jose

package
v0.5.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 25, 2026 License: BSD-2-Clause Imports: 19 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ExtractClaim 

func ExtractClaim(token string, claimName string) (any, error)

ExtractClaim extracts a specific claim from a JWT without validation

func ExtractKIDFromCompactJWT 

func ExtractKIDFromCompactJWT(compactToken string) (string, error)

ExtractKIDFromCompactJWT extracts the "kid" field from the header of a compact-serialized JWT/JWE.

func GetSigningMethodFromKey 

func GetSigningMethodFromKey(privateKey any) (jwt.SigningMethod, string)

GetSigningMethodFromKey determines the JWT signing method and algorithm name from the private key

func MakeJWT 

func MakeJWT(ctx context.Context, header, body jwt.MapClaims, signer pki.Signer) (string, error)

MakeJWT creates a signed JWT using pki.Signer. The pki.Signer interface supports both software keys and HSM.

func ParseJWKToPublicKey 

func ParseJWKToPublicKey(jwkData any) (crypto.PublicKey, error)

ParseJWKToPublicKey parses a JWK (as a map or JSON bytes) to extract the public key.

func ParseJWTWithJWKHeader 

func ParseJWTWithJWKHeader(token string) (jwt.MapClaims, map[string]any, map[string]any, string, error)

ParseJWTWithJWKHeader parses and validates a JWT where the public key is embedded in the JWT header as a JWK Returns the parsed claims, the token header, the JWK header, the key thumbprint, and any error

func ParseSigningKey 

func ParseSigningKey(signingKeyPath string) (crypto.PrivateKey, error)

ParseSigningKey parses a private key from a PEM file (supports EC and RSA in various formats) Handles SEC1, PKCS1, and PKCS8 formats automatically.

func ParseX5CHeader 

func ParseX5CHeader(x5cRaw any) ([]*x509.Certificate, error)

ParseX5CHeader parses the x5c header into a certificate chain. The x5c header is an array of base64-encoded DER certificates, with the leaf certificate first. Supports both standard and URL-safe base64 encoding.

Types

type JWKS 

type JWKS struct {
	Keys []JWKWithMetadata `json:"keys"`
}

JWKS represents a JSON Web Key Set

func CreateJWKSFromSigner 

func CreateJWKSFromSigner(signer pki.Signer, keyUsage string) (*JWKS, error)

CreateJWKSFromSigner creates a JWKS from a pki.Signer keyUsage defaults to "sig" if empty string is provided

type JWKWithMetadata 

type JWKWithMetadata struct {
	Kty string `json:"kty"`
	Use string `json:"use,omitempty"`
	Kid string `json:"kid,omitempty"`
	Alg string `json:"alg,omitempty"`
	// EC key fields
	Crv string `json:"crv,omitempty"`
	X   string `json:"x,omitempty"`
	Y   string `json:"y,omitempty"`
	// RSA key fields
	N string `json:"n,omitempty"`
	E string `json:"e,omitempty"`
}

JWKWithMetadata includes additional fields like alg, use, kid

func ParseJWK 

func ParseJWK(jwkMap map[string]any) (*JWKWithMetadata, error)

ParseJWK converts a JWK map (e.g., from a JWT header) to a JWKWithMetadata struct This is commonly used for DPoP and similar protocols where JWK is embedded in JWT headers

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.