Documentation
¶
Index ¶
Constants ¶
View Source
const ( // DefaultKeyThumbprintAlgorithm DefaultKeyThumbprintAlgorithm = crypto.SHA256 // DefaultJWTSignatureAlgorithm is set to RS256 by default as it is the most compatible algorithm. DefaultJWTSignatureAlgorithm = jwa.RS256 )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Issuer ¶
type Issuer interface {
// Generate creates a JWT token for the given request. The token includes
// claims based on the identity information provided in the request.
Generate(context.Context, *Request) (string, error)
// JWKS returns the JSON Web Key Set (JWKS).
JWKS() jwk.Set
// JWTSignatureAlgorithm returns the signature algorithm used for signing JWTs.
JWTSignatureAlgorithm() jwa.KeyAlgorithm
}
func New ¶
func New(opts IssuerOptions) (Issuer, error)
type IssuerOptions ¶
type IssuerOptions struct {
// SignKey is the key used to sign the JWT
SignKey jwk.Key
// Issuer is the Issuer of the JWT (optional)
Issuer *string
// AllowedClockSkew is the time allowed for clock skew
AllowedClockSkew time.Duration
// JWKS is the JSON Web Key Set (JWKS) used to verify JWTs
JWKS jwk.Set
}
type Request ¶
type Request struct {
// Trust domain is the trust domain of the JWT.
TrustDomain spiffeid.TrustDomain
// Audiences is the audience of the JWT.
Audiences []string
// Namespace is the namespace of the client.
Namespace string
// AppID is the app id of the client.
AppID string
// TTL is the time-to-live for the token in seconds
TTL time.Duration
}
Request is the request for generating a JWT
Source Files
Click to show internal directories.
Click to hide internal directories.