package jwt

import "github.com/SermoDigital/jose/jwt"

Package jwt implements JWTs per RFC 7519

Index ¶

• Variables
• type Claims
• func (c Claims) Base64() ([]byte, error)
• func (c Claims) Del(key string)
• func (c Claims) Get(key string) interface{}
• func (c Claims) Has(key string) bool
• func (c Claims) MarshalJSON() ([]byte, error)
• func (c Claims) Set(key string, val interface{})
• func (c *Claims) UnmarshalJSON(b []byte) error
• func (c Claims) Validate(now, expLeeway, nbfLeeway int64) error
• type JWT
• type Opts
• type ValidateFunc

Variables ¶

var (
	// ErrTokenIsExpired is return when time.Now().Unix() is after
	// the token's "exp" claim.
	ErrTokenIsExpired = errors.New("token is expired")

	// ErrTokenNotYetValid is return when time.Now().Unix() is before
	// the token's "nbf" claim.
	ErrTokenNotYetValid = errors.New("token is not yet valid")
)

Types ¶

type Claims ¶

type Claims map[string]interface{}

Claims implements a set of JOSE Claims with the addition of some helper methods, similar to net/url.Values.

func (Claims) Base64 ¶

func (c Claims) Base64() ([]byte, error)

Base64 implements the Encoder interface.

func (Claims) Del ¶

func (c Claims) Del(key string)

Del removes the value that corresponds with key from the Claims.

func (Claims) Get ¶

func (c Claims) Get(key string) interface{}

Get retrieves the value corresponding with key from the Claims.

func (Claims) Has ¶

func (c Claims) Has(key string) bool

Has returns true if a value for the given key exists inside the Claims.

func (Claims) MarshalJSON ¶

func (c Claims) MarshalJSON() ([]byte, error)

MarshalJSON implements json.Marshaler for Claims.

func (Claims) Set ¶

func (c Claims) Set(key string, val interface{})

Set sets Claims[key] = val. It'll overwrite without warning.

func (*Claims) UnmarshalJSON ¶

func (c *Claims) UnmarshalJSON(b []byte) error

UnmarshalJSON implements json.Unmarshaler for Claims.

func (Claims) Validate ¶

func (c Claims) Validate(now, expLeeway, nbfLeeway int64) error

Validate validates the Claims per the claims found in https://tools.ietf.org/html/rfc7519#section-4.1

type JWT ¶

type JWT interface {
	// Claims returns the set of Claims.
	Claims() Claims

	// Verify returns an error describing any issues found while
	// validating the JWT. For info on the fn parameter, see the
	// comment on ValidateFunc.
	Verify(key interface{}, method crypto.SigningMethod, o ...Opts) error

	// Serialize serializes the JWT into its on-the-wire
	// representation.
	Serialize(key interface{}) ([]byte, error)
}

JWT represents a JWT as per RFC 7519. It's described as an interface instead of a physical structure because both JWS and JWEs can be JWTs. So, in order to use either, import one of those two packages and use their "NewJWT" (and other) functions.

type Opts ¶

type Opts struct {
	EXP int64        // EXPLeeway
	NBF int64        // NBFLeeway
	Fn  ValidateFunc // See ValidateFunc for more information.
	// contains filtered or unexported fields
}

Opts represents some of the validation options.

type ValidateFunc ¶

type ValidateFunc func(Claims) error

ValidateFunc is a function that provides access to the JWT and allows for custom validation. Keep in mind that the Verify methods in the JWS/JWE sibling packages call ValidateFunc *after* validating the JWS/JWE, but *before* any validation per the JWT RFC. Therefore, the ValidateFunc can be used to short-circuit verification, but cannot be used to circumvent the RFC. Custom JWT implementations are free to abuse this, but it is not recommended.

Source Files ¶

claims.go doc.go errors.go jwt.go