Documentation

Overview

    Package tokenutils contains various utilities used to interact with Aporeto JWTs.

    Index

    Constants

    View Source
    const AudienceAny = "*"

      AudienceAny represents any operation, identity or namespace.

      Variables

      This section is empty.

      Functions

      func ExtractQuota

      func ExtractQuota(token string) (int, error)

        ExtractQuota extracts the eventual quota from a token. Not that the token is not verified in the process, you the verification must be done before trusting the extracted quota value.

        func ExtractRestrictions

        func ExtractRestrictions(token string) (ns string, perms []string, networks []string, err error)

          ExtractRestrictions extracts the eventual authz restrictions embded in the token.

          func SigAlg

          func SigAlg(token string) (string, error)

            SigAlg returns the signature used by the token

            func Snip

            func Snip(err error, token string) error

              Snip snips the given token from the given error.

              func UnsecureClaimsMap

              func UnsecureClaimsMap(token string) (claims map[string]interface{}, err error)

                UnsecureClaimsMap decodes the claims in the given JWT token without verifying its validity. Only use or trust this after proper validation.

                Types

                type Audience

                type Audience struct {
                	Operations []string
                	Identities []string
                	Namespaces []string
                }

                  Audience represents a parsed audience string.

                  func (Audience) String

                  func (a Audience) String() string

                  func (Audience) Verify

                  func (a Audience) Verify(operation elemental.Operation, identity elemental.Identity, namespace string) bool

                    Verify verifies the audience is valid for the given operation, identity and namespace.

                    type AudiencesList

                    type AudiencesList []Audience

                      AudiencesList is a list of audiences.

                      func ParseAudience

                      func ParseAudience(audString string, modelManager elemental.ModelManager) (AudiencesList, error)

                        ParseAudience parses the audience string and returns an AudiencesList.

                        func UnsecureAudience

                        func UnsecureAudience(token string, modelManager elemental.ModelManager) (AudiencesList, error)

                          UnsecureAudience extracts the audience list from a token string without verifying its validity. Only use or trust this after proper validation.

                          func (AudiencesList) String

                          func (a AudiencesList) String() string

                          func (AudiencesList) Verify

                          func (a AudiencesList) Verify(operation elemental.Operation, identity elemental.Identity, namespace string) bool

                            Verify verifies at least one audience in the list is valid for the given operation, identity and namespace.