Documentation ¶
Overview ¶
Package jwt provides utility functions for validating JSON Web Tokens (JWT) as defined by Cloud Identity-Aware Proxy (Cloud IAP). This package follows the instructions specified at https://cloud.google.com/iap/docs/signed-headers-howtospecifications
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // PublicKeysURL is the URL from which public keys will be fetched. PublicKeysURL = "https://www.gstatic.com/iap/verify/public_key" // HTTPClient is the default HTTP Client to use for fetching public keys. HTTPClient = &http.Client{Timeout: 10 * time.Second} )
Functions ¶
func DecodePublicKeys ¶
DecodePublicKeys decodes all public keys from the given Reader.
func FetchPublicKeys ¶
FetchPublicKeys downloads and decodes all public keys from Google.
Types ¶
type Audience ¶
Audience must be the base URL from the request including protocol, domain, and port if applicable for the domains you specify in your IAP proxy. For example, https://example.com or https://foo.example.com:port.
func NewAudience ¶
NewAudience returns an Audience from a URL.
func ParseAudience ¶
ParseAudience parses an Audience from a URL string.
type Claims ¶
type Claims struct { jwt.StandardClaims Email string `json:"email,omitempty"` // contains filtered or unexported fields }
Claims represents parsed JWT Token Claims.
func RequestClaims ¶
RequestClaims checks the validity and returns the claims in the request. Claims may be returned even if an error occurs.