jwt

package
v0.0.0-...-a1393ee Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 14, 2026 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// Token expiration times (SOC2 CC6.3 - Logical Access Controls)
	AccessTokenTTL  = 15 * time.Minute   // Short-lived access tokens
	IDTokenTTL      = 1 * time.Hour      // ID tokens for user info
	RefreshTokenTTL = 7 * 24 * time.Hour // 7 days max for refresh tokens

	// Security parameters
	MinKeySize = 2048 // Minimum RSA key size (ISO27001 A.10.1.1)
	JTILength  = 32   // JTI entropy length
)

Security constants for SOC2/ISO27001 compliance

Variables

View Source 
var GenerateIDToken = generateIDToken
View Source 
var GenerateRefreshToken = generateRefreshToken

Functions

func GenerateAccessToken 

func GenerateAccessToken(
	userId string,
	scope string,
	issuer string,
	audience string,
	clientID string,
	providerID string,
) (string, error)

func GenerateSecureID 

func GenerateSecureID() string

GenerateSecureID generates a cryptographically secure random ID Complies with SOC2 CC6.1 and ISO27001 A.10.1.1

func GetPublicKey 

func GetPublicKey() *rsa.PublicKey

GetPublicKey returns the parsed RSA public key used for JWT verification. Returns nil if InitJWTKeys has not been called.

func InitJWTKeys 

func InitJWTKeys() error

func ResetJWTKeys 

func ResetJWTKeys()

ResetJWTKeys clears the cached JWT signing keys. Intended for testing only.

func ValidateToken 

func ValidateToken(tokenString string) (jwtlib.MapClaims, error)

ValidateToken performs comprehensive JWT validation Complies with SOC2 CC6.1, CC6.3 and ISO27001 A.9.4.2

Types

type UserProfile 

type UserProfile struct {
	Email         string `json:"email,omitempty"`
	EmailVerified bool   `json:"email_verified"`
	Phone         string `json:"phone,omitempty"`
	PhoneVerified bool   `json:"phone_verified"`
	FirstName     string `json:"first_name,omitempty"`
	MiddleName    string `json:"middle_name,omitempty"`
	LastName      string `json:"last_name,omitempty"`
	Suffix        string `json:"suffix,omitempty"`
	Birthdate     string `json:"birthdate,omitempty"`
	Gender        string `json:"gender,omitempty"`
	Address       string `json:"address,omitempty"`
	Picture       string `json:"picture,omitempty"`
}

UserProfile represents user profile data for ID tokens

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.