Package tokenutils contains various utilities used to interact with Aporeto JWTs.
const AudienceAny = "*"
AudienceAny represents any operation, identity or namespace.
ExtractQuota extracts the eventual quota from a token. Not that the token is not verified in the process, you the verification must be done before trusting the extracted quota value.
SigAlg returns the signature used by the token
Snip snips the given token from the given error.
UnsecureClaimsMap decodes the claims in the given JWT token without verifying its validity. Only use or trust this after proper validation.
Audience represents a parsed audience string.
Verify verifies the audience is valid for the given operation, identity and namespace.
AudiencesList is a list of audiences.
ParseAudience parses the audience string and returns an AudiencesList.
UnsecureAudience extracts the audience list from a token string without verifying its validity. Only use or trust this after proper validation.
Verify verifies at least one audience in the list is valid for the given operation, identity and namespace.