PKIJWTVerifier is a generic JWT PKI verifier. It assumes that the tokens have been signed by a private key, and it validates them with the provide public key. This is a simple and stateless verifier that doesn't depend on central server for validating the tokens. The public key is provided out-of-band.
NewVerifier creates a new verifier from the provided configuration.
func NewVerifierFromFile(jwtcertPath string, redirectURI string, redirectOnFail, redirectOnNoToken bool) (*PKIJWTVerifier, error)
NewVerifierFromFile assumes that the input is provided as file path.
func NewVerifierFromPEM(jwtCertPEM byte, redirectURI string, redirectOnFail, redirectOnNoToken bool) (*PKIJWTVerifier, error)
NewVerifierFromPEM assumes that the input is a PEM byte array.
Callback is called by an IDP. Not implemented here. No central authorizer for the tokens.
IssueRedirect issues a redirect. Not implemented. There is no need for a redirect.
Validate parses a generic JWT token and flattens the claims in a normalized form. It assumes that any of the JWT signing certs or public keys will validate the token.
VerifierType returns the type of the verifier.