Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ValidateBootstrapClaims ¶
ValidateBootstrapClaims validates bootstrap JWT claims
func ValidateSessionClaims ¶
ValidateSessionClaims validates session JWT claims
Types ¶
type JWK ¶
type JWK struct {
KID string `json:"kid"` // Key ID
Kty string `json:"kty"` // Key Type (RSA, EC, etc.)
Crv string `json:"crv,omitempty"` // Curve (for EC keys)
X string `json:"x,omitempty"` // X coordinate (for EC keys)
Y string `json:"y,omitempty"` // Y coordinate (for EC keys)
Use string `json:"use,omitempty"` // Key usage
Alg string `json:"alg,omitempty"` // Algorithm
}
JWK represents a single JSON Web Key
type OARClaims ¶
type OARClaims struct {
// OAR-specific claims
ServiceID string `json:"service_id"`
RuntimeID string `json:"runtime_id"`
AgentName string `json:"agent_name"`
AgentImage string `json:"agent_image"`
SessionID string `json:"session_id"`
Principal *Principal `json:"principal,omitempty"`
Bootstrap bool `json:"bootstrap,omitempty"`
// Standard JWT claims
jwt.RegisteredClaims
}
OARClaims represents the custom claims in OAR JWTs These extend the standard JWT claims with OAR-specific information
type Principal ¶
type Principal struct {
Type string `json:"type"` // e.g., "user", "service"
ID string `json:"id"` // e.g., "user-123", "service-abc"
Email string `json:"email"` // e.g., "user@example.com"
}
Principal represents the originating principal for a token request
type RefreshToken ¶
type RefreshToken struct {
Token string `json:"token"` // The opaque token value (will be hashed)
SessionID string `json:"session_id"` // Bound to a specific session
AgentName string `json:"agent_name"` // Bound to a specific agent
IssuedAt time.Time `json:"issued_at"`
ExpiresAt time.Time `json:"expires_at"`
}
RefreshToken represents an opaque refresh token stored in the token store
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.