jwtutil

package
v1.6.8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 10, 2026 License: GPL-3.0 Imports: 4 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ExtractAzp added in v1.6.8 

func ExtractAzp(tokenString string) string

ExtractAzp parses a JWT without signature verification and returns the "azp" (authorized party) claim. Used to determine which client a token was issued to before performing ownership checks. Returns "" if the claim is absent or the token is malformed — callers should treat missing azp as "skip the check".

func ValidateAudience 

func ValidateAudience(tokenAud []string, requiredAudiences []string) error

ValidateAudience checks if the token's audience matches any of the required audiences. If requiredAudiences is empty, audience validation is skipped (no restriction).

Types

type AccessTokenClaims 

type AccessTokenClaims struct {
	UserID    string   `json:"sub"`
	Email     string   `json:"email"`
	SessionID string   `json:"sid"`
	IssuedAt  int64    `json:"iat"`
	ExpiresAt int64    `json:"exp"`
	Audience  []string `json:"aud"`
	Issuer    string   `json:"iss"`
}

func ValidateAccessToken 

func ValidateAccessToken(tokenString string) (*AccessTokenClaims, error)

ValidateAccessToken parses and validates an access token, returning its claims. It always uses the configured secret and validates the audience.

func (*AccessTokenClaims) Valid 

func (a *AccessTokenClaims) Valid() error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.