Documentation ¶
Index ¶
- Constants
- func CheckHeaders(headers map[string]interface{}) error
- func CheckProof(jwtSerialized string, proofChecker ProofChecker, expectedProofIssuer *string, ...) error
- func IsJWS(s string) bool
- func IsJWTUnsecured(s string) bool
- func PayloadToMap(i interface{}) (map[string]interface{}, error)
- type Claims
- type JSONWebToken
- func NewJoseSigned(claims interface{}, headers jose.Headers, signer jose.Signer) (*JSONWebToken, error)
- func NewSigned(claims interface{}, signParams SignParameters, signer ProofCreator) (*JSONWebToken, error)
- func NewUnsecured(claims interface{}) (*JSONWebToken, error)
- func Parse(jwtSerialized string, opts ...ParseOpt) (*JSONWebToken, []byte, error)
- func ParseAndCheckProof(jwtSerialized string, proofChecker ProofChecker, checkIssuer bool, ...) (*JSONWebToken, []byte, error)
- type JoseSigner
- type ParseOpt
- type ProofChecker
- type ProofCreator
- type SignParameters
Constants ¶
const ( // TypeJWT defines JWT type. TypeJWT = "JWT" // TypeSDJWT defines SD-JWT type v5+. TypeSDJWT = "SD-JWT" // AlgorithmNone used to indicate unsecured JWT. AlgorithmNone = "none" )
Variables ¶
This section is empty.
Functions ¶
func CheckHeaders ¶ added in v1.1.0
CheckHeaders checks jwt headers.
func CheckProof ¶ added in v1.1.0
func CheckProof(jwtSerialized string, proofChecker ProofChecker, expectedProofIssuer *string, detachedPayload []byte) error
CheckProof checks that jwt have correct signature.
func IsJWTUnsecured ¶
IsJWTUnsecured checks if JWT is an unsecured JWT of valid structure.
func PayloadToMap ¶
PayloadToMap transforms interface to map.
Types ¶
type Claims ¶
Claims defines JSON Web Token Claims (https://tools.ietf.org/html/rfc7519#section-4)
type JSONWebToken ¶
type JSONWebToken struct { Headers jose.Headers Payload map[string]interface{} // contains filtered or unexported fields }
JSONWebToken defines JSON Web Token (https://tools.ietf.org/html/rfc7519)
func NewJoseSigned ¶ added in v1.1.0
func NewJoseSigned(claims interface{}, headers jose.Headers, signer jose.Signer) (*JSONWebToken, error)
NewJoseSigned creates new signed JSON Web Token based on input claims.
func NewSigned ¶
func NewSigned(claims interface{}, signParams SignParameters, signer ProofCreator) (*JSONWebToken, error)
NewSigned creates new signed JSON Web Token based on input claims.
func NewUnsecured ¶
func NewUnsecured(claims interface{}) (*JSONWebToken, error)
NewUnsecured creates new unsecured JSON Web Token based on input claims.
func Parse ¶
func Parse(jwtSerialized string, opts ...ParseOpt) (*JSONWebToken, []byte, error)
Parse parses input JWT in serialized form into JSON Web Token.
func ParseAndCheckProof ¶ added in v1.1.0
func ParseAndCheckProof(jwtSerialized string, proofChecker ProofChecker, checkIssuer bool, opts ...ParseOpt) (*JSONWebToken, []byte, error)
ParseAndCheckProof parses input JWT in serialized form into JSON Web Token and check signature proof. if checkIssuer set to true, will check if issuer set by "iss" own key set by "kid" header.
func (*JSONWebToken) DecodeClaims ¶
func (j *JSONWebToken) DecodeClaims(c interface{}) error
DecodeClaims fills input c with claims of a token.
func (*JSONWebToken) LookupStringHeader ¶
func (j *JSONWebToken) LookupStringHeader(name string) string
LookupStringHeader makes look up of particular header with string value.
type JoseSigner ¶ added in v1.1.0
type JoseSigner struct {
// contains filtered or unexported fields
}
JoseSigner implement jose.proofCreator interface.
func NewJOSESigner ¶ added in v1.1.0
func NewJOSESigner(params SignParameters, signer ProofCreator) (*JoseSigner, error)
NewJOSESigner wraps ProofCreator into jose signer.
func (JoseSigner) Headers ¶ added in v1.1.0
func (s JoseSigner) Headers() jose.Headers
Headers returns headers.
type ParseOpt ¶
type ParseOpt func(opts *parseOpts)
ParseOpt is the JWT Parser option.
func DecodeClaimsTo ¶ added in v1.1.0
func DecodeClaimsTo(decodeDestination interface{}) ParseOpt
DecodeClaimsTo if set claims will be decoded into object pointed by decodeDestination argument.
func WithIgnoreClaimsMapDecoding ¶
WithIgnoreClaimsMapDecoding option is for ignore decoding claims into .Payload map[string]interface. Decoding to map[string]interface is pretty expensive, so this option can be used for performance critical operations.
func WithJWTDetachedPayload ¶
WithJWTDetachedPayload option is for definition of JWT detached payload.
type ProofChecker ¶ added in v1.1.0
type ProofChecker interface { // CheckJWTProof check jwt proof. CheckJWTProof(headers jose.Headers, expectedProofIssuer string, msg, signature []byte) error }
ProofChecker used to check proof of jwt vc.
type ProofCreator ¶ added in v1.1.0
type ProofCreator interface { SignJWT(params SignParameters, data []byte) ([]byte, error) CreateJWTHeaders(params SignParameters) (jose.Headers, error) }
ProofCreator defines signer interface which is used to sign VC JWT.