token

package

v0.0.0-...-212369e Latest Latest Go to latest Published: Mar 18, 2024 License: Apache-2.0 Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/MTudorrrr/distribution

Documentation ¶

Index ¶

Constants
Variables
type AudienceList
- func (s AudienceList) MarshalJSON() (b []byte, err error)
- func (s *AudienceList) UnmarshalJSON(data []byte) (err error)
type ClaimSet
type ResourceActions
type Token
- func NewToken(rawToken string) (*Token, error)
- func (t *Token) Verify(verifyOpts VerifyOptions) (*ClaimSet, error)
- func (t *Token) VerifySigningKey(verifyOpts VerifyOptions) (signingKey crypto.PublicKey, err error)
type VerifyOptions

Constants ¶

View Source

const (
	// TokenSeparator is the value which separates the header, claims, and
	// signature in the compact serialization of a JSON Web Token.
	TokenSeparator = "."
	// Leeway is the Duration that will be added to NBF and EXP claim
	// checks to account for clock skew as per https://tools.ietf.org/html/rfc7519#section-4.1.5
	Leeway = 60 * time.Second
)

Variables ¶

View Source

var (
	ErrInsufficientScope = errors.New("insufficient scope")
	ErrTokenRequired     = errors.New("authorization token required")
)

Errors used and exported by this package.

View Source

var (
	ErrMalformedToken = errors.New("malformed token")
	ErrInvalidToken   = errors.New("invalid token")
)

Errors used by token parsing and verification.

Functions ¶

This section is empty.

Types ¶

type AudienceList ¶

type AudienceList []string

AudienceList is a slice of strings that can be deserialized from either a single string value or a list of strings.

func (AudienceList) MarshalJSON ¶

func (s AudienceList) MarshalJSON() (b []byte, err error)

func (*AudienceList) UnmarshalJSON ¶

func (s *AudienceList) UnmarshalJSON(data []byte) (err error)

type ClaimSet ¶

type ClaimSet struct {
	// Public claims
	Issuer     string       `json:"iss"`
	Subject    string       `json:"sub"`
	Audience   AudienceList `json:"aud"`
	Expiration int64        `json:"exp"`
	NotBefore  int64        `json:"nbf"`
	IssuedAt   int64        `json:"iat"`
	JWTID      string       `json:"jti"`

	// Private claims
	Access []*ResourceActions `json:"access"`
}

ClaimSet describes the main section of a JSON Web Token.

type ResourceActions ¶

type ResourceActions struct {
	Type    string   `json:"type"`
	Class   string   `json:"class,omitempty"`
	Name    string   `json:"name"`
	Actions []string `json:"actions"`
}

ResourceActions stores allowed actions on a named and typed resource.

type Token ¶

type Token struct {
	Raw string
	JWT *jwt.JSONWebToken
}

Token is a JSON Web Token.

func NewToken ¶

func NewToken(rawToken string) (*Token, error)

NewToken parses the given raw token string and constructs an unverified JSON Web Token.

func (*Token) Verify ¶

func (t *Token) Verify(verifyOpts VerifyOptions) (*ClaimSet, error)

Verify attempts to verify this token using the given options. Returns a nil error if the token is valid.

func (*Token) VerifySigningKey ¶

func (t *Token) VerifySigningKey(verifyOpts VerifyOptions) (signingKey crypto.PublicKey, err error)

VerifySigningKey attempts to verify and return the signing key which was used to sign the token.

type VerifyOptions ¶

type VerifyOptions struct {
	TrustedIssuers    []string
	AcceptedAudiences []string
	Roots             *x509.CertPool
	TrustedKeys       map[string]crypto.PublicKey
}

VerifyOptions is used to specify options when verifying a JSON Web Token.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL