jwt

package module
v0.1.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 23, 2020 License: MIT Imports: 12 Imported by: 0

README

jwt

Package jwt is a partial but production-ready implementation of RFC-7519.

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ErrImmutable = errors.New("the operation cannot complete as the token is immutable")

ErrImmutable is returned when an operation cannot be completed due to the token being signed.

View Source 
var ErrInvalidTokenStructure = errors.New("the provided token is invalid")

ErrInvalidTokenStructure is returned when the provided token has an invalid structure and is not semantically a JWT.

Functions

This section is empty.

Types

type Algorithm 

type Algorithm string

Algorithm is an alias for string that defines the set of supported JWT signature types. 

const (
	None  Algorithm = "None"
	RS256 Algorithm = "RS256"
	ES256 Algorithm = "ES256"
	EdDSA Algorithm = "EdDSA"
)

The supported signature types.

type Body 

type Body map[string]interface{}

Body represents the main structure of the token for scopes and claims.

type ES256Signer 

type ES256Signer struct {
	// contains filtered or unexported fields
}

ES256Signer signs JWT tokens using the ES256 algorithm.

func NewES256Signer 

func NewES256Signer(privateKey *ecdsa.PrivateKey) *ES256Signer

NewES256Signer creates a new ES256Signer with the provided ECDSA Private Key.

func (*ES256Signer) Algorithm 

func (s *ES256Signer) Algorithm() Algorithm

Algorithm returns ES256.

func (*ES256Signer) Sign 

func (s *ES256Signer) Sign(b64HeaderAndBody string) ([]byte, error)

Sign signs the provided serialized header and body.

type ES256Verifier 

type ES256Verifier struct {
	// contains filtered or unexported fields
}

ES256Verifier verifies JWT tokens using the ES256 algorithm.

func NewES256Verifier 

func NewES256Verifier(publicKey *ecdsa.PublicKey) *ES256Verifier

NewES256Verifier creates a new ES256Verifier with the provided ECDSA Public Key.

func (*ES256Verifier) Verify 

func (v *ES256Verifier) Verify(b64HeaderAndBody string, signature []byte) bool

Verify verifies the provided serialized header and body against the provided signature.

type EdDSASigner 

type EdDSASigner struct {
	// contains filtered or unexported fields
}

EdDSASigner signs JWT tokens using the EdDSA algorithm.

func NewEdDSASigner 

func NewEdDSASigner(privateKey ed25519.PrivateKey) *EdDSASigner

NewEdDSASigner creates a new EdDSASigner with the provided Ed25519 Private Key.

func (*EdDSASigner) Algorithm 

func (s *EdDSASigner) Algorithm() Algorithm

Algorithm returns EdDSA.

func (*EdDSASigner) Sign 

func (s *EdDSASigner) Sign(b64HeaderAndBody string) ([]byte, error)

Sign signs the provided serialized header and body.

type EdDSAVerifier 

type EdDSAVerifier struct {
	// contains filtered or unexported fields
}

EdDSAVerifier verifies JWT tokens using the EdDSA algorithm.

func NewEdDSAVerifier 

func NewEdDSAVerifier(publicKey ed25519.PublicKey) *EdDSAVerifier

NewEdDSAVerifier creates a new EdDSAVerifier with the provided Ed25519 Public Key.

func (*EdDSAVerifier) Verify 

func (v *EdDSAVerifier) Verify(b64HeaderAndBody string, signature []byte) bool

Verify verifies the provided serialized header and body against the provided signature. 

type Header struct {
	Algorithm Algorithm `json:"alg"`
	KeyID     string    `json:"kid,omitempty"`
	Type      string    `json:"typ"`
}

Header represents a JWT header.

func NewHeader 

func NewHeader() Header

NewHeader creates a new Header.

type RS256Signer 

type RS256Signer struct {
	// contains filtered or unexported fields
}

RS256Signer signs JWT tokens using the RS256 algorithm.

func NewRS256Signer 

func NewRS256Signer(privateKey *rsa.PrivateKey) *RS256Signer

NewRS256Signer creates a new RS256Signer with the provided RSA Private Key.

func (*RS256Signer) Algorithm 

func (s *RS256Signer) Algorithm() Algorithm

Algorithm returns RS256.

func (*RS256Signer) Sign 

func (s *RS256Signer) Sign(b64HeaderAndBody string) ([]byte, error)

Sign signs the provided serialized header and body.

type RS256Verifier 

type RS256Verifier struct {
	// contains filtered or unexported fields
}

RS256Verifier verifies JWT tokens using the RS256 algorithm.

func NewRS256Verifier 

func NewRS256Verifier(publicKey *rsa.PublicKey) *RS256Verifier

NewRS256Verifier creates a new RS256Verifier with the provided RSA Public Key.

func (*RS256Verifier) Verify 

func (v *RS256Verifier) Verify(b64HeaderAndBody string, signature []byte) bool

Verify verifies the provided serialized header and body against the provided signature.

type Signer 

type Signer interface {
	Algorithm() Algorithm
	Sign(b64HeaderAndBody string) ([]byte, error)
}

Signer defines the methods that any JWT signer must implement.

type Token 

type Token struct {
	Header    Header
	Body      Body
	Signature []byte
}

Token represents a (potentially signed) JWT token.

func NewToken 

func NewToken() *Token

NewToken creates a new, empty, unsigned JWT.

func Parse 

func Parse(tokenString string) (*Token, error)

Parse parses the provided string token.

func (*Token) AddClaim 

func (t *Token) AddClaim(name string, value interface{})

AddClaim adds a claim to the token.

func (*Token) AddScope 

func (t *Token) AddScope(scope string)

AddScope adds a scope to the token. This operation is a no-op if the token is signed.

func (*Token) GetClaim 

func (t *Token) GetClaim(name string) (interface{}, bool)

GetClaim gets the value of a claim, if present.

func (*Token) GetStringClaim 

func (t *Token) GetStringClaim(name string) (string, bool)

GetStringClaim gets the string value of a claim, if present.

func (*Token) HasScope 

func (t *Token) HasScope(scope string) bool

HasScope returns true if the token has the provided scope.

func (*Token) IsSigned 

func (t *Token) IsSigned() bool

IsSigned returns true when the token has a signature present. This method does not state anything about the validity of an attached signature.

func (*Token) RemoveClaim 

func (t *Token) RemoveClaim(name string)

RemoveClaim removes a claim from the token.

func (*Token) RemoveScope 

func (t *Token) RemoveScope(scope string)

RemoveScope removes a scope from the token. This operation is a no-op if the token is signed.

func (*Token) Serialize 

func (t *Token) Serialize() (string, error)

Serialize serializes the token to its string form.

func (*Token) Sign 

func (t *Token) Sign(signer Signer) error

Sign signs the token with the provided Signer.

func (*Token) Verify 

func (t *Token) Verify(verifier Verifier) bool

Verify verifies the signature on the token, if present, using the provided verifier.

type Verifier 

type Verifier interface {
	Verify(b64HeaderAndBody string, signature []byte) bool
}

Verifier defines the methods that any JWT signature verifier must implement.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.