mjwt

package module
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 9, 2024 License: LGPL-3.0 Imports: 14 Imported by: 17

README

MJWT

A simple wrapper for JWT. Contains an AccessToken and RefreshToken model.

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ErrClaimTypeMismatch = errors.New("claim type mismatch")
View Source 
var ErrKIDInvalid = errors.New("kid invalid")
View Source 
var ErrNoPrivateKeyFound = errors.New("no private key found")
View Source 
var ErrNoPublicKeyFound = errors.New("no public key found")

Functions

func ExportKeyStore added in v0.3.0 

func ExportKeyStore(ks KeyStore, directory, keyPrvExt, keyPubExt string) error

ExportKeyStore saves all the keys stored in the specified KeyStore into a directory with the specified extensions for public and private keys

Types

type BaseTypeClaims 

type BaseTypeClaims[T Claims] struct {
	jwt.RegisteredClaims
	ClaimType string
	Claims    T
}

BaseTypeClaims is a wrapper for combining the jwt.RegisteredClaims with a ClaimType and generic Claims data

func ExtractClaims 

func ExtractClaims[T Claims](p Verifier, token string) (*jwt.Token, BaseTypeClaims[T], error)

ExtractClaims uses a Verifier to validate the MJWT token and returns the parsed token and BaseTypeClaims

func (*BaseTypeClaims[T]) InternalClaimType 

func (b *BaseTypeClaims[T]) InternalClaimType() string

InternalClaimType returns the Type of the generic claim struct

func (*BaseTypeClaims[T]) MarshalJSON 

func (b *BaseTypeClaims[T]) MarshalJSON() ([]byte, error)

MarshalJSON converts the internalBaseTypeClaims and generic claim struct into a serialized JSON byte array

func (*BaseTypeClaims[T]) UnmarshalJSON 

func (b *BaseTypeClaims[T]) UnmarshalJSON(bytes []byte) error

UnmarshalJSON reads the internalBaseTypeClaims and generic claim struct from a serialized JSON byte array

func (*BaseTypeClaims[T]) Valid 

func (b *BaseTypeClaims[T]) Valid() error

Valid checks the InternalClaimType matches and the type claim type

type Claims 

type Claims interface {
	jwt.Claims
	Type() string
}

Claims is a wrapper for jwt.Claims and adds a Type method to name internal claim structs

type KeyStore added in v0.3.0 

type KeyStore interface {
	SetKey(kID string, prvKey *rsa.PrivateKey)
	SetKeyPublic(kID string, pubKey *rsa.PublicKey)
	RemoveKey(kID string)
	ListKeys() []string
	GetKey(kID string) *rsa.PrivateKey
	GetKeyPublic(kID string) *rsa.PublicKey
	ClearKeys()
}

KeyStore is used for the kid header support in Signer and Verifier.

func NewMJwtKeyStore added in v0.3.0 

func NewMJwtKeyStore() KeyStore

NewMJwtKeyStore creates a new defaultMJwtKeyStore.

func NewMJwtKeyStoreFromDirectory added in v0.3.0 

func NewMJwtKeyStoreFromDirectory(directory, keyPrvExt, keyPubExt string) (KeyStore, error)

NewMJwtKeyStoreFromDirectory loads keys from a directory with the specified extensions to denote public and private rsa keys; the kID is the filename of the key up to the first .

type Signer 

type Signer interface {
	Verifier
	GenerateJwt(sub, id string, aud jwt.ClaimStrings, dur time.Duration, claims Claims) (string, error)
	SignJwt(claims jwt.Claims) (string, error)
	GenerateJwtWithKID(sub, id string, aud jwt.ClaimStrings, dur time.Duration, claims Claims, kID string) (string, error)
	SignJwtWithKID(claims jwt.Claims, kID string) (string, error)
	Issuer() string
	PrivateKey() *rsa.PrivateKey
	PrivateKeyOf(kID string) *rsa.PrivateKey
}

Signer is used to generate MJWT tokens. Signer can also be used as a Verifier.

func NewMJwtSigner 

func NewMJwtSigner(issuer string, key *rsa.PrivateKey) Signer

NewMJwtSigner creates a new defaultMJwtSigner using the issuer name and rsa.PrivateKey

func NewMJwtSignerFromDirectory added in v0.3.0 

func NewMJwtSignerFromDirectory(issuer, directory, prvExt, pubExt string) (Signer, error)

NewMJwtSignerFromDirectory creates a new defaultMJwtSigner using the path of a directory to load the keys into a KeyStore; there is no default rsa.PrivateKey

func NewMJwtSignerFromFile 

func NewMJwtSignerFromFile(issuer, file string) (Signer, error)

NewMJwtSignerFromFile creates a new defaultMJwtSigner using the path of a rsa.PrivateKey file.

func NewMJwtSignerFromFileAndDirectory added in v0.3.0 

func NewMJwtSignerFromFileAndDirectory(issuer, file, directory, prvExt, pubExt string) (Signer, error)

NewMJwtSignerFromFileAndDirectory creates a new defaultMJwtSigner using the path of a rsa.PrivateKey file as the non kID key and the path of a directory to load the keys into a KeyStore

func NewMJwtSignerFromFileOrCreate 

func NewMJwtSignerFromFileOrCreate(issuer, file string, random io.Reader, bits int) (Signer, error)

NewMJwtSignerFromFileOrCreate creates a new defaultMJwtSigner using the path of a rsa.PrivateKey file. If the file does not exist then the file is created and a new private key is generated.

func NewMJwtSignerWithKeyStore added in v0.3.0 

func NewMJwtSignerWithKeyStore(issuer string, key *rsa.PrivateKey, kStore KeyStore) Signer

NewMJwtSignerWithKeyStore creates a new defaultMJwtSigner using the issuer name, a rsa.PrivateKey for no kID and a KeyStore for kID based keys

type Verifier 

type Verifier interface {
	VerifyJwt(token string, claims baseTypeClaim) (*jwt.Token, error)
	PublicKey() *rsa.PublicKey
	PublicKeyOf(kID string) *rsa.PublicKey
	GetKeyStore() KeyStore
}

Verifier is used to verify the validity MJWT tokens and extract the claim values.

func NewMJwtVerifier 

func NewMJwtVerifier(key *rsa.PublicKey) Verifier

NewMJwtVerifier creates a new defaultMJwtVerifier using the rsa.PublicKey

func NewMJwtVerifierFromDirectory added in v0.3.0 

func NewMJwtVerifierFromDirectory(directory, prvExt, pubExt string) (Verifier, error)

NewMJwtVerifierFromDirectory creates a new defaultMJwtVerifier using the path of a directory to load the keys into a KeyStore; there is no default rsa.PublicKey

func NewMJwtVerifierFromFile 

func NewMJwtVerifierFromFile(file string) (Verifier, error)

NewMJwtVerifierFromFile creates a new defaultMJwtVerifier using the path of a rsa.PublicKey file

func NewMJwtVerifierFromFileAndDirectory added in v0.3.0 

func NewMJwtVerifierFromFileAndDirectory(file, directory, prvExt, pubExt string) (Verifier, error)

NewMJwtVerifierFromFileAndDirectory creates a new defaultMJwtVerifier using the path of a rsa.PublicKey file as the non kID key and the path of a directory to load the keys into a KeyStore

func NewMJwtVerifierWithKeyStore added in v0.3.0 

func NewMJwtVerifierWithKeyStore(defaultKey *rsa.PublicKey, kStore KeyStore) Verifier

NewMJwtVerifierWithKeyStore creates a new defaultMJwtVerifier using a rsa.PublicKey as the non kID key and a KeyStore for kID based keys

Source Files

View all Source files

Directories

Path Synopsis
cmd
mjwt command

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.