Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrInvalidToken = errors.New("Invalid token") ErrPublicKeyNotFound = errors.New("No public key found for given kid") ErrWrongSignature = errors.New("Wrong token signature") ErrNoIssueTimeInToken = errors.New("No issue time in token") ErrNoExpirationTimeInToken = errors.New("No expiration time in token") ErrExpirationTimeTooFarInFuture = errors.New("Expiration time too far in future") ErrTokenUsedTooEarly = errors.New("Token used too early") ErrTokenUsedTooLate = errors.New("Token used too late") )
Functions ¶
Types ¶
type CertsVerifier ¶
type CertsVerifier struct {
DefaultAudience []string
}
CertsVerifier implements Verifier by fetching once in a while the Google certs and validating the ID tokens locally
func (*CertsVerifier) VerifyIDToken ¶
func (v *CertsVerifier) VerifyIDToken(idToken string, audience ...string) error
VerifyIDToken checks the validity of a given Google-issued OAuth2 token ID
type ClaimSet ¶
type ClaimSet struct { jws.ClaimSet Email string `json:"email"` EmailVerified bool `json:"email_verified"` Name string `json:"name"` Picture string `json:"picture"` GivenName string `json:"given_name"` FamilyName string `json:"family_name"` Locale string `json:"locale"` // HostedDomain present if the user is in a Gsuite domain HostedDomain string `json:"hd,omitempty"` }
type TokenVerifier ¶
type TokenVerifier interface { // VerifyIDToken checks the validity of a given Google-issued OAuth2 token ID VerifyIDToken(idToken string, audience ...string) error }
TokenVerifier has a method to verify a Google-issued OAuth2 token ID
Click to show internal directories.
Click to hide internal directories.