README
¶
go-jwsutil
Golang utility package for JSON Web Signature (JWS).
Example
package main
import (
"crypto/rand"
"crypto/rsa"
"fmt"
"github.com/golang-jwt/jwt"
"github.com/shizhMSFT/go-jwsutil"
)
func main() {
// Generate a RSA key pair for this demo
key, err := rsa.GenerateKey(rand.Reader, 2048)
panicOnError(err)
// Generate a JWT token
token := jwt.NewWithClaims(jwt.SigningMethodPS512, jwt.MapClaims{
"sub": "demo",
})
serialized, err := token.SignedString(key)
panicOnError(err)
// Convert compact serialization to JSON serialization
serialized, err = jwsutil.ConvertCompactToJSON(serialized, jwt.MapClaims{
"foo": "bar",
})
panicOnError(err)
// Print the JSON serialized token
fmt.Println(serialized)
// Convert it back to compact
var unprotectedClaims jwt.MapClaims
serialized, err = jwsutil.ConvertJSONToCompact(serialized, &unprotectedClaims)
panicOnError(err)
// Print out the extracted unprotected claims
fmt.Println(unprotectedClaims)
// Parse and verify the converted token
token, err = jwt.Parse(serialized, func(token *jwt.Token) (interface{}, error) {
if alg := token.Method.Alg(); alg != jwt.SigningMethodPS512.Alg() {
return nil, fmt.Errorf("Unexpected signing method: %v", alg)
}
return &key.PublicKey, nil
})
panicOnError(err)
fmt.Println(token.Valid)
}
func panicOnError(err error) {
if err != nil {
panic(err)
}
}
The above code outputs:
{"payload":"eyJzdWIiOiJkZW1vIn0","protected":"eyJhbGciOiJQUzUxMiIsInR5cCI6IkpXVCJ9","header":{"foo":"bar"},"signature":"s9tGI6169wK1BJyUrZvAN-1PA1IK_sxADMmMI-tAnnkRFdM_gAscBhSWmRY7dJGAjhkuK6itQC_NUWnPYp9GD7YNSig8dcdBhCIxYhfDUDbaGEz8SDVijuJ_oZpBySGBF9Y_01v5ESHd_x8j70kZcsf5JjYah1D5DHz76D8atLbf4nn84koy6-Tc6wbBpSZLyj0A-rdNcPGk_iMBxFbhSAmsIMZEUc6frJpPwp-5uoUnrHuPwWlOpo1gQox0t8x3Wkz6ebi2RdWhJW-s_kfV72DExzNT_aDTNxX5OtyfQ7QSMdc-wBgHU1l_fvsLSylE26dey_YhOBT9jAywnF7n3g"}
map[foo:bar]
true
The flattened JWS JSON object in the output can be pretty printed as
{
"payload": "eyJzdWIiOiJkZW1vIn0",
"protected": "eyJhbGciOiJQUzUxMiIsInR5cCI6IkpXVCJ9",
"header": {
"foo": "bar"
},
"signature": "s9tGI6169wK1BJyUrZvAN-1PA1IK_sxADMmMI-tAnnkRFdM_gAscBhSWmRY7dJGAjhkuK6itQC_NUWnPYp9GD7YNSig8dcdBhCIxYhfDUDbaGEz8SDVijuJ_oZpBySGBF9Y_01v5ESHd_x8j70kZcsf5JjYah1D5DHz76D8atLbf4nn84koy6-Tc6wbBpSZLyj0A-rdNcPGk_iMBxFbhSAmsIMZEUc6frJpPwp-5uoUnrHuPwWlOpo1gQox0t8x3Wkz6ebi2RdWhJW-s_kfV72DExzNT_aDTNxX5OtyfQ7QSMdc-wBgHU1l_fvsLSylE26dey_YhOBT9jAywnF7n3g"
}
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( ErrInvalidCompactSerialization = errors.New("invalid compact serialization") ErrInvalidJSONSerialization = errors.New("invalid JSON serialization") )
Functions ¶
func ConvertCompactToJSON ¶
ConvertCompactToJSON converts compact serialized JWS to flattened JSON form, adding unprotected headers.
func ConvertJSONToCompact ¶
ConvertJSONToCompact converts JSON serialized JWS to compact form, extracting unprotected headers.
Types ¶
type CompleteSignature ¶
CompleteSignature represents a clear signed signature.
func ParseCompact ¶
func ParseCompact(serialized string) (CompleteSignature, error)
Parse parses the compact serialized JWS. See https://www.rfc-editor.org/rfc/rfc7515#section-7.1
func (CompleteSignature) Enclose ¶
func (s CompleteSignature) Enclose() Envelope
Enclose packs the signature into an envelope.
func (CompleteSignature) SerializeCompact ¶
func (s CompleteSignature) SerializeCompact() string
SerializeCompact serialize the signature in JWS Compact Serialization See https://www.rfc-editor.org/rfc/rfc7515#section-7.1
func (CompleteSignature) SerializeFlattenedJSON ¶
func (s CompleteSignature) SerializeFlattenedJSON() string
SerializeFlattenedJSON serialize the signature in Flattened JWS JSON Serialization See https://www.rfc-editor.org/rfc/rfc7515#section-7.2.2
func (CompleteSignature) SerializeGeneralJSON ¶
func (s CompleteSignature) SerializeGeneralJSON() string
SerializeGeneralJSON serialize the signature in General JWS JSON Serialization See https://www.rfc-editor.org/rfc/rfc7515#section-7.2.1
func (CompleteSignature) SerializeJSON ¶
func (s CompleteSignature) SerializeJSON() string
SerializeJSON serialize the signature in JWS JSON Serialization See https://www.rfc-editor.org/rfc/rfc7515#section-7.2
type Envelope ¶
type Envelope struct {
Payload string `json:"payload,omitempty"`
Signatures []Signature `json:"signatures,omitempty"`
}
Envelope contains a common payload signed by multiple signatures.
func ParseJSON ¶
Parse parses the compact serialized JWS. See https://www.rfc-editor.org/rfc/rfc7515#section-7.2
func (Envelope) CompleteSignature ¶
func (e Envelope) CompleteSignature() CompleteSignature
CompleteSignature exports the first or default complete signature.
func (Envelope) CompleteSignatures ¶
func (e Envelope) CompleteSignatures() []CompleteSignature
CompleteSignatures exports complete signatures.
func (Envelope) Flattenable ¶
Flattenable checks if an envelope can be flattenned.
func (Envelope) Serialize ¶
Serialize serialize the envelope in General JWS JSON Serialization See https://www.rfc-editor.org/rfc/rfc7515#section-7.2.1
Source Files