Documentation
¶
Index ¶
Constants ¶
const ( // SignatureAlgES is a hardcoded ES256 signature algorithm. // There is a number of options, we are stick to this value. // See https://tools.ietf.org/html/rfc7516 for details. SignatureAlgES = "ES256" // SignatureAlgRS is a hardcoded RS256 signature algorithm. SignatureAlgRS = "RS256" )
Variables ¶
var ( // ErrTokenValidationNoExpiration is when the token does not have an expiration date. ErrTokenValidationNoExpiration = errors.New("Token is invalid, no expire date") // ErrTokenValidationExpired is when the token expiration date has passed ErrTokenValidationExpired = errors.New("Token is invalid, token has expired") // ErrTokenValidationNoIAT is when IAT verification fails. ErrTokenValidationNoIAT = errors.New("Token is invalid, no issued at date") // ErrTokenValidationInvalidIssuer is when the token has invalid issuer. ErrTokenValidationInvalidIssuer = errors.New("Token is invalid, issuer is invalid") // ErrTokenValidationInvalidAudience is when the token has invalid audience. ErrTokenValidationInvalidAudience = errors.New("Token is invalid, audience is invalid") // ErrTokenValidationInvalidSubject is when subject claim is invalid. ErrTokenValidationInvalidSubject = errors.New("Token is invalid, subject is invalid") // ErrorTokenValidationTokenTypeMismatch is when the token has invalid type. ErrorTokenValidationTokenTypeMismatch = errors.New("Token is invalid, type is invalid") // ErrorConfigurationMissingPublicKey is when public key is missing ErrorConfigurationMissingPublicKey = errors.New("Missing public key to decode the token from string") )
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
Audience []string
Issuer []string
UserID []string
TokenType []string
PublicKey interface{}
// PubKeyEnvName environment variable for public key, could be empty if you want to use file insted
PubKeyEnvName string
// PubKeyFileName file path with public key, could be empty if you want to use env variable.
PubKeyFileName string
// PubKeyURL URL for well-known JWKS
PubKeyURL string
// should we always check audience for the token. If yes and audience is empty the validation will fail.
IsAudienceRequired bool
// should we always check iss for the token. If yes and iss is empty the validation will fail.
IsIssuerRequired bool
}
Config is a struct to set all the required params for Validator
type Validator ¶
type Validator interface {
Validate(model.Token) error
ValidateString(string) (model.Token, error)
}
Validator is an abstract token validator.
func NewValidator ¶
NewValidator creates new JWT tokens validator. Arguments: - appID - application ID which have made the request, should be in audience field of JWT token. - issuer - this server name, should be the same as issuer of JWT token. - userID - user who have made the request. If this field is empty, we do not validate it.
func NewValidatorWithConfig ¶
NewValidatorWithConfig creates new JWT tokens validator with public key from config file. Arguments: - appID - application ID which have made the request, should be in audience field of JWT token. - issuer - this server name, should be the same as issuer of JWT token. - userID - user who have made the request. If this field is empty, we do not validate it. - config - public key to parse the token.
Source Files