jwk

package
v0.9.10 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 29, 2017 License: Apache-2.0 Imports: 28 Imported by: 173

Documentation

Index

Constants

View Source 
const (
	IDTokenKeyName = "hydra.openid.id-token"
)

Variables

This section is empty.

Functions

func First 

func First(keys []jose.JsonWebKey) *jose.JsonWebKey

func MustRSAPrivate 

func MustRSAPrivate(key *jose.JsonWebKey) *rsa.PrivateKey

func MustRSAPublic 

func MustRSAPublic(key *jose.JsonWebKey) *rsa.PublicKey

func PEMBlockForKey 

func PEMBlockForKey(key interface{}) (*pem.Block, error)

func RandomBytes 

func RandomBytes(n int) ([]byte, error)

func TestHelperManagerKey 

func TestHelperManagerKey(m Manager, keys *jose.JsonWebKeySet) func(t *testing.T)

func TestHelperManagerKeySet 

func TestHelperManagerKeySet(m Manager, keys *jose.JsonWebKeySet) func(t *testing.T)

func ToRSAPrivate 

func ToRSAPrivate(key *jose.JsonWebKey) (*rsa.PrivateKey, error)

func ToRSAPublic 

func ToRSAPublic(key *jose.JsonWebKey) (*rsa.PublicKey, error)

Types

type AEAD 

type AEAD struct {
	Key []byte
}

func (*AEAD) Decrypt 

func (c *AEAD) Decrypt(ciphertext string) ([]byte, error)

func (*AEAD) Encrypt 

func (c *AEAD) Encrypt(plaintext []byte) (string, error)

type ECDSA256Generator 

type ECDSA256Generator struct{}

func (*ECDSA256Generator) Generate 

func (g *ECDSA256Generator) Generate(id string) (*jose.JsonWebKeySet, error)

type ECDSA521Generator added in v0.2.0 

type ECDSA521Generator struct{}

func (*ECDSA521Generator) Generate added in v0.2.0 

func (g *ECDSA521Generator) Generate(id string) (*jose.JsonWebKeySet, error)

type HS256Generator 

type HS256Generator struct {
	Length int
}

func (*HS256Generator) Generate 

func (g *HS256Generator) Generate(id string) (*jose.JsonWebKeySet, error)

type HTTPManager added in v0.2.0 

type HTTPManager struct {
	Client             *http.Client
	Endpoint           *url.URL
	Dry                bool
	FakeTLSTermination bool
}

func (*HTTPManager) AddKey added in v0.2.0 

func (m *HTTPManager) AddKey(set string, key *jose.JsonWebKey) error

func (*HTTPManager) AddKeySet added in v0.2.0 

func (m *HTTPManager) AddKeySet(set string, keys *jose.JsonWebKeySet) error

func (*HTTPManager) CreateKeys added in v0.2.0 

func (m *HTTPManager) CreateKeys(set, algorithm string) (*jose.JsonWebKeySet, error)

func (*HTTPManager) DeleteKey added in v0.2.0 

func (m *HTTPManager) DeleteKey(set, kid string) error

func (*HTTPManager) DeleteKeySet added in v0.2.0 

func (m *HTTPManager) DeleteKeySet(set string) error

func (*HTTPManager) GetKey added in v0.2.0 

func (m *HTTPManager) GetKey(set, kid string) (*jose.JsonWebKeySet, error)

func (*HTTPManager) GetKeySet added in v0.2.0 

func (m *HTTPManager) GetKeySet(set string) (*jose.JsonWebKeySet, error)

type Handler 

type Handler struct {
	Manager    Manager
	Generators map[string]KeyGenerator
	H          herodot.Writer
	W          firewall.Firewall
}

func (*Handler) Create 

func (h *Handler) Create(w http.ResponseWriter, r *http.Request, ps httprouter.Params)

swagger:route POST /keys/{set} jwks createJwkKey

Generate a new JSON Web Key

The subject making the request needs to be assigned to a policy containing: 

```
{
  "resources": ["rn:hydra:keys:<set>:<kid>"],
  "actions": ["create"],
  "effect": "allow"
}
```

   Consumes:
   - application/json

   Produces:
   - application/json

   Schemes: http, https

   Security:
     oauth2: hydra.keys.create

   Responses:
     200: jwkSet
     401: genericError
     403: genericError
     500: genericError

func (*Handler) DeleteKey 

func (h *Handler) DeleteKey(w http.ResponseWriter, r *http.Request, ps httprouter.Params)

swagger:route DELETE /keys/{set}/{kid} jwks deleteJwkKey

Delete a JSON Web Key

The subject making the request needs to be assigned to a policy containing: 

```
{
  "resources": ["rn:hydra:keys:<set>:<kid>"],
  "actions": ["delete"],
  "effect": "allow"
}
```

   Consumes:
   - application/json

   Produces:
   - application/json

   Schemes: http, https

   Security:
     oauth2: hydra.keys.delete

   Responses:
     204: emptyResponse
     401: genericError
     403: genericError
     500: genericError

func (*Handler) DeleteKeySet 

func (h *Handler) DeleteKeySet(w http.ResponseWriter, r *http.Request, ps httprouter.Params)

swagger:route DELETE /keys/{set} jwks deleteJwkSet

Delete a JSON Web Key

The subject making the request needs to be assigned to a policy containing: 

```
{
  "resources": ["rn:hydra:keys:<set>"],
  "actions": ["delete"],
  "effect": "allow"
}
```

   Consumes:
   - application/json

   Produces:
   - application/json

   Schemes: http, https

   Security:
     oauth2: hydra.keys.delete

   Responses:
     204: emptyResponse
     401: genericError
     403: genericError
     500: genericError

func (*Handler) GetGenerators added in v0.2.0 

func (h *Handler) GetGenerators() map[string]KeyGenerator

func (*Handler) GetKey 

func (h *Handler) GetKey(w http.ResponseWriter, r *http.Request, ps httprouter.Params)

swagger:route GET /keys/{set}/{kid} jwks getJwkSetKey

Retrieves a JSON Web Key Set matching the set and the kid

The subject making the request needs to be assigned to a policy containing: 

```
{
  "resources": ["rn:hydra:keys:<set>:<kid>"],
  "actions": ["get"],
  "effect": "allow"
}
```

   Consumes:
   - application/json

   Produces:
   - application/json

   Schemes: http, https

   Security:
     oauth2: hydra.keys.get

   Responses:
     200: jwkSet
     401: genericError
     403: genericError
     500: genericError

func (*Handler) GetKeySet 

func (h *Handler) GetKeySet(w http.ResponseWriter, r *http.Request, ps httprouter.Params)

swagger:route GET /keys/{set} jwks getJwkSet

Retrieves a JSON Web Key Set matching the set

The subject making the request needs to be assigned to a policy containing: 

```
{
  "resources": ["rn:hydra:keys:<set>:<kid>"],
  "actions": ["get"],
  "effect": "allow"
}
```

   Consumes:
   - application/json

   Produces:
   - application/json

   Schemes: http, https

   Security:
     oauth2: hydra.keys.get

   Responses:
     200: jwkSet
     401: genericError
     403: genericError
     500: genericError

func (*Handler) SetRoutes 

func (h *Handler) SetRoutes(r *httprouter.Router)

func (*Handler) UpdateKey 

func (h *Handler) UpdateKey(w http.ResponseWriter, r *http.Request, ps httprouter.Params)

swagger:route PUT /keys/{set}/{kid} jwks updateJwkKey

Updates a JSON Web Key

Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your own.

The subject making the request needs to be assigned to a policy containing: 

```
{
  "resources": ["rn:hydra:keys:<set>:<kid>"],
  "actions": ["update"],
  "effect": "allow"
}
```

   Consumes:
   - application/json

   Produces:
   - application/json

   Schemes: http, https

   Security:
     oauth2: hydra.keys.update

   Responses:
     200: jwkSet
     401: genericError
     403: genericError
     500: genericError

func (*Handler) UpdateKeySet 

func (h *Handler) UpdateKeySet(w http.ResponseWriter, r *http.Request, ps httprouter.Params)

swagger:route PUT /keys/{set} jwks updateJwkSet

Updates a JSON Web Key Set

Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your own.

The subject making the request needs to be assigned to a policy containing: 

```
{
  "resources": ["rn:hydra:keys:<set>"],
  "actions": ["update"],
  "effect": "allow"
}
```

   Consumes:
   - application/json

   Produces:
   - application/json

   Schemes: http, https

   Security:
     oauth2: hydra.keys.update

   Responses:
     200: jwkSet
     401: genericError
     403: genericError
     500: genericError

func (*Handler) WellKnown 

func (h *Handler) WellKnown(w http.ResponseWriter, r *http.Request, ps httprouter.Params)

swagger:route GET /.well-known/jwks.json jwks oauth2 openid-connect WellKnown

Public JWKs

Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your own.

The subject making the request needs to be assigned to a policy containing: 

```
{
  "resources": ["rn:hydra:keys:hydra.openid.id-token:public"],
  "actions": ["GET"],
  "effect": "allow"
}
```

   Consumes:
   - application/json

   Produces:
   - application/json

   Schemes: http, https

   Security:
     oauth2: hydra.keys.get

   Responses:
     200: jwkSet
     401: genericError
     403: genericError
     500: genericError

type KeyGenerator 

type KeyGenerator interface {
	Generate(id string) (*jose.JsonWebKeySet, error)
}

type Manager 

type Manager interface {
	AddKey(set string, key *jose.JsonWebKey) error

	AddKeySet(set string, keys *jose.JsonWebKeySet) error

	GetKey(set, kid string) (*jose.JsonWebKeySet, error)

	GetKeySet(set string) (*jose.JsonWebKeySet, error)

	DeleteKey(set, kid string) error

	DeleteKeySet(set string) error
}

type MemoryManager 

type MemoryManager struct {
	Keys map[string]*jose.JsonWebKeySet
	sync.RWMutex
}

func (*MemoryManager) AddKey 

func (m *MemoryManager) AddKey(set string, key *jose.JsonWebKey) error

func (*MemoryManager) AddKeySet 

func (m *MemoryManager) AddKeySet(set string, keys *jose.JsonWebKeySet) error

func (*MemoryManager) DeleteKey 

func (m *MemoryManager) DeleteKey(set, kid string) error

func (*MemoryManager) DeleteKeySet 

func (m *MemoryManager) DeleteKeySet(set string) error

func (*MemoryManager) GetKey 

func (m *MemoryManager) GetKey(set, kid string) (*jose.JsonWebKeySet, error)

func (*MemoryManager) GetKeySet 

func (m *MemoryManager) GetKeySet(set string) (*jose.JsonWebKeySet, error)

type RS256Generator 

type RS256Generator struct {
	KeyLength int
}

func (*RS256Generator) Generate 

func (g *RS256Generator) Generate(id string) (*jose.JsonWebKeySet, error)

type SQLManager 

type SQLManager struct {
	DB     *sqlx.DB
	Cipher *AEAD
}

func (*SQLManager) AddKey 

func (m *SQLManager) AddKey(set string, key *jose.JsonWebKey) error

func (*SQLManager) AddKeySet 

func (m *SQLManager) AddKeySet(set string, keys *jose.JsonWebKeySet) error

func (*SQLManager) CreateSchemas 

func (s *SQLManager) CreateSchemas() (int, error)

func (*SQLManager) DeleteKey 

func (m *SQLManager) DeleteKey(set, kid string) error

func (*SQLManager) DeleteKeySet 

func (m *SQLManager) DeleteKeySet(set string) error

func (*SQLManager) GetKey 

func (m *SQLManager) GetKey(set, kid string) (*jose.JsonWebKeySet, error)

func (*SQLManager) GetKeySet 

func (m *SQLManager) GetKeySet(set string) (*jose.JsonWebKeySet, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.