auth

package

v1.1.0 Latest Latest Go to latest Published: Apr 30, 2026 License: MIT Imports: 12 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/mirkobrombin/go-foundation

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func SignToken(p Payload, secret []byte) (string, error)
type Algorithm
type Claims
type Key
type Payload
- func VerifyToken(token string, secret []byte) (Payload, error)
- func (p Payload) Valid() error
type SignedToken
type StandardClaims
- func (c StandardClaims) Valid() error
type TokenService
- func NewService(keys ...Key) TokenService

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// ErrInvalidToken indicates a malformed or unreadable token.
	ErrInvalidToken = errors.New("auth: invalid token")
	// ErrInvalidSignature indicates the token signature verification failed.
	ErrInvalidSignature = errors.New("auth: invalid signature")
	// ErrExpiredToken indicates the token has passed its expiration time.
	ErrExpiredToken = errors.New("auth: token expired")
	// ErrUnknownKeyID indicates the key ID in the token is not recognized.
	ErrUnknownKeyID = errors.New("auth: unknown key id")
)

Functions ¶

func SignToken ¶

func SignToken(p Payload, secret []byte) (string, error)

SignToken signs a payload with HMAC-SHA256.

Types ¶

type Algorithm ¶

type Algorithm string

Algorithm identifies a signing algorithm.

const (
	// AlgHMACSHA256 signs tokens using HMAC-SHA256.
	AlgHMACSHA256 Algorithm = "HS256"
	// AlgRS256 signs tokens using RSA-PKCS1v15 with SHA-256.
	AlgRS256 Algorithm = "RS256"
	// AlgES256 signs tokens using ECDSA with P-256 and SHA-256.
	AlgES256 Algorithm = "ES256"
	// AlgEdDSA signs tokens using Ed25519.
	AlgEdDSA Algorithm = "EdDSA"
)

type Claims ¶

type Claims interface {
	Valid() error
}

Claims validates token claims.

type Key ¶

type Key struct {
	ID        string
	Secret    []byte
	Algorithm Algorithm
	Private   crypto.PrivateKey
	Public    crypto.PublicKey
}

Key holds signing key material.

type Payload ¶

type Payload struct {
	Sub string `json:"sub"`
	Exp int64  `json:"exp"`
}

Payload holds the claims for a simple token.

func VerifyToken ¶

func VerifyToken(token string, secret []byte) (Payload, error)

VerifyToken verifies and decodes a HMAC-SHA256 token.

func (Payload) Valid ¶

func (p Payload) Valid() error

type SignedToken ¶

type SignedToken struct {
	Token   string
	KeyID   string
	Payload []byte
	Raw     string
}

SignedToken holds a token string with its key ID and raw payload.

type StandardClaims ¶

type StandardClaims struct {
	Sub string `json:"sub"`
	Exp int64  `json:"exp"`
	Iat int64  `json:"iat,omitempty"`
	Jti string `json:"jti,omitempty"`
	Iss string `json:"iss,omitempty"`
	Aud string `json:"aud,omitempty"`
}

StandardClaims holds common JWT-like claims.

func (StandardClaims) Valid ¶

func (c StandardClaims) Valid() error

type TokenService ¶

type TokenService interface {
	Sign(claims Claims) (*SignedToken, error)
	Verify(token string) (Claims, error)
}

TokenService signs and verifies tokens.

func NewService ¶

func NewService(keys ...Key) TokenService

NewService creates a TokenService with one or more keys.

Source Files ¶

View all Source files

token.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL