verify

package
v0.3.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 15, 2020 License: BSD-3-Clause Imports: 10 Imported by: 3

Documentation

Overview

Package verify provides middleware for GRPc servers which need to verify JSON Web Tokens generated by this Authenticator service.

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

func HasAnyEntry added in v0.2.0 

func HasAnyEntry(a, b []string) bool

HasAnyEntry is a utility function, which compares slice A and B. It returns true if one or more entries is present in both A and B or when both are nil.

func ParseJWTHeader 

func ParseJWTHeader(token string) (int, error)

ParseJWTHeader checks is the Alg field is supported and returns the Kid as an int.

Example 
package main

import (
	"encoding/base64"
	"fmt"
	"log"

	"github.com/moapis/authenticator/verify"
)

func main() {
	token := base64.RawURLEncoding.EncodeToString([]byte("{\"Alg\": \"EdDSA\", \"Kid\": \"10\"}"))
	kid, err := verify.ParseJWTHeader(token)
	if err != nil {
		log.Fatal(err)
	}
	fmt.Printf("Key ID: %d", kid)
}

Output:

Key ID: 10

Types

type RetrieveError 

type RetrieveError struct {
	VerificationErr
}

RetrieveError in case of gRPC client errors.

type VerificationErr 

type VerificationErr struct {
	// contains filtered or unexported fields
}

VerificationErr type for errors generated by this package.

Example 
package main

import (
	"encoding/base64"
	"errors"
	"fmt"

	"github.com/moapis/authenticator/verify"
)

func main() {
	token := base64.RawURLEncoding.EncodeToString([]byte("{\"Alg\": \"foo\"}"))
	_, err := verify.ParseJWTHeader(token)
	var ve *verify.VerificationErr
	if errors.As(err, &ve) {
		fmt.Printf("Error is of type %T", ve)
	}
}

Output:

Error is of type *verify.VerificationErr

func (*VerificationErr) Error 

func (e *VerificationErr) Error() string

func (*VerificationErr) Unwrap 

func (e *VerificationErr) Unwrap() error

Unwrap returns the originating error

type Verificator 

type Verificator struct {
	Client auth.AuthenticatorClient
	// Audiences that are accepted.
	// Nil accepts all.
	Audiences []string
	// contains filtered or unexported fields
}

Verificator holds public keys, which are used to verify tokens. Public keys that are not found in the local cache, are retrieved through an gRPC call from an Authenticator server.

func (*Verificator) Token 

func (v *Verificator) Token(ctx context.Context, token string) (*jwt.Claims, error)

Token verifies the passed JSON web token and checks validity (like expiry). If the key is not in the cache, it will be fetched through the client before checking. Typical errors can by of grpc/status or Verfication errors.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.