jwt/search/search_index.json

1 line
12 KiB
JSON
Raw Normal View History

{"config":{"lang":["en"],"separator":"[\\s\\-]+","pipeline":["stopWordFilter"]},"docs":[{"location":"","title":"Getting Started","text":"<p>Welcome to <code>jwt-go</code>, a go (or 'golang' for search engine friendliness) implementation of JSON Web Tokens. </p>"},{"location":"#supported-go-versions","title":"Supported Go versions","text":"<p>Our support of Go versions is aligned with Go's version release policy. So we will support a major version of Go until there are two newer major releases. We no longer support building jwt-go with unsupported Go versions, as these contain security vulnerabilities which will not be fixed.</p>"},{"location":"#what-the-heck-is-a-jwt","title":"What the heck is a JWT?","text":"<p>JWT.io has a great introduction to JSON Web Tokens.</p> <p>In short, it's a signed JSON object that does something useful (for example, authentication). It's commonly used for <code>Bearer</code> tokens in OAuth 2.0 A token is made of three parts, separated by <code>.</code>'s. The first two parts are JSON objects, that have been base64url encoded. The last part is the signature, encoded the same way.</p> <p>The first part is called the header. It contains the necessary information for verifying the last part, the signature. For example, which encryption method was used for signing and what key was used.</p> <p>The part in the middle is the interesting bit. It's called the Claims and contains the actual stuff you care about. Refer to RFC 7519 for information about reserved keys and the proper way to add your own.</p>"},{"location":"#whats-in-the-box","title":"What's in the box?","text":"<p>This library supports the parsing and verification as well as the generation and signing of JWTs. Current supported signing algorithms are HMAC SHA, RSA, RSA-PSS, ECDSA and EdDSA, though hooks are present for adding your own.</p>"},{"location":"#installation-guidelines","title":"Installation Guidelines","text":"<p>To install the jwt package, you first need to have Go installed, then you can use the command below to add <code>jwt-go</code> as a dependency in your Go program.</p> <pre><code>go get -u github.com/golang-jwt/jwt/v5\n</code></pre> <p>Then import it in your code:</p> <pre><code>import \"github.com/golang-jwt/jwt/v5\"\n</code></pre>"},{"location":"usage/create/","title":"Creating a New JWT","text":"<p>One of the primary goals of this library is to create a new JWT (or in short token).</p>"},{"location":"usage/create/#with-default-options","title":"With Default Options","text":"<p>The easiest way to create a token is to use the <code>jwt.New</code> function. It then needs one of the available signing methods, to finally sign and convert the token into a string format (using the <code>SignedString</code> method). In the first example, we are using a symmetric signing method, i.e., HS256. For a symmetric method, both the signing and the verifying key are the same and thus, both must be equally protected (and should definitely NOT be stored in your code).</p> <pre><code>var (\nkey []byte\nt *jwt.Token\ns string\n)\nkey = /* Load key from somewhere, for example an environment variable */\nt = jwt.New(jwt.SigningMethodHS256) // (1)!\ns = t.SignedString(key) // (2)!\n</code></pre> <ol> <li>This initializes a new <code>jwt.Token</code> struct based on the supplied signing method. In this case a symmetric method is chosen.</li> <li>This step computes a cryptographic signature based on the supplied key. </li> </ol> <p>Signing using an asymmetric signing method (for example ECDSA) works quite similar. For an asymmetric method, the private key (which must be kept secret) is used to sign and the corresponding public key (which can be freely transmitted) is used to verify the token.</p> <pre><code>var (\nkey *ecdsa.PrivateKey\nt *jwt.Token\ns string\n)\nkey = /* Load key from somewhere, for example a file */\nt = jwt.New(jwt.SigningMethodES256) // (1)!\ns = t.SignedString(key) // (2)!\n</code></pre> <ol> <li>This initializes a new <code>jwt.Token</code> struct based on the supplied signing method. In this