jwt

package

v1.1.2 Latest Latest Go to latest Published: Dec 20, 2023 License: MIT Imports: 3 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/tierklinik-dobersberg/cis-idm

Documentation ¶

Overview ¶

Package jwt provides JWT token signing.

Index ¶

Constants
func SignToken(method string, secret []byte, claims Claims) (string, error)
type AppMetadata
type Authorization
type Claims
- func ParseAndVerify(secret []byte, token string) (*Claims, error)
- func (u *Claims) Sign(method string, secret []byte) (string, error)
- func (u Claims) Valid() error
type Scope

Constants ¶

View Source

const (
	// ScopeAccess is a full access token.
	ScopeAccess = "access"

	// ScopeRefresh is required to receive a new access token.
	ScopeRefresh = "refresh"

	// Scope2FAPending is used for JWTs that are issued during the login
	// process when the second authentication factor is still pending.
	Scope2FAPending = "2fa-pending"
)

Variables ¶

This section is empty.

Functions ¶

func SignToken ¶

func SignToken(method string, secret []byte, claims Claims) (string, error)

SignToken returns a signed JWT token.

Types ¶

type AppMetadata ¶

type AppMetadata struct {
	TokenVersion  string         `json:"token_version" xml:"token_version" yaml:"token_version"`
	ParentTokenID string         `json:"parent_token" xml:"parent_token" yaml:"parent_token"`
	Authorization *Authorization `json:"authorization,omitempty" xml:"authorization" yaml:"authorization,omitempty"`
	LoginKind     string         `json:"loginKind,omitempty"`
}

AppMetadata defines app specific metadata attached to JWT tokens issued by cisd.

type Authorization ¶

type Authorization struct {
	Roles []string `json:"roles,omitempty" xml:"roles" yaml:"roles,omitempty"`
}

Authorization contains app related authorization and permission settings.

type Claims ¶

type Claims struct {
	Audience    string       `json:"aud,omitempty" xml:"aud" yaml:"aud,omitempty"`
	ExpiresAt   int64        `json:"exp,omitempty" xml:"exp" yaml:"exp,omitempty"`
	ID          string       `json:"jti,omitempty" xml:"jti" yaml:"jti,omitempty"`
	IssuedAt    int64        `json:"iat,omitempty" xml:"iat" yaml:"iat,omitempty"`
	Issuer      string       `json:"iss,omitempty" xml:"iss" yaml:"iss,omitempty"`
	NotBefore   int64        `json:"nbf,omitempty" xml:"nbf" yaml:"nbf,omitempty"`
	Subject     string       `json:"sub,omitempty" xml:"sub" yaml:"sub,omitempty"`
	Name        string       `json:"name,omitempty" xml:"name" yaml:"name,omitempty"`
	DisplayName string       `json:"displayName,omitempty" xml:"displayName" yaml:"displayName"`
	Scopes      []Scope      `json:"scopes,omitempty" xml:"scopes" yaml:"scopes,omitempty"`
	Email       string       `json:"email,omitempty" xml:"email" yaml:"email,omitempty"`
	AppMetadata *AppMetadata `json:"app_metadata,omitempty" xml:"app_metadata" yaml:"app_metadata,omitempty"`
}

Claims represents the claims added to a JWT token issued by cisd.

func ParseAndVerify ¶

func ParseAndVerify(secret []byte, token string) (*Claims, error)

ParseAndVerify parses the JWT token and verifies it's signature.

func (*Claims) Sign ¶

func (u *Claims) Sign(method string, secret []byte) (string, error)

Sign returns a signed JWT token from u.

func (Claims) Valid ¶

func (u Claims) Valid() error

Valid returns true if the token is valid and can be used. It checks if the token has been expired or may not yet be used.

type Scope ¶

type Scope string

Scope defines the scope of a JWT token.

Source Files ¶

View all Source files

token.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL