jwtutils

package

v2.18.5 Latest Latest Go to latest Published: Jan 29, 2025 License: AGPL-3.0 Imports: 6 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/coder/coder

Links

Open Source Insights

Documentation ¶

Index ¶

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrMissingKeyID = xerrors.New("missing key ID")

Functions ¶

func Decrypt ¶

func Decrypt(ctx context.Context, d DecryptKeyProvider, token string, claims Claims, opts ...func(*DecryptOptions)) error

Decrypt decrypts the token using the provided key. It unmarshals into the provided claims.

func Encrypt ¶

func Encrypt(ctx context.Context, e EncryptKeyProvider, claims Claims) (string, error)

Encrypt encrypts a token and returns it as a string.

func Sign ¶

func Sign(ctx context.Context, s SigningKeyProvider, claims Claims) (string, error)

Sign signs a token and returns it as a string.

func Verify ¶

func Verify(ctx context.Context, v VerifyKeyProvider, token string, claims Claims, opts ...func(*VerifyOptions)) error

Verify verifies that a token was signed by the provided key. It unmarshals into the provided claims.

func WithDecryptExpected ¶

func WithDecryptExpected(expected jwt.Expected) func(*DecryptOptions)

func WithVerifyExpected ¶

func WithVerifyExpected(expected jwt.Expected) func(*VerifyOptions)

Types ¶

type Claims ¶

type Claims interface {
	Validate(jwt.Expected) error
}

Claims defines the payload for a JWT. Most callers should embed jwt.Claims

type DecryptKeyProvider ¶

type DecryptKeyProvider interface {
	DecryptingKey(ctx context.Context, id string) (key interface{}, err error)
}

type DecryptOptions ¶

type DecryptOptions struct {
	RegisteredClaims           jwt.Expected
	KeyAlgorithm               jose.KeyAlgorithm
	ContentEncryptionAlgorithm jose.ContentEncryption
}

DecryptOptions are options for decrypting a JWE.

type EncryptKeyProvider ¶

type EncryptKeyProvider interface {
	EncryptingKey(ctx context.Context) (id string, key interface{}, err error)
}

type RegisteredClaims ¶

type RegisteredClaims jwt.Claims

RegisteredClaims is a convenience type for embedding jwt.Claims. It should be preferred over embedding jwt.Claims directly since it will ensure that certain fields are set.

func (RegisteredClaims) Validate ¶

func (r RegisteredClaims) Validate(e jwt.Expected) error

type SigningKeyManager ¶

type SigningKeyManager interface {
	SigningKeyProvider
	VerifyKeyProvider
}

type SigningKeyProvider ¶

type SigningKeyProvider interface {
	SigningKey(ctx context.Context) (id string, key interface{}, err error)
}

type StaticKey ¶

type StaticKey struct {
	ID  string
	Key interface{}
}

StaticKey fulfills the SigningKeycache and EncryptionKeycache interfaces. Useful for testing.

func (StaticKey) Close ¶

func (StaticKey) Close() error

func (StaticKey) DecryptingKey ¶

func (s StaticKey) DecryptingKey(_ context.Context, id string) (interface{}, error)

func (StaticKey) EncryptingKey ¶

func (s StaticKey) EncryptingKey(_ context.Context) (string, interface{}, error)

func (StaticKey) SigningKey ¶

func (s StaticKey) SigningKey(_ context.Context) (string, interface{}, error)

func (StaticKey) VerifyingKey ¶

func (s StaticKey) VerifyingKey(_ context.Context, id string) (interface{}, error)

type VerifyKeyProvider ¶

type VerifyKeyProvider interface {
	VerifyingKey(ctx context.Context, id string) (key interface{}, err error)
}

type VerifyOptions ¶

type VerifyOptions struct {
	RegisteredClaims   jwt.Expected
	SignatureAlgorithm jose.SignatureAlgorithm
}

VerifyOptions are options for verifying a JWT.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL