jwtkit

package
v0.2.46 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 18, 2025 License: MIT Imports: 12 Imported by: 0

Documentation

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Claims added in v0.2.40

type Claims = jwt.RegisteredClaims

Claims represents claims for JWT. See: https://tools.ietf.org/html/rfc7519#section-4.1

type JWKSProvider added in v0.2.46

type JWKSProvider struct {
	// contains filtered or unexported fields
}

JWKSProvider is a token provider that uses a JWKS endpoint to verify tokens.

func NewJWKSProvider added in v0.2.46

func NewJWKSProvider(jwksURL string, refreshInterval time.Duration) (*JWKSProvider, error)

NewJWKSProvider creates a new JWKSProvider.

Example
package main

import (
	"fmt"
	"time"

	"github.com/plainq/servekit/authkit/jwtkit"
)

func main() {
	// This is a placeholder for a real JWKS endpoint
	// In a real application, you would use a URL like
	// "https://www.googleapis.com/oauth2/v3/certs"
	// or your own identity provider's JWKS endpoint.
	jwksURL := "http://127.0.0.1:8080/.well-known/jwks.json"

	// Create a new JWKSProvider with a 1-hour refresh interval.
	// The provider will fetch the keys from the URL upon creation
	// and then periodically refresh them.
	provider, err := jwtkit.NewJWKSProvider(jwksURL, 1*time.Hour)
	if err != nil {
		// In a real app, you would likely log this error and exit,
		// as the application cannot verify tokens without the keys.
		fmt.Printf("failed to create JWKS provider: %v", err)
		return
	}

	// The provider can now be used to verify tokens.
	// Typically, you would use this in a middleware to protect your routes.
	// For example:
	// token := "a.jwt.token"
	// parsedToken, err := provider.ParseVerify(token)
	_ = provider
}

func (*JWKSProvider) ParseVerify added in v0.2.46

func (p *JWKSProvider) ParseVerify(token string) (*Token, error)

ParseVerify parses and verifies a token using the key from the JWKS endpoint.

func (*JWKSProvider) ParseVerifyClaims added in v0.2.46

func (p *JWKSProvider) ParseVerifyClaims(token string, claims any) error

ParseVerifyClaims parses and verifies a token using the key from the JWKS endpoint.

func (*JWKSProvider) Sign added in v0.2.46

func (*JWKSProvider) Sign(_ *Token) (string, error)

Sign is not supported for JWKSProvider.

func (*JWKSProvider) Verify added in v0.2.46

func (p *JWKSProvider) Verify(token string) error

Verify verifies a token.

type Key added in v0.2.46

type Key struct {
	Use string `json:"use"`
	Kty string `json:"kty"`
	Kid string `json:"kid"`
	Alg string `json:"alg"`
	N   string `json:"n"`
	E   string `json:"e"`
}

Key represents a single key in a JWK set.

type KeyStore added in v0.2.46

type KeyStore struct {
	Keys []Key `json:"keys"`
}

KeyStore represents a set of keys from a JWKS endpoint.

type Token

type Token struct {
	Claims
	Meta map[string]any `json:"meta,omitempty"`
	// contains filtered or unexported fields
}

Token represents claims for JWT with additional metadata.

func (*Token) Metadata

func (t *Token) Metadata() map[string]any

Metadata returns the metadata of the token.

func (*Token) Raw

func (t *Token) Raw() *jwt.Token

Raw returns the raw token.

func (*Token) Validate added in v0.2.46

func (t *Token) Validate(now time.Time) error

Validate validates the token claims.

type TokenManager

type TokenManager interface {
	// Sign takes a Token and signs it.
	Sign(token *Token) (string, error)

	// Verify takes a token string and verifies it.
	Verify(token string) error

	// ParseVerify takes a token string and parses and verifies it.
	ParseVerify(token string) (*Token, error)

	// ParseVerifyClaims takes a token string and parses and verifies it.
	// It decodes the claims into the provided claims struct.
	ParseVerifyClaims(token string, claims any) error
}

TokenManager is an interface that holds the logic of token management.

type TokenManagerJWT

type TokenManagerJWT struct {
	// contains filtered or unexported fields
}

TokenManagerJWT is an implementation of TokenManager based on JWT.

func NewTokenManager

func NewTokenManager(signer jwt.Signer, verifier jwt.Verifier) *TokenManagerJWT

NewTokenManager creates a new implementation of TokenManager based on JWT. It uses the given signer and verifier to sign and verify the token.

func (*TokenManagerJWT) ParseVerify

func (m *TokenManagerJWT) ParseVerify(token string) (*Token, error)

func (*TokenManagerJWT) ParseVerifyClaims added in v0.2.46

func (m *TokenManagerJWT) ParseVerifyClaims(token string, claims any) error

func (*TokenManagerJWT) Sign

func (m *TokenManagerJWT) Sign(token *Token) (string, error)

func (*TokenManagerJWT) Verify

func (m *TokenManagerJWT) Verify(token string) error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL