auth

package module
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 23, 2025 License: MIT Imports: 12 Imported by: 0

README

Authenticator

This is a minimal package for parsing and validating tokens.

Install dependency

go get github.com/webmafia/oauth2-authenticator

Example usage

const url = "https://example.com/.well-known/jwks.json"
const token = "<JWT TOKEN>"
const issuer = "example.com"
var algs = []string{"EdDSA"}

auth, err := NewAuthenticator(context.Background(), url, time.Hour, issuer, algs)

if err != nil {
	return
}

var tok Token

if err = auth.Validate(token, &tok); err != nil {
	return
}

fmt.Printf("Valid token: %#v\n", tok)

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Authenticator

type Authenticator struct {
	// contains filtered or unexported fields
}

func NewAuthenticator

func NewAuthenticator(ctx context.Context, jwksUrl string, refreshInterval time.Duration, issuer string, algs []string) (auth *Authenticator, err error)

func NewAuthenticatorWithJWKS

func NewAuthenticatorWithJWKS(jwks jwkset.Storage, issuer string, algs []string) (auth *Authenticator, err error)

func (*Authenticator) ForceRefreshJWKS

func (auth *Authenticator) ForceRefreshJWKS(ctx context.Context) (err error)

func (*Authenticator) Validate

func (auth *Authenticator) Validate(token string, dst *Token) (err error)

func (*Authenticator) ValidateBytes

func (auth *Authenticator) ValidateBytes(token []byte, dst *Token) (err error)

type TextualInt

type TextualInt int

An integer that encodes to (and decodes from) a JSON string.

func (TextualInt) MarshalJSON

func (t TextualInt) MarshalJSON() ([]byte, error)

MarshalJSON implements json.Marshaler.

func (TextualInt) String

func (t TextualInt) String() string

func (*TextualInt) UnmarshalJSON

func (t *TextualInt) UnmarshalJSON(data []byte) error

UnmarshalJSON implements json.Unmarshaler.

type Token

type Token struct {
	ID          uuid.UUID       `json:"jti"`
	IssuedAt    jwt.NumericDate `json:"iat"`
	ExpiresAt   jwt.NumericDate `json:"exp"`
	Issuer      string          `json:"iss"`
	Subject     TextualInt      `json:"sub"`
	AuthContext string          `json:"acr"`
	FirstName   string          `json:"given_name"`
	LastName    string          `json:"family_name"`
	Actor       struct {
		Subject TextualInt `json:"sub"`
	} `json:"act"`
}

JWT claims with naming according to: https://www.iana.org/assignments/jwt/jwt.xhtml

func (Token) GetAudience

func (t Token) GetAudience() (jwt.ClaimStrings, error)

GetAudience implements jwt.Claims.

func (Token) GetExpirationTime

func (t Token) GetExpirationTime() (*jwt.NumericDate, error)

GetExpirationTime implements jwt.Claims.

func (Token) GetIssuedAt

func (t Token) GetIssuedAt() (*jwt.NumericDate, error)

GetIssuedAt implements jwt.Claims.

func (Token) GetIssuer

func (t Token) GetIssuer() (string, error)

GetIssuer implements jwt.Claims.

func (Token) GetNotBefore

func (t Token) GetNotBefore() (*jwt.NumericDate, error)

GetNotBefore implements jwt.Claims.

func (Token) GetSubject

func (t Token) GetSubject() (string, error)

GetSubject implements jwt.Claims.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL