Documentation
¶
Overview ¶
Package tokenkit implements flexible jkws handling and jwt creation,signing, and validation.
Index ¶
- Constants
- Variables
- func GenerateJWKSSigningKey(keyAlgo SignatureAlgorithm, bitSize int) (public []byte, private []byte, err error)
- func WithAudiences(audiences []string) func(*tokenKitOption)
- func WithExpectedAudiences(expectedAudiences []string) func(*tokenKitOption)
- func WithExpiresAfterMod(expiresAfterMod time.Duration) func(*tokenKitOption)
- func WithIssuedAt(issuedAtMod time.Duration) func(*tokenKitOption)
- func WithIssuer(issuer string) func(*tokenKitOption)
- func WithKeyID(keyID string) func(*tokenKitOption)
- func WithNotBeforeMod(notBeforeMod time.Duration) func(*tokenKitOption)
- func WithSignatureAlgo(signatureAlgo SignatureAlgorithm) func(*tokenKitOption)
- type Option
- type SignatureAlgorithm
- type TokenKit
- func (tk *TokenKit) Sign(subject string, extraClaims any) (token string, err error)
- func (tk *TokenKit) SignToken(subject string, extraClaims any, t time.Time) (token string, expires time.Time, err error)
- func (tk *TokenKit) Verify(token string, obj any) error
- func (tk *TokenKit) VerifyWithExpires(token string, obj any) (time.Time, error)
Constants ¶
View Source
const ( EdDSA = SignatureAlgorithm("EdDSA") HS384 = SignatureAlgorithm("HS384") // HMAC using SHA-384 HS512 = SignatureAlgorithm("HS512") // HMAC using SHA-512 )
Variables ¶
View Source
var ( ErrPrivateKeyNotFound = errors.New("private key not found") // Private key was not found in JWKS. ErrPrivateKeyInvalid = errors.New("private key is invalid") // The expected key was not private or malformed. ErrPublicKeyNotFound = errors.New("public key not found") // Public key was not found in JWKS. )
Functions ¶
func GenerateJWKSSigningKey ¶ added in v0.0.2
func GenerateJWKSSigningKey(keyAlgo SignatureAlgorithm, bitSize int) (public []byte, private []byte, err error)
GenerateJWKSSigningKey is used for testing purposes to generate a quick key for JWT signatures and validation.
func WithAudiences ¶
func WithAudiences(audiences []string) func(*tokenKitOption)
func WithExpectedAudiences ¶
func WithExpectedAudiences(expectedAudiences []string) func(*tokenKitOption)
func WithExpiresAfterMod ¶
func WithIssuedAt ¶
func WithIssuer ¶
func WithIssuer(issuer string) func(*tokenKitOption)
func WithNotBeforeMod ¶
func WithSignatureAlgo ¶
func WithSignatureAlgo(signatureAlgo SignatureAlgorithm) func(*tokenKitOption)
Types ¶
type SignatureAlgorithm ¶ added in v0.0.2
type SignatureAlgorithm string
SignatureAlgorithm represents a signature algorithm.
type TokenKit ¶
type TokenKit struct {
// contains filtered or unexported fields
}
TokenKit represents a configured manager of token configuration and state.
func New ¶
New creates and returns a new TokenKit. The key argument must be the private JWKS []byte with public key attached and match the configured key/signature algorithms.
func (*TokenKit) Sign ¶
Sign creates a jwt for subject, and adds extraClaims. The signed JWT is returned as a serialized string.
func (*TokenKit) SignToken ¶ added in v0.0.3
func (tk *TokenKit) SignToken(subject string, extraClaims any, t time.Time) (token string, expires time.Time, err error)
Sign creates a jwt for subject, and adds extraClaims. The signed JWT is returned as a serialized string along with the expires time.
Source Files
Click to show internal directories.
Click to hide internal directories.