jwks

package

v16.15.0 Latest Latest Go to latest Published: Apr 5, 2024 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/datarhei/core

Links

Open Source Insights

Documentation ¶

Overview ¶

Package jwks implements a JSON Web Key Set Based on https://github.com/MicahParks/keyfunc without implementing the KeyFunc

Index ¶

Variables
type Config
type ErrorHandler
type JWK
type JWKS
- func NewFromJSON(jwksBytes []byte) (JWKS, error)
- func NewFromURL(jwksURL string, config Config) (JWKS, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (

	// ErrKIDNotFound indicates that the given key ID was not found in the JWKs.
	ErrKIDNotFound = errors.New("the given key ID was not found in the JWKs")

	// ErrMissingAssets indicates there are required assets missing to create a public key.
	ErrMissingAssets = errors.New("required assets are missing to create a public key")

	// ErrUnknownKeyType indicated that a key type is not implemented
	ErrUnknownKeyType = errors.New("the key has an unknown type")
)

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {

	// Client is the HTTP client used to get the JWKs via HTTP.
	Client *http.Client

	// RefreshErrorHandler is a function that consumes errors that happen during a JWKs refresh. This is only effectual
	// if RefreshInterval is not nil.
	RefreshErrorHandler ErrorHandler

	// RefreshInterval is the duration to refresh the JWKs in the background via a new HTTP request. If this is not nil,
	// then a background refresh will be requested in a separate goroutine at this interval until the JWKs method
	// EndBackground is called.
	RefreshInterval time.Duration

	// RefreshRateLimit limits the rate at which refresh requests are granted. Only one refresh request can be queued
	// at a time any refresh requests received while there is already a queue are ignored. It does not make sense to
	// have RefreshInterval's value shorter than this.
	RefreshRateLimit time.Duration

	// RefreshTimeout is the duration for the context used to create the HTTP request for a refresh of the JWKs. This
	// defaults to one minute. This is only effectual if RefreshInterval is not nil.
	RefreshTimeout time.Duration

	// RefreshUnknownKID indicates that the JWKs refresh request will occur every time a kid that isn't cached is seen.
	// Without specifying a RefreshInterval a malicious client could self-sign X JWTs, send them to this service,
	// then cause potentially high network usage proportional to X.
	RefreshUnknownKID bool
}

Options represents the configuration options for a JWKs.

type ErrorHandler ¶

type ErrorHandler func(err error)

ErrorHandler is a function signature that consumes an error.

type JWK ¶

type JWK interface {
	ID() string
	Alg() string
	Type() string
	PublicKey() (crypto.PublicKey, error)
}

type JWKS ¶

type JWKS interface {
	Key(kid string) (jwk JWK, err error)
	Cancel()
}

func NewFromJSON ¶

func NewFromJSON(jwksBytes []byte) (JWKS, error)

New creates a new JWKs from a raw JSON message.

func NewFromURL ¶

func NewFromURL(jwksURL string, config Config) (JWKS, error)

NewFromURL loads the JWKs at the given URL.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL