provider

package

v0.0.0-...-57cc1b4 Latest Latest Go to latest Published: Dec 2, 2024 License: Apache-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/wiowou/jwt

Links

Open Source Insights

Documentation ¶

Index ¶

type IJWKProvider
type IOnDemandJWKProvider
- func NewOnDemandJWKProvider(options OnDemandJWKProviderOptions) IOnDemandJWKProvider
type IRemoteJWKProvider
- func NewRemoteJWKProvider(options RemoteJWKProviderOptions) IRemoteJWKProvider
type JWKProvider
- func (t *JWKProvider) FindCryptoKey(id string) (crypto.PublicKey, bool)
type OnDemandJWKProvider
- func (t *OnDemandJWKProvider) IsExpired() bool
type OnDemandJWKProviderOptions
type RemoteJWKProvider
type RemoteJWKProviderOptions

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type IJWKProvider ¶

type IJWKProvider interface {
	FindCryptoKey(string) (crypto.PublicKey, bool)
}

IJWKProvider is the base interface for all providers

type IOnDemandJWKProvider ¶

type IOnDemandJWKProvider interface {
	IRemoteJWKProvider
	IsExpired() bool
}

IOnDemandJWKProvider is the interface for an on-demand provider. An on demand provider only updates its public keys when a call is explicity made to update them. This may be necessary when the server is only running when requests are made, ie, AWS lambda.

func NewOnDemandJWKProvider ¶

func NewOnDemandJWKProvider(options OnDemandJWKProviderOptions) IOnDemandJWKProvider

NewOnDemandJWKProvider creates a new OnDemandJWKProvider given a set of OnDemandJWKProviderOptions.

type IRemoteJWKProvider ¶

type IRemoteJWKProvider interface {
	IJWKProvider

	JSONDecodeCryptoKeys(responseBody io.Reader) ([]jwk.JWK, error)
	SetThis(this IRemoteJWKProvider)
	ToCryptoKeys() []crypto.PublicKey
	UpdateCryptoKeys() error
	// contains filtered or unexported methods
}

IRemoteJWKProvider is the base interface for providers which update their public keys via a url. This provider updates its public keys on a regular interval. That interval is specified in the RemoteJWKProviderOptions. Updates occur in the background context. A mutex lock is placed on public key retrieval to prevent any race conditions that may occur during an update.

func NewRemoteJWKProvider ¶

func NewRemoteJWKProvider(options RemoteJWKProviderOptions) IRemoteJWKProvider

NewRemoteJWKProvider creates a new RemoteJWKProvider given a set of RemoteJWKProviderOptions.

type JWKProvider ¶

type JWKProvider struct {
	CryptoKeys map[string]crypto.PublicKey
	JWKs       []jwk.JWK
}

JWKProvider is the base implementation for all providers. It implements the IJWKProvider interface.

func (*JWKProvider) FindCryptoKey ¶

func (t *JWKProvider) FindCryptoKey(id string) (crypto.PublicKey, bool)

FindCryptoKey finds a public key using the key id.

type OnDemandJWKProvider ¶

type OnDemandJWKProvider struct {
	*RemoteJWKProvider
}

OnDemandJWKProvider is the base implementation for an on-demand provider. It impelments the IOnDemandJWKProvider interface.

func (*OnDemandJWKProvider) IsExpired ¶

func (t *OnDemandJWKProvider) IsExpired() bool

IsExpired returns true if the public keys were retrieved before a period of time equal to the FetchInterval, specified in the OnDemandJWKProviderOptions.

type OnDemandJWKProviderOptions ¶

type OnDemandJWKProviderOptions = RemoteJWKProviderOptions

OnDemandJWKProviderOptions are currently the same as RemoteJWKProviderOptions

type RemoteJWKProvider ¶

type RemoteJWKProvider struct {
	*JWKProvider
	// contains filtered or unexported fields
}

RemoteJWKProvider is the implementation for providers which update their public keys via a url. Implements the IRemoteJWKProvider interface.

func (*RemoteJWKProvider) FindCryptoKey ¶

func (t *RemoteJWKProvider) FindCryptoKey(id string) (crypto.PublicKey, bool)

FindCryptoKey finds a public key using the key id. Uses a mutex lock to prevent race conditions that may occur during public key updates.

func (*RemoteJWKProvider) JSONDecodeCryptoKeys ¶

func (t *RemoteJWKProvider) JSONDecodeCryptoKeys(responseBody io.Reader) ([]jwk.JWK, error)

JSONDecodeCryptoKeys converts the response body of the call to FetchURL to a slice of JWK. "Override" this method (see example in provider_override_test.go) to use your preferred json decoder or to accomodate a non-standard response body.

func (*RemoteJWKProvider) SetThis ¶

func (t *RemoteJWKProvider) SetThis(this IRemoteJWKProvider)

SetThis provides a mechanism to override public RemoteJWKProvider methods. Please see example in provider_override_test.go.

func (*RemoteJWKProvider) ToCryptoKeys ¶

func (t *RemoteJWKProvider) ToCryptoKeys() []crypto.PublicKey

ToCryptoKeys returns a slice of the provider's public keys. Use this when you want a copy of the current public keys. You can pass all of these keys to the Token's Verify method when you don't have a specific key id for the user's token.

func (*RemoteJWKProvider) UpdateCryptoKeys ¶

func (t *RemoteJWKProvider) UpdateCryptoKeys() error

UpdateCryptoKeys will update the stored public keys with a request to FetchURL. A mutex lock is used to prevent race conditions.

type RemoteJWKProviderOptions ¶

type RemoteJWKProviderOptions struct {
	// Determines how long to wait for a response from FetchURL before quitting/failing.
	HTTPTimeout time.Duration
	// Period of time between requests to FetchURL, or period of time used to determine expiry of previously retrieved public keys
	FetchInterval time.Duration
	// URL from which to fetch public keys, typically a url like ".../.well-known/jwks.json".
	FetchURL string
}

RemoteJWKProviderOptions are options to initialize a RemoteJWKProvider.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL