Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrInvalidToken = errors.New("invalid token") ErrExpiredToken = errors.New("expired token") )
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct { // TokenHMACSecretKey is the secret key to authenticate HMAC endpoint // connection JWTs. TokenHMACSecretKey string `json:"token_hmac_secret_key"` // TokenRSAPublicKey is the public key to authenticate RSA endpoint // connection JWTs. TokenRSAPublicKey string `json:"token_rsa_public_key"` // TokenECDSAPublicKey is the public key to authenticate ECDSA endpoint // connection JWTs. TokenECDSAPublicKey string `json:"token_ecdsa_public_key"` // TokenAudience is the required 'aud' claim of the authenticated JWTs. // // If not given the 'aud' claim will be ignored. TokenAudience string `json:"token_audience"` // TokenIssuer is the required 'iss' claim of the authenticated JWTs. // // If not given the 'iss' claim will be ignored. TokenIssuer string `json:"token_issuer"` }
func (*Config) AuthEnabled ¶
func (*Config) RegisterFlags ¶
type EndpointToken ¶
type EndpointToken struct { // Expiry contains the time the token expires, or zero if there is no // expiry. Expiry time.Time // Endpoints contains the list of endpoint IDs the connection is permitted // to register. If empty then all endpoints are allowed. Endpoints []string }
func (*EndpointToken) EndpointPermitted ¶
func (t *EndpointToken) EndpointPermitted(endpointID string) bool
EndpointPermitted returns whether the given endpoint ID is permitted for this token.
type JWTVerifier ¶
type JWTVerifier struct {
// contains filtered or unexported fields
}
func NewJWTVerifier ¶
func NewJWTVerifier(conf JWTVerifierConfig) *JWTVerifier
func (*JWTVerifier) VerifyEndpointToken ¶
func (v *JWTVerifier) VerifyEndpointToken(tokenString string) (EndpointToken, error)
type JWTVerifierConfig ¶
type Verifier ¶
type Verifier interface {
VerifyEndpointToken(token string) (EndpointToken, error)
}
Click to show internal directories.
Click to hide internal directories.