jwt

package

v1.1.0 Latest Latest Go to latest Published: Apr 20, 2026 License: Apache-2.0 Imports: 5 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/jradikk/nats-auth-operator

Links

Open Source Insights

Documentation ¶

Index ¶

func GenerateCredsFile(userJWT string, userSeed []byte) string
type AccountManager
- func NewAccountManager(seed []byte) (*AccountManager, error)
type OperatorManager
- func NewOperatorManager(seed []byte, operatorName string) (*OperatorManager, error)
type UserManager
- func NewUserManager(seed []byte) (*UserManager, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func GenerateCredsFile ¶

func GenerateCredsFile(userJWT string, userSeed []byte) string

GenerateCredsFile generates a NATS credentials file content

Types ¶

type AccountManager ¶

type AccountManager struct {
	// contains filtered or unexported fields
}

AccountManager manages NATS account JWT operations

func NewAccountManager ¶

func NewAccountManager(seed []byte) (*AccountManager, error)

NewAccountManager creates a new account manager from an existing seed or generates a new one

func (*AccountManager) CreateAccountClaims ¶

func (am *AccountManager) CreateAccountClaims(name, description string, limits *natsv1alpha1.AccountLimits) (*jwt.AccountClaims, error)

CreateAccountClaims creates account claims from the spec

func (*AccountManager) GetKeyPair ¶

func (am *AccountManager) GetKeyPair() nkeys.KeyPair

GetKeyPair returns the account's keypair

func (*AccountManager) GetPublicKey ¶

func (am *AccountManager) GetPublicKey() (string, error)

GetPublicKey returns the account's public key

func (*AccountManager) GetSeed ¶

func (am *AccountManager) GetSeed() ([]byte, error)

GetSeed returns the account's seed (private key)

func (*AccountManager) SignUserJWT ¶

func (am *AccountManager) SignUserJWT(userClaims *jwt.UserClaims) (string, error)

SignUserJWT signs a user JWT with the account key

type OperatorManager ¶

type OperatorManager struct {
	// contains filtered or unexported fields
}

OperatorManager manages NATS operator JWT operations

func NewOperatorManager ¶

func NewOperatorManager(seed []byte, operatorName string) (*OperatorManager, error)

NewOperatorManager creates a new operator manager from an existing seed or generates a new one

func (*OperatorManager) GetJWT ¶

func (om *OperatorManager) GetJWT() string

GetJWT returns the operator JWT

func (*OperatorManager) GetKeyPair ¶

func (om *OperatorManager) GetKeyPair() nkeys.KeyPair

GetKeyPair returns the operator's keypair (for signing account JWTs)

func (*OperatorManager) GetPublicKey ¶

func (om *OperatorManager) GetPublicKey() (string, error)

GetPublicKey returns the operator's public key

func (*OperatorManager) GetSeed ¶

func (om *OperatorManager) GetSeed() ([]byte, error)

GetSeed returns the operator's seed (private key)

func (*OperatorManager) SetSystemAccount ¶ added in v1.1.0

func (om *OperatorManager) SetSystemAccount(systemAccountPubKey string) error

SetSystemAccount re-encodes the operator JWT with the given account public key embedded as the SystemAccount field. Call this after the system account is known. The server will then show the system account name under "Trusted Operators" at startup instead of an empty string.

func (*OperatorManager) SignAccountJWT ¶

func (om *OperatorManager) SignAccountJWT(accountClaims *jwt.AccountClaims) (string, error)

SignAccountJWT signs an account JWT with the operator key

type UserManager ¶

type UserManager struct {
	// contains filtered or unexported fields
}

UserManager manages NATS user JWT operations

func NewUserManager ¶

func NewUserManager(seed []byte) (*UserManager, error)

NewUserManager creates a new user manager from an existing seed or generates a new one

func (*UserManager) CreateUserClaims ¶

func (um *UserManager) CreateUserClaims(name string, permissions *natsv1alpha1.Permissions) (*jwt.UserClaims, error)

CreateUserClaims creates user claims from the spec

func (*UserManager) GetKeyPair ¶

func (um *UserManager) GetKeyPair() nkeys.KeyPair

GetKeyPair returns the user's keypair

func (*UserManager) GetPublicKey ¶

func (um *UserManager) GetPublicKey() (string, error)

GetPublicKey returns the user's public key

func (*UserManager) GetSeed ¶

func (um *UserManager) GetSeed() ([]byte, error)

GetSeed returns the user's seed (private key)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL