tokenutils

package
Version: v1.82.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 5, 2021 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Overview

Package tokenutils contains various utilities used to interact with Aporeto JWTs.

Index

Constants

View Source
const AudienceAny = "*"

AudienceAny represents any operation, identity or namespace.

Variables

This section is empty.

Functions

func ExtractQuota

func ExtractQuota(token string) (int, error)

ExtractQuota extracts the eventual quota from a token. Not that the token is not verified in the process, you the verification must be done before trusting the extracted quota value.

func ExtractRestrictions added in v1.77.1

func ExtractRestrictions(token string) (ns string, perms []string, networks []string, err error)

ExtractRestrictions extracts the eventual authz restrictions embded in the token.

func SigAlg

func SigAlg(token string) (string, error)

SigAlg returns the signature used by the token

func Snip

func Snip(err error, token string) error

Snip snips the given token from the given error.

func UnsecureClaimsMap

func UnsecureClaimsMap(token string) (claims map[string]interface{}, err error)

UnsecureClaimsMap decodes the claims in the given JWT token without verifying its validity. Only use or trust this after proper validation.

Types

type Audience

type Audience struct {
	Operations []string
	Identities []string
	Namespaces []string
}

Audience represents a parsed audience string.

func (Audience) String

func (a Audience) String() string

func (Audience) Verify

func (a Audience) Verify(operation elemental.Operation, identity elemental.Identity, namespace string) bool

Verify verifies the audience is valid for the given operation, identity and namespace.

type AudiencesList

type AudiencesList []Audience

AudiencesList is a list of audiences.

func ParseAudience

func ParseAudience(audString string, modelManager elemental.ModelManager) (AudiencesList, error)

ParseAudience parses the audience string and returns an AudiencesList.

func UnsecureAudience

func UnsecureAudience(token string, modelManager elemental.ModelManager) (AudiencesList, error)

UnsecureAudience extracts the audience list from a token string without verifying its validity. Only use or trust this after proper validation.

func (AudiencesList) String

func (a AudiencesList) String() string

func (AudiencesList) Verify

func (a AudiencesList) Verify(operation elemental.Operation, identity elemental.Identity, namespace string) bool

Verify verifies at least one audience in the list is valid for the given operation, identity and namespace.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL