.Headers, payload, signingInput, signature []byte) error
type Claims
type JSONWebToken
- func NewSigned(claims interface{}, headers jose.Headers, signer jose.Signer) (*JSONWebToken, error)
- func NewUnsecured(claims interface{}, headers jose.Headers) (*JSONWebToken, error)
- func Parse(jwtSerialized string, opts ...ParseOpt) (*JSONWebToken, error)
- func (j *JSONWebToken) DecodeClaims(c interface{}) error
- func (j *JSONWebToken) LookupStringHeader(name string) string
- func (j *JSONWebToken) Serialize(detached bool) (string, error)
type JoseED25519Signer
- func NewEd25519Signer(privKey []byte) *JoseED25519Signer
- func (s JoseED25519Signer) Headers() jose.Headers
- func (s JoseED25519Signer) Sign(data []byte) ([]byte, error)
type JoseEd25519Verifier
- func NewEd25519Verifier(pubKey []byte) (*JoseEd25519Verifier, error)
- func (v JoseEd25519Verifier) Verify(joseHeaders jose.Headers, _, signingInput, signature []byte) error
type KeyResolver
type KeyResolverFunc
- func (k KeyResolverFunc) Resolve(what, kid string) (*verifier.PublicKey, error)
type ParseOpt
- func WithJWTDetachedPayload(payload []byte) ParseOpt
- func WithSignatureVerifier(signatureVerifier jose.SignatureVerifier) ParseOpt
type RS256Signer
- func NewRS256Signer(privKey *rsa.PrivateKey, headers map[string]interface{}) *RS256Signer
- func (s RS256Signer) Headers() jose.Headers
- func (s RS256Signer) Sign(data []byte) ([]byte, error)
type RS256Verifier
- func NewRS256Verifier(pubKey *rsa.PublicKey) *RS256Verifier
- func (v RS256Verifier) Verify(joseHeaders jose.Headers, _, signingInput, signature []byte) error

Constants ¶

View Source

const (
	// TypeJWT defines JWT type.
	TypeJWT = "JWT"

	// AlgorithmNone used to indicate unsecured JWT.
	AlgorithmNone = "none"
)

Variables ¶

This section is empty.

Functions ¶

func IsJWS ¶

func IsJWS(s string) bool

IsJWS checks if JWT is a JWS of valid structure.

func IsJWTUnsecured ¶

func IsJWTUnsecured(s string) bool

IsJWTUnsecured checks if JWT is an unsecured JWT of valid structure.

func PayloadToMap ¶

func PayloadToMap(i interface{}) (map[string]interface{}, error)

PayloadToMap transforms interface to map.

func UnsecuredJWTVerifier ¶

func UnsecuredJWTVerifier() jose.SignatureVerifier

UnsecuredJWTVerifier provides verifier for unsecured JWT.

func VerifyEdDSA ¶

func VerifyEdDSA(pubKey *verifier.PublicKey, message, signature []byte) error

VerifyEdDSA verifies EdDSA signature.

func VerifyRS256 ¶

func VerifyRS256(pubKey *verifier.PublicKey, message, signature []byte) error

VerifyRS256 verifies RS256 signature.

Types ¶

type BasicVerifier ¶

type BasicVerifier struct {
	// contains filtered or unexported fields
}

BasicVerifier defines basic Signed JWT verifier based on Issuer Claim and Key ID JOSE Header.

func GetVerifier ¶

func GetVerifier(publicKey *verifier.PublicKey) (*BasicVerifier, error)

GetVerifier returns new BasicVerifier based on *verifier.PublicKey.

func NewVerifier ¶

func NewVerifier(resolver KeyResolver) *BasicVerifier

NewVerifier creates a new basic Verifier.

func (BasicVerifier) Verify ¶

func (v BasicVerifier) Verify(joseHeaders jose.Headers, payload, signingInput, signature []byte) error

Verify verifies JSON Web Token. Public key is fetched using Issuer Claim and Key ID JOSE Header.

type Claims ¶

type Claims jwt.Claims

Claims defines JSON Web Token Claims (https://tools.ietf.org/html/rfc7519#section-4)

type JSONWebToken ¶

type JSONWebToken struct {
	Headers jose.Headers

	Payload map[string]interface{}
	// contains filtered or unexported fields
}

JSONWebToken defines JSON Web Token (https://tools.ietf.org/html/rfc7519)

func NewSigned ¶

func NewSigned(claims interface{}, headers jose.Headers, signer jose.Signer) (*JSONWebToken, error)

NewSigned creates new signed JSON Web Token based on input claims.

func NewUnsecured ¶

func NewUnsecured(claims interface{}, headers jose.Headers) (*JSONWebToken, error)

NewUnsecured creates new unsecured JSON Web Token based on input claims.

func Parse ¶

func Parse(jwtSerialized string, opts ...ParseOpt) (*JSONWebToken, error)

Parse parses input JWT in serialized form into JSON Web Token. Currently JWS and unsecured JWT is supported.

func (*JSONWebToken) DecodeClaims ¶

func (j *JSONWebToken) DecodeClaims(c interface{}) error

DecodeClaims fills input c with claims of a token.

func (*JSONWebToken) LookupStringHeader ¶

func (j *JSONWebToken) LookupStringHeader(name string) string

LookupStringHeader makes look up of particular header with string value.

func (*JSONWebToken) Serialize ¶

func (j *JSONWebToken) Serialize(detached bool) (string, error)

Serialize makes (compact) serialization of token.

type JoseED25519Signer ¶

type JoseED25519Signer struct {
	// contains filtered or unexported fields
}

JoseED25519Signer is a Jose compliant signer.

func NewEd25519Signer ¶

func NewEd25519Signer(privKey []byte) *JoseED25519Signer

NewEd25519Signer returns a Jose compliant signer that can be passed as a signer to jwt.NewSigned().

func (JoseED25519Signer) Headers ¶

func (s JoseED25519Signer) Headers() jose.Headers

Headers returns the signer's headers map.

func (JoseED25519Signer) Sign ¶

func (s JoseED25519Signer) Sign(data []byte) ([]byte, error)

Sign data.

type JoseEd25519Verifier ¶

type JoseEd25519Verifier struct {
	// contains filtered or unexported fields
}

JoseEd25519Verifier is a Jose compliant verifier.

func NewEd25519Verifier ¶

func NewEd25519Verifier(pubKey []byte) (*JoseEd25519Verifier, error)

NewEd25519Verifier returns a Jose compliant verifier that can be passed as a verifier option to jwt.Parse().

func (JoseEd25519Verifier) Verify ¶

func (v JoseEd25519Verifier) Verify(joseHeaders jose.Headers, _, signingInput, signature []byte) error

Verify signingInput against signature. it validates that joseHeaders contains EdDSA alg for this implementation.

type KeyResolver ¶

type KeyResolver interface {

	// Resolve resolves public key.
	Resolve(what, kid string) (*verifier.PublicKey, error)
}

KeyResolver resolves public key based on what and kid.

type KeyResolverFunc ¶

type KeyResolverFunc func(what, kid string) (*verifier.PublicKey, error)

KeyResolverFunc defines function.

func (KeyResolverFunc) Resolve ¶

func (k KeyResolverFunc) Resolve(what, kid string) (*verifier.PublicKey, error)

Resolve resolves public key.

type ParseOpt ¶

type ParseOpt func(opts *parseOpts)

ParseOpt is the JWT Parser option.

func WithJWTDetachedPayload ¶

func WithJWTDetachedPayload(payload []byte) ParseOpt

WithJWTDetachedPayload option is for definition of JWT detached payload.

func WithSignatureVerifier ¶

func WithSignatureVerifier(signatureVerifier jose.SignatureVerifier) ParseOpt

WithSignatureVerifier option is for definition of JWT detached payload.

type RS256Signer ¶

type RS256Signer struct {
	// contains filtered or unexported fields
}

RS256Signer is a Jose complient signer.

func NewRS256Signer ¶

func NewRS256Signer(privKey *rsa.PrivateKey, headers map[string]interface{}) *RS256Signer

NewRS256Signer returns a Jose compliant signer that can be passed as a signer to jwt.NewSigned().

func (RS256Signer) Headers ¶

func (s RS256Signer) Headers() jose.Headers

Headers returns the signer's headers map.

func (RS256Signer) Sign ¶

func (s RS256Signer) Sign(data []byte) ([]byte, error)

Sign data.

type RS256Verifier ¶

type RS256Verifier struct {
	// contains filtered or unexported fields
}

RS256Verifier is a Jose compliant verifier.

func NewRS256Verifier ¶

func NewRS256Verifier(pubKey *rsa.PublicKey) *RS256Verifier

NewRS256Verifier returns a Jose compliant verifier that can be passed as a verifier option to jwt.Parse().

func (RS256Verifier) Verify ¶

func (v RS256Verifier) Verify(joseHeaders jose.Headers, _, signingInput, signature []byte) error

Verify signingInput against the signature. It also validates that joseHeaders includes the right alg.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL