README
¶
jwt
a plain JWT lib with a simple interface
influence
Much of this is heavily inspired by dgrijalva/jwt-go but I wanted to simplify parts of the API.
TODO
- RS256 = rsassa_pkcs1_256
- RS384 = rsassa_pkcs1_384
- RS512 = rsassa_pkcs1_512
- ES256 = ecdsa_256
- ES384 = ecdsa_384
- ES512 = ecdsa_512
- PS256 = rsassa_pss_256
- PS384 = rsassa_pss_384
- PS512 = rsassa_pss_512
Documentation
¶
Index ¶
- Constants
- func Base64Decode(src string) ([]byte, error)
- func Base64Encode(src []byte) string
- func Serialize(claims interface{}, signer Signer) (string, error)
- func Unserialize(jwt string, signer Signer, dest interface{}) error
- type HMACSigner
- type Header
- type RegisteredClaims
- type Signer
- type SignerFunc
Constants ¶
const ( HS256 signingHash = iota + 1 HS384 HS512 )
These specify the algorithm to be used
Variables ¶
This section is empty.
Functions ¶
func Base64Decode ¶
Base64Decode takes in a base 64 encoded string and returns the decoded []byte
func Base64Encode ¶
Base64Encode takes a []byte and returns a base 64 encoded string
func Unserialize ¶
Unserialize decodes a JWT's claims into `dest` and verifies the JWT via the given Signer
Types ¶
type HMACSigner ¶ added in v0.4.0
type HMACSigner struct {
// contains filtered or unexported fields
}
HMACSigner will sign a JWT using crypto.SHA256
func NewHMACSigner ¶ added in v0.3.0
func NewHMACSigner(alg signingHash, secret []byte) *HMACSigner
NewHMACSigner is a factory for signers of the HMAC hash type
func (*HMACSigner) Name ¶ added in v0.7.0
func (s *HMACSigner) Name() string
Name gives the name of the Signer
func (*HMACSigner) Sign ¶ added in v0.4.0
func (s *HMACSigner) Sign(json string) (string, error)
Sign generates a Hmac256 hash of a string using a secret
func (*HMACSigner) Verify ¶ added in v0.4.0
func (s *HMACSigner) Verify(control, variable string) error
Verify a given JWT via the Signer
type Header ¶
type Header struct {
Type string `json:"typ,omitempty"`
Algorithm string `json:"alg,omitempty"` // Algorithm
}
Header is a typical JWT header
type RegisteredClaims ¶ added in v0.0.2
type RegisteredClaims struct {
Audience string `json:"aud,omitempty"` // (Audience) Claim
Issuer string `json:"iss,omitempty"` // (Issuer) Claim
JWTID string `json:"jti,omitempty"` // (JWT ID) Claim
IssuedAt int64 `json:"iat,omitempty"` // (Issued At) Claim
ExpirationTime int64 `json:"exp,omitempty"` // (Expiration Time) Claim
Subject string `json:"sub,omitempty"` // (Subject) Claim
NotBefore int64 `json:"nbf,omitempty"` // (Not Before) Claim
}
RegisteredClaims implements Claimer and represents the standard registered claims of a JWT
func NewRegisteredClaims ¶ added in v0.0.2
func NewRegisteredClaims(exp time.Time) RegisteredClaims
NewRegisteredClaims gives you a basic set of claims based on the given subject and expiration
func (*RegisteredClaims) IsExpired ¶ added in v0.0.2
func (c *RegisteredClaims) IsExpired(t time.Time) bool
IsExpired checks to see if the claims' `exp` field is less than the given time
func (*RegisteredClaims) NotActive ¶ added in v0.0.2
func (c *RegisteredClaims) NotActive(t time.Time) bool
NotActive checks to see if the claims' `nbf` field is less than the given time
func (*RegisteredClaims) TTL ¶ added in v0.7.0
func (c *RegisteredClaims) TTL(t time.Duration)
func (*RegisteredClaims) Valid ¶ added in v0.0.2
func (c *RegisteredClaims) Valid() bool
Valid implements Claimer and validates the current claim `NotActive` & `IsExpired` against time.Now()
type Signer ¶
type Signer interface {
// Verify checks to see that the signed strings match; returns nil if signature is valid
Verify(control, variable string) error
// Sign generates a hash of a string using the previously provided algorithm
Sign(signingString string) (string, error)
// Name returns the name of the algorithm being used
Name() string
}
Signer is implemented to add new methods for signing or verifying tokens.
type SignerFunc ¶ added in v0.7.0
SignerFunc is a signing function, READ: it does the work
Source Files
Directories