jwks

README

JWKS

Description goes here

Installation

go get -u github.com/danikarik/jwks

Usage

import "github.com/danikarik/jwks"

// Define options.
opts := []jwks.Option{
    jwks.WithMaxRetries(3),
    jwks.WithHTTPClient(&http.Client{}),
}

// Create key manager.
manager, err := jwks.NewManager("https:example.com/.well-known/jwks.json", opts...)
if err != nil {
    // handle error
}

kid = "ba8e4a5e27c5f510"

ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()

key, err := manager.FetchKey(ctx, kid)
if err != nil {
    // handle error
}

if key.Kty == "RSA" && key.Use == "sig" {
    // do some stuff
}

Maintainers

@danikarik

License

This project is licensed under the MIT License.

Documentation

Index

• Variables
• type Cache
  • func NewMemoryCache(size int) (Cache, error)
• type JWK
• type Manager
  • func NewManager(rawurl string, opts ...Option) (Manager, error)
• type Option
  • func WithCache(c Cache) Option
  • func WithDebug(on bool) Option
  • func WithHTTPClient(c *http.Client) Option
  • func WithLogger(logger zerolog.Logger) Option
  • func WithLookup(flag bool) Option
  • func WithMaxRetries(n int) Option

Variables

var (
	// ErrEmptyKeyID raises when input kid is empty.
	ErrEmptyKeyID = errors.New("cache: empty kid")
	// ErrCacheNotFound raises when cache value not found.
	ErrCacheNotFound = errors.New("cache: value not found")
	// ErrInvalidValue raises when type conversion to JWK has been failed.
	ErrInvalidValue = errors.New("cache: invalid value")
)

var (
	// ErrConnectionFailed raises when JWKS endpoint cannot be reached.
	ErrConnectionFailed = errors.New("jwks: connection failed")
	// ErrInvalidURL raises when input url has invalid format.
	ErrInvalidURL = errors.New("jwks: invalid url value or format")
	// ErrKeyIDNotProvided raises when input kid is not present.
	ErrKeyIDNotProvided = errors.New("jwks: kid is not provided")
	// ErrPublicKeyNotFound raises when no public key is found.
	ErrPublicKeyNotFound = errors.New("jwks: public key not found")
)

Types

type Cache

type Cache interface {
	Add(ctx context.Context, key *JWK) error
	Get(ctx context.Context, kid string) (*JWK, error)
	Remove(ctx context.Context, kid string) error
	Contains(ctx context.Context, kid string) (bool, error)
	Len(ctx context.Context) (int, error)
	Purge(ctx context.Context) error
}

Cache works with cache layer.

func NewMemoryCache

func NewMemoryCache(size int) (Cache, error)

NewMemoryCache returns a new instance of memory cache.

type JWK

type JWK = jwk.JWK

JWK represents an unparsed JSON Web Key (JWK) in its wire format.

type Manager

type Manager interface {
	FetchKey(ctx context.Context, kid string) (*JWK, error)
	CacheSize(ctx context.Context) (int, error)
}

Manager fetches and returns JWK from public source.

func NewManager

func NewManager(rawurl string, opts ...Option) (Manager, error)

NewManager returns a new instance of `Manager`.

type Option

type Option func(m *manager)

Option is used for configuring key manager.

func WithCache

func WithCache(c Cache) Option

WithCache sets custom cache. Default is `memory cache`.

func WithDebug

func WithDebug(on bool) Option

WithDebug sets log level to `Debug`.

func WithHTTPClient

func WithHTTPClient(c *http.Client) Option

WithHTTPClient sets custom http client.

func WithLogger

func WithLogger(logger zerolog.Logger) Option

WithLogger sets custom logger. Default log level is `disabled`.

func WithLookup

func WithLookup(flag bool) Option

WithLookup defines cache lookup option. Default is `true`.

func WithMaxRetries

func WithMaxRetries(n int) Option

WithMaxRetries defines max retries count if request has been failed. Default is `5`.