oauth2

package

v0.1.3 Latest Latest Go to latest Published: Sep 1, 2023 License: MIT Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/scorpio-id/oauth

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func NewJSONWebKeySet(public rsa.PublicKey, kid string) jose.JSONWebKeySet
func NewSigner(private *rsa.PrivateKey, kid string) (jose.Signer, error)
func Verify(token string, issuers []string, client http.Client) (*jwt.Claims, error)
type AccessToken
type SimpleIssuer
- func NewSimpleIssuer(private *rsa.PrivateKey, name string, audience string, start time.Time, ...) SimpleIssuer
- func (s *SimpleIssuer) IssueAccessToken(subject string, audience string) (*AccessToken, error)
- func (s *SimpleIssuer) JWKSHandler(w http.ResponseWriter, r *http.Request)

Constants ¶

View Source

const (
	RS256 = "RS256"
	SIG   = "sig"
)

View Source

const (
	JWT    = "JWT"
	KID    = "kid"
	BEARER = "bearer"
)

Variables ¶

This section is empty.

Functions ¶

func NewJSONWebKeySet ¶

func NewJSONWebKeySet(public rsa.PublicKey, kid string) jose.JSONWebKeySet

NewJSONWebKeySet provides a single-key set with a kid value

func NewSigner ¶

func NewSigner(private *rsa.PrivateKey, kid string) (jose.Signer, error)

func Verify ¶

func Verify(token string, issuers []string, client http.Client) (*jwt.Claims, error)

Verify is used by resource servers to validate a jwt by retrieving a jwks from the 'iss' claim. the provided issuer string is considered a trusted issuer which we expect to see the client is any preferred http client

Types ¶

type AccessToken ¶

type AccessToken struct {
	JWT       string `json:"access_token"`
	TokenType string `json:"token_type"`
	Expiry    int64  `json:"expires_in"`
}

type SimpleIssuer ¶

type SimpleIssuer struct {
	Name      string
	Audience  string
	Signer    jose.Signer
	Keys      jose.JSONWebKeySet
	NotBefore time.Time
	TokenTTL  time.Duration
}

func NewSimpleIssuer ¶

func NewSimpleIssuer(private *rsa.PrivateKey, name string, audience string, start time.Time, ttl time.Duration) SimpleIssuer

NewSimpleIssuer a jwt signer and matching jwks given a rsa key pair, iss name, aud name, start time, and jwt ttl

func (*SimpleIssuer) IssueAccessToken ¶

func (s *SimpleIssuer) IssueAccessToken(subject string, audience string) (*AccessToken, error)

IssueAccessToken creates a signed jwt given a subject and audience for 'sub' and 'aud' claims

func (*SimpleIssuer) JWKSHandler ¶

func (s *SimpleIssuer) JWKSHandler(w http.ResponseWriter, r *http.Request)

JWKSHandler a matching HTTP endpoint for hosting jwks

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL