trireme-lib: go.aporeto.io/trireme-lib/controller/pkg/usertokens/pkitokens Index | Files

package pkitokens

import "go.aporeto.io/trireme-lib/controller/pkg/usertokens/pkitokens"

Index

Package Files

jwt.go publickeys.go

type PKIJWTVerifier Uses

type PKIJWTVerifier struct {
    JWTCertPEM []byte

    RedirectURL string
    // contains filtered or unexported fields
}

PKIJWTVerifier is a generic JWT PKI verifier. It assumes that the tokens have been signed by a private key, and it validates them with the provide public key. This is a simple and stateless verifier that doesn't depend on central server for validating the tokens. The public key is provided out-of-band.

func NewVerifier Uses

func NewVerifier(v *PKIJWTVerifier) (*PKIJWTVerifier, error)

NewVerifier creates a new verifier from the provided configuration.

func NewVerifierFromFile Uses

func NewVerifierFromFile(jwtcertPath string, redirectURI string, redirectOnFail, redirectOnNoToken bool) (*PKIJWTVerifier, error)

NewVerifierFromFile assumes that the input is provided as file path.

func NewVerifierFromPEM Uses

func NewVerifierFromPEM(jwtCertPEM []byte, redirectURI string, redirectOnFail, redirectOnNoToken bool) (*PKIJWTVerifier, error)

NewVerifierFromPEM assumes that the input is a PEM byte array.

func (*PKIJWTVerifier) Callback Uses

func (j *PKIJWTVerifier) Callback(ctx context.Context, u *url.URL) (string, string, int, error)

Callback is called by an IDP. Not implemented here. No central authorizer for the tokens.

func (*PKIJWTVerifier) IssueRedirect Uses

func (j *PKIJWTVerifier) IssueRedirect(originURL string) string

IssueRedirect issues a redirect. Not implemented. There is no need for a redirect.

func (*PKIJWTVerifier) Validate Uses

func (j *PKIJWTVerifier) Validate(ctx context.Context, tokenString string) ([]string, bool, string, error)

Validate parses a generic JWT token and flattens the claims in a normalized form. It assumes that any of the JWT signing certs or public keys will validate the token.

func (*PKIJWTVerifier) VerifierType Uses

func (j *PKIJWTVerifier) VerifierType() common.JWTType

VerifierType returns the type of the verifier.

Package pkitokens imports 11 packages (graph) and is imported by 4 packages. Updated 2019-08-31. Refresh now. Tools for package owners.