This commit is contained in:
Dave Grijalva 2012-07-06 17:02:20 -07:00
parent cbb3bae3aa
commit 0a26d2272f
6 changed files with 25 additions and 25 deletions

20
jwt.go
View File

@ -17,16 +17,16 @@ type Keyfunc func(*Token) ([]byte, error)
// A JWT Token // A JWT Token
type Token struct { type Token struct {
Header map[string]interface{} Header map[string]interface{}
Claims map[string]interface{} Claims map[string]interface{}
Method SigningMethod Method SigningMethod
// This is only populated when you Parse a token // This is only populated when you Parse a token
Signature string Signature string
// This is only populated when you Parse/Verify a token // This is only populated when you Parse/Verify a token
Valid bool Valid bool
} }
func New(method SigningMethod)*Token { func New(method SigningMethod) *Token {
return &Token{ return &Token{
Header: map[string]interface{}{ Header: map[string]interface{}{
"typ": "JWT", "typ": "JWT",
@ -37,7 +37,7 @@ func New(method SigningMethod)*Token {
} }
// Get the complete, signed token // Get the complete, signed token
func (t *Token) SignedString(key []byte)(string, error) { func (t *Token) SignedString(key []byte) (string, error) {
var sig, sstr string var sig, sstr string
var err error var err error
if sstr, err = t.SigningString(); err != nil { if sstr, err = t.SigningString(); err != nil {
@ -53,7 +53,7 @@ func (t *Token) SignedString(key []byte)(string, error) {
// most expensive part of the whole deal. Unless you // most expensive part of the whole deal. Unless you
// need this for something special, just go straight for // need this for something special, just go straight for
// the SignedString. // the SignedString.
func (t *Token) SigningString()(string, error) { func (t *Token) SigningString() (string, error) {
var err error var err error
parts := make([]string, 2) parts := make([]string, 2)
for i, _ := range parts { for i, _ := range parts {
@ -63,12 +63,12 @@ func (t *Token) SigningString()(string, error) {
} else { } else {
source = t.Claims source = t.Claims
} }
var jsonValue []byte var jsonValue []byte
if jsonValue, err = json.Marshal(source); err != nil { if jsonValue, err = json.Marshal(source); err != nil {
return "", err return "", err
} }
parts[i] = EncodeSegment(jsonValue) parts[i] = EncodeSegment(jsonValue)
} }
return strings.Join(parts, "."), nil return strings.Join(parts, "."), nil
@ -150,7 +150,7 @@ func ParseFromRequest(req *http.Request, keyFunc Keyfunc) (token *Token, err err
} }
// Encode JWT specific base64url encoding with padding stripped // Encode JWT specific base64url encoding with padding stripped
func EncodeSegment(seg []byte)string { func EncodeSegment(seg []byte) string {
return strings.TrimRight(base64.URLEncoding.EncodeToString(seg), "=") return strings.TrimRight(base64.URLEncoding.EncodeToString(seg), "=")
} }

View File

@ -2,10 +2,10 @@ package jwt
import ( import (
"crypto" "crypto"
"crypto/rand"
"crypto/rsa" "crypto/rsa"
"crypto/sha256" "crypto/sha256"
"crypto/x509" "crypto/x509"
"crypto/rand"
"encoding/pem" "encoding/pem"
"errors" "errors"
) )
@ -18,7 +18,7 @@ func init() {
}) })
} }
func (m *SigningMethodRS256) Alg()string { func (m *SigningMethodRS256) Alg() string {
return "RS256" return "RS256"
} }
@ -46,7 +46,7 @@ func (m *SigningMethodRS256) Verify(signingString, signature string, key []byte)
return return
} }
func (m *SigningMethodRS256) Sign(signingString string, key []byte)(sig string, err error) { func (m *SigningMethodRS256) Sign(signingString string, key []byte) (sig string, err error) {
// Key // Key
var rsaKey *rsa.PrivateKey var rsaKey *rsa.PrivateKey
if rsaKey, err = m.parsePrivateKey(key); err == nil { if rsaKey, err = m.parsePrivateKey(key); err == nil {
@ -61,7 +61,7 @@ func (m *SigningMethodRS256) Sign(signingString string, key []byte)(sig string,
return return
} }
func (m *SigningMethodRS256) parsePrivateKey(key []byte)(pkey *rsa.PrivateKey, err error) { func (m *SigningMethodRS256) parsePrivateKey(key []byte) (pkey *rsa.PrivateKey, err error) {
var block *pem.Block var block *pem.Block
if block, _ = pem.Decode(key); block != nil { if block, _ = pem.Decode(key); block != nil {
var parsedKey interface{} var parsedKey interface{}
@ -76,4 +76,4 @@ func (m *SigningMethodRS256) parsePrivateKey(key []byte)(pkey *rsa.PrivateKey, e
} }
} }
return return
} }

View File

@ -49,7 +49,6 @@ func TestRS256Verify(t *testing.T) {
} }
} }
func TestRS256Sign(t *testing.T) { func TestRS256Sign(t *testing.T) {
file, _ := os.Open("test/sample_key") file, _ := os.Open("test/sample_key")
buf := new(bytes.Buffer) buf := new(bytes.Buffer)
@ -70,4 +69,4 @@ func TestRS256Sign(t *testing.T) {
} }
} }
} }
} }

View File

@ -1,9 +1,9 @@
package jwt package jwt
import ( import (
"crypto/sha256"
"crypto/hmac"
"bytes" "bytes"
"crypto/hmac"
"crypto/sha256"
"errors" "errors"
) )
@ -15,7 +15,7 @@ func init() {
}) })
} }
func (m *SigningMethodHS256) Alg()string { func (m *SigningMethodHS256) Alg() string {
return "HS256" return "HS256"
} }
@ -33,9 +33,9 @@ func (m *SigningMethodHS256) Verify(signingString, signature string, key []byte)
return return
} }
func (m *SigningMethodHS256) Sign(signingString string, key []byte)(string, error) { func (m *SigningMethodHS256) Sign(signingString string, key []byte) (string, error) {
hasher := hmac.New(sha256.New, key) hasher := hmac.New(sha256.New, key)
hasher.Write([]byte(signingString)) hasher.Write([]byte(signingString))
return EncodeSegment(hasher.Sum(nil)), nil return EncodeSegment(hasher.Sum(nil)), nil
} }

View File

@ -24,13 +24,14 @@ var sha256TestData = []struct {
false, false,
}, },
} }
// Sample data from http://tools.ietf.org/html/draft-jones-json-web-signature-04#appendix-A.1 // Sample data from http://tools.ietf.org/html/draft-jones-json-web-signature-04#appendix-A.1
var sha256TestKey = []byte{ var sha256TestKey = []byte{
3, 35, 53, 75, 43, 15, 165, 188, 131, 126, 6, 101, 119, 123, 166, 3, 35, 53, 75, 43, 15, 165, 188, 131, 126, 6, 101, 119, 123, 166,
143, 90, 179, 40, 230, 240, 84, 201, 40, 169, 15, 132, 178, 210, 80, 143, 90, 179, 40, 230, 240, 84, 201, 40, 169, 15, 132, 178, 210, 80,
46, 191, 211, 251, 90, 146, 210, 6, 71, 239, 150, 138, 180, 195, 119, 46, 191, 211, 251, 90, 146, 210, 6, 71, 239, 150, 138, 180, 195, 119,
98, 61, 34, 61, 46, 33, 114, 5, 46, 79, 8, 192, 205, 154, 245, 103, 98, 61, 34, 61, 46, 33, 114, 5, 46, 79, 8, 192, 205, 154, 245, 103,
208, 128, 163 } 208, 128, 163}
func TestHS256Verify(t *testing.T) { func TestHS256Verify(t *testing.T) {
for _, data := range sha256TestData { for _, data := range sha256TestData {
@ -61,4 +62,4 @@ func TestHS256Sign(t *testing.T) {
} }
} }
} }
} }

View File

@ -10,7 +10,7 @@ var signingMethods = map[string]func() SigningMethod{}
// Signing method // Signing method
type SigningMethod interface { type SigningMethod interface {
Verify(signingString, signature string, key []byte) error Verify(signingString, signature string, key []byte) error
Sign(signingString string, key []byte)(string, error) Sign(signingString string, key []byte) (string, error)
Alg() string Alg() string
} }