mirror
/
jwt
mirror of https://github.com/golang-jwt/jwt.git
1
0
Fork 1
Code Issues Packages Projects Releases Wiki Activity
jwt/usage/create/index.html

633 lines
29 KiB
HTML
Raw Blame History

<!doctype html>
<html lang="en" class="no-js">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<link rel="canonical" href="https://golang-jwt.github.io/jwt/usage/create/">
<link rel="prev" href="../..">
<link rel="next" href="../parse/">
<link rel="icon" href="../../assets/jwt.png">
<meta name="generator" content="mkdocs-1.5.2, mkdocs-material-9.3.1">
<title>Creating a New JWT - golang-jwt docs</title>
<link rel="stylesheet" href="../../assets/stylesheets/main.046329b4.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/palette.85d0ee34.min.css">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback">
<style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style>
<script>__md_scope=new URL("../..",location),__md_hash=e=>[...e].reduce((e,_)=>(e<<5)-e+_.charCodeAt(0),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script>
<meta property="og:type" content="website" >
<meta property="og:title" content="Creating a New JWT - golang-jwt docs" >
<meta property="og:description" content="None" >
<meta property="og:image" content="https://golang-jwt.github.io/jwt/assets/images/social/usage/create.png" >
<meta property="og:image:type" content="image/png" >
<meta property="og:image:width" content="1200" >
<meta property="og:image:height" content="630" >
<meta property="og:url" content="https://golang-jwt.github.io/jwt/usage/create/" >
<meta name="twitter:card" content="summary_large_image" >
<meta name="twitter:title" content="Creating a New JWT - golang-jwt docs" >
<meta name="twitter:description" content="None" >
<meta name="twitter:image" content="https://golang-jwt.github.io/jwt/assets/images/social/usage/create.png" >
</head>
<body dir="ltr" data-md-color-scheme="default" data-md-color-primary="light-blue" data-md-color-accent="purple">
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
<label class="md-overlay" for="__drawer"></label>
<div data-md-component="skip">
<a href="#creating-a-new-jwt" class="md-skip">
Skip to content
</a>
</div>
<div data-md-component="announce">
</div>
<header class="md-header" data-md-component="header">
<nav class="md-header__inner md-grid" aria-label="Header">
<a href="../.." title="golang-jwt docs" class="md-header__button md-logo" aria-label="golang-jwt docs" data-md-component="logo">
<img src="../../assets/jwt.png" alt="logo">
</a>
<label class="md-header__button md-icon" for="__drawer">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2Z"/></svg>
</label>
<div class="md-header__title" data-md-component="header-title">
<div class="md-header__ellipsis">
<div class="md-header__topic">
<span class="md-ellipsis">
golang-jwt docs
</span>
</div>
<div class="md-header__topic" data-md-component="header-topic">
<span class="md-ellipsis">
Creating a New JWT
</span>
</div>
</div>
</div>
<label class="md-header__button md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
</label>
<div class="md-search" data-md-component="search" role="dialog">
<label class="md-search__overlay" for="__search"></label>
<div class="md-search__inner" role="search">
<form class="md-search__form" name="search">
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required>
<label class="md-search__icon md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"/></svg>
</label>
<nav class="md-search__options" aria-label="Search">
<button type="reset" class="md-search__icon md-icon" title="Clear" aria-label="Clear" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41Z"/></svg>
</button>
</nav>
</form>
<div class="md-search__output">
<div class="md-search__scrollwrap" data-md-scrollfix>
<div class="md-search-result" data-md-component="search-result">
<div class="md-search-result__meta">
Initializing search
</div>
<ol class="md-search-result__list" role="presentation"></ol>
</div>
</div>
</div>
</div>
</div>
<div class="md-header__source">
<a href="https://github.com/golang-jwt/jwt" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.4.2 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2023 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
golang-jwt/jwt
</div>
</a>
</div>
</nav>
</header>
<div class="md-container" data-md-component="container">
<nav class="md-tabs" aria-label="Tabs" data-md-component="tabs">
<div class="md-grid">
<ul class="md-tabs__list">
<li class="md-tabs__item">
<a href="../.." class="md-tabs__link">
Getting Started
</a>
</li>
<li class="md-tabs__item md-tabs__item--active">
<a href="./" class="md-tabs__link">
Usage
</a>
</li>
</ul>
</div>
</nav>
<main class="md-main" data-md-component="main">
<div class="md-main__inner md-grid">
<div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--primary md-nav--lifted md-nav--integrated" aria-label="Navigation" data-md-level="0">
<label class="md-nav__title" for="__drawer">
<a href="../.." title="golang-jwt docs" class="md-nav__button md-logo" aria-label="golang-jwt docs" data-md-component="logo">
<img src="../../assets/jwt.png" alt="logo">
</a>
golang-jwt docs
</label>
<div class="md-nav__source">
<a href="https://github.com/golang-jwt/jwt" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.4.2 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2023 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
golang-jwt/jwt
</div>
</a>
</div>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../.." class="md-nav__link">
<span class="md-ellipsis">
Getting Started
</span>
</a>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_2" checked>
<label class="md-nav__link" for="__nav_2" id="__nav_2_label" tabindex="0">
<span class="md-ellipsis">
Usage
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_2_label" aria-expanded="true">
<label class="md-nav__title" for="__nav_2">
<span class="md-nav__icon md-icon"></span>
Usage
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--active">
<input class="md-nav__toggle md-toggle" type="checkbox" id="__toc">
<label class="md-nav__link md-nav__link--active" for="__toc">
<span class="md-ellipsis">
Creating a New JWT
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<a href="./" class="md-nav__link md-nav__link--active">
<span class="md-ellipsis">
Creating a New JWT
</span>
</a>
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#with-default-options" class="md-nav__link">
With Default Options
</a>
</li>
<li class="md-nav__item">
<a href="#with-additional-claims" class="md-nav__link">
With Additional Claims
</a>
</li>
<li class="md-nav__item">
<a href="#with-options" class="md-nav__link">
With Options
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../parse/" class="md-nav__link">
<span class="md-ellipsis">
Parsing and Validating a JWT
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../signing_methods/" class="md-nav__link">
<span class="md-ellipsis">
Signing Methods
</span>
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-content" data-md-component="content">
<article class="md-content__inner md-typeset">
<h1 id="creating-a-new-jwt">Creating a New JWT</h1>
<p>One of the primary goals of this library is to create a new JWT (or in short
<em>token</em>).</p>
<h2 id="with-default-options">With Default Options</h2>
<p>The easiest way to create a token is to use the
<a href="https://pkg.go.dev/github.com/golang-jwt/jwt/v5#New"><code>jwt.New</code></a> function. It
then needs one of the available <a href="../signing_methods/">signing methods</a>, to
finally sign and convert the token into a string format (using the
<a href="https://pkg.go.dev/github.com/golang-jwt/jwt/v5#Token.SignedString"><code>SignedString</code></a>
method). In the first example, we are using a <strong>symmetric</strong> signing method, i.e.,
HS256. For a symmetric method, both the signing and the verifying key are the
same and thus, both must be equally protected (and should definitely NOT be
stored in your code).</p>
<div class="language-go highlight"><pre><span></span><code><span id="__span-0-1"><a id="__codelineno-0-1" name="__codelineno-0-1" href="#__codelineno-0-1"></a><span class="kd">var</span><span class="w"> </span><span class="p">(</span>
</span><span id="__span-0-2"><a id="__codelineno-0-2" name="__codelineno-0-2" href="#__codelineno-0-2"></a><span class="w"> </span><span class="nx">key</span><span class="w"> </span><span class="p">[]</span><span class="kt">byte</span>
</span><span id="__span-0-3"><a id="__codelineno-0-3" name="__codelineno-0-3" href="#__codelineno-0-3"></a><span class="w"> </span><span class="nx">t</span><span class="w"> </span><span class="o">*</span><span class="nx">jwt</span><span class="p">.</span><span class="nx">Token</span>
</span><span id="__span-0-4"><a id="__codelineno-0-4" name="__codelineno-0-4" href="#__codelineno-0-4"></a><span class="w"> </span><span class="nx">s</span><span class="w"> </span><span class="kt">string</span>
</span><span id="__span-0-5"><a id="__codelineno-0-5" name="__codelineno-0-5" href="#__codelineno-0-5"></a><span class="p">)</span>
</span><span id="__span-0-6"><a id="__codelineno-0-6" name="__codelineno-0-6" href="#__codelineno-0-6"></a>
</span><span id="__span-0-7"><a id="__codelineno-0-7" name="__codelineno-0-7" href="#__codelineno-0-7"></a><span class="nx">key</span><span class="w"> </span><span class="p">=</span><span class="w"> </span><span class="cm">/* Load key from somewhere, for example an environment variable */</span>
</span><span id="__span-0-8"><a id="__codelineno-0-8" name="__codelineno-0-8" href="#__codelineno-0-8"></a><span class="nx">t</span><span class="w"> </span><span class="p">=</span><span class="w"> </span><span class="nx">jwt</span><span class="p">.</span><span class="nx">New</span><span class="p">(</span><span class="nx">jwt</span><span class="p">.</span><span class="nx">SigningMethodHS256</span><span class="p">)</span><span class="w"> </span><span class="c1">// (1)!</span>
</span><span id="__span-0-9"><a id="__codelineno-0-9" name="__codelineno-0-9" href="#__codelineno-0-9"></a><span class="nx">s</span><span class="w"> </span><span class="p">=</span><span class="w"> </span><span class="nx">t</span><span class="p">.</span><span class="nx">SignedString</span><span class="p">(</span><span class="nx">key</span><span class="p">)</span><span class="w"> </span><span class="c1">// (2)!</span>
</span></code></pre></div>
<ol>
<li>This initializes a new
<a href="https://pkg.go.dev/github.com/golang-jwt/jwt/v5#Token"><code>jwt.Token</code></a> struct
based on the supplied signing method. In this case a <strong>symmetric</strong> method is
chosen.</li>
<li>This step computes a cryptographic signature based on the supplied key. </li>
</ol>
<p>Signing using an <em>asymmetric</em> signing method (for example ECDSA) works quite
similar. For an <strong>asymmetric</strong> method, the private key (which must be kept
secret) is used to <em>sign</em> and the corresponding public key (which can be freely
transmitted) is used to <em>verify</em> the token.</p>
<div class="language-go highlight"><pre><span></span><code><span id="__span-1-1"><a id="__codelineno-1-1" name="__codelineno-1-1" href="#__codelineno-1-1"></a><span class="kd">var</span><span class="w"> </span><span class="p">(</span>
</span><span id="__span-1-2"><a id="__codelineno-1-2" name="__codelineno-1-2" href="#__codelineno-1-2"></a><span class="w"> </span><span class="nx">key</span><span class="w"> </span><span class="o">*</span><span class="nx">ecdsa</span><span class="p">.</span><span class="nx">PrivateKey</span>
</span><span id="__span-1-3"><a id="__codelineno-1-3" name="__codelineno-1-3" href="#__codelineno-1-3"></a><span class="w"> </span><span class="nx">t</span><span class="w"> </span><span class="o">*</span><span class="nx">jwt</span><span class="p">.</span><span class="nx">Token</span>
</span><span id="__span-1-4"><a id="__codelineno-1-4" name="__codelineno-1-4" href="#__codelineno-1-4"></a><span class="w"> </span><span class="nx">s</span><span class="w"> </span><span class="kt">string</span>
</span><span id="__span-1-5"><a id="__codelineno-1-5" name="__codelineno-1-5" href="#__codelineno-1-5"></a><span class="p">)</span>
</span><span id="__span-1-6"><a id="__codelineno-1-6" name="__codelineno-1-6" href="#__codelineno-1-6"></a>
</span><span id="__span-1-7"><a id="__codelineno-1-7" name="__codelineno-1-7" href="#__codelineno-1-7"></a><span class="nx">key</span><span class="w"> </span><span class="p">=</span><span class="w"> </span><span class="cm">/* Load key from somewhere, for example a file */</span>
</span><span id="__span-1-8"><a id="__codelineno-1-8" name="__codelineno-1-8" href="#__codelineno-1-8"></a><span class="nx">t</span><span class="w"> </span><span class="p">=</span><span class="w"> </span><span class="nx">jwt</span><span class="p">.</span><span class="nx">New</span><span class="p">(</span><span class="nx">jwt</span><span class="p">.</span><span class="nx">SigningMethodES256</span><span class="p">)</span><span class="w"> </span><span class="c1">// (1)!</span>
</span><span id="__span-1-9"><a id="__codelineno-1-9" name="__codelineno-1-9" href="#__codelineno-1-9"></a><span class="nx">s</span><span class="w"> </span><span class="p">=</span><span class="w"> </span><span class="nx">t</span><span class="p">.</span><span class="nx">SignedString</span><span class="p">(</span><span class="nx">key</span><span class="p">)</span><span class="w"> </span><span class="c1">// (2)!</span>
</span></code></pre></div>
<ol>
<li>This initializes a new <a href="https://pkg.go.dev/github.com/golang-jwt/jwt/v5#Token"><code>jwt.Token</code></a> struct based on the supplied signing method. In this case a <strong>asymmetric</strong> method is chosen.</li>
<li>This step computes a cryptographic signature based on the supplied private
key.</li>
</ol>
<p>Note, that the chosen signing method and the type of key must match. Please refer to <a href="../signing_methods/">Signing Methods</a> for a complete overview.</p>
<h2 id="with-additional-claims">With Additional Claims</h2>
<p>While the step above using <a href="https://pkg.go.dev/github.com/golang-jwt/jwt/v5#New"><code>jwt.New</code></a> creates a valid token, it contains an empty set of <em>claims</em>. Claims are certain pieces of information that are encoded into the token. Since they are encoded and signed by the issuer of the token, one can assume that this information is valid (in the scope of the issuer). Claims can be used to provide the basis for user authentication or authorization, e.g., by encoding a user name or ID or roles into the token. This is also commonly in combination with OAuth 2.0. Furthermore, claims can also contain certain metadata about the token itself, e.g., the time until which the token is regarded as valid and not expired.</p>
<p><a href="https://datatracker.ietf.org/doc/html/rfc7519">RFC 7519</a> provides a list of so called <em>registered claim names</em> <sup id="fnref:claims"><a class="footnote-ref" href="#fn:claims">1</a></sup>, which each JWT parser needs to understand. Using the <a href="https://pkg.go.dev/github.com/golang-jwt/jwt/v5#NewWithClaims"><code>jwt.NewWithClaims</code></a>, a token with different claims can be created.</p>
<div class="language-go highlight"><pre><span></span><code><span id="__span-2-1"><a id="__codelineno-2-1" name="__codelineno-2-1" href="#__codelineno-2-1"></a><span class="kd">var</span><span class="w"> </span><span class="p">(</span>
</span><span id="__span-2-2"><a id="__codelineno-2-2" name="__codelineno-2-2" href="#__codelineno-2-2"></a><span class="w"> </span><span class="nx">key</span><span class="w"> </span><span class="o">*</span><span class="nx">ecdsa</span><span class="p">.</span><span class="nx">PrivateKey</span>
</span><span id="__span-2-3"><a id="__codelineno-2-3" name="__codelineno-2-3" href="#__codelineno-2-3"></a><span class="w"> </span><span class="nx">t</span><span class="w"> </span><span class="o">*</span><span class="nx">jwt</span><span class="p">.</span><span class="nx">Token</span>
</span><span id="__span-2-4"><a id="__codelineno-2-4" name="__codelineno-2-4" href="#__codelineno-2-4"></a><span class="w"> </span><span class="nx">s</span><span class="w"> </span><span class="kt">string</span>
</span><span id="__span-2-5"><a id="__codelineno-2-5" name="__codelineno-2-5" href="#__codelineno-2-5"></a><span class="p">)</span>
</span><span id="__span-2-6"><a id="__codelineno-2-6" name="__codelineno-2-6" href="#__codelineno-2-6"></a>
</span><span id="__span-2-7"><a id="__codelineno-2-7" name="__codelineno-2-7" href="#__codelineno-2-7"></a><span class="nx">key</span><span class="w"> </span><span class="p">=</span><span class="w"> </span><span class="cm">/* Load key from somewhere, for example a file */</span>
</span><span id="__span-2-8"><a id="__codelineno-2-8" name="__codelineno-2-8" href="#__codelineno-2-8"></a><span class="nx">t</span><span class="w"> </span><span class="p">=</span><span class="w"> </span><span class="nx">jwt</span><span class="p">.</span><span class="nx">NewWithClaims</span><span class="p">(</span><span class="nx">jwt</span><span class="p">.</span><span class="nx">SigningMethodES256</span><span class="p">,</span><span class="w"> </span><span class="c1">// (1)!</span>
</span><span id="__span-2-9"><a id="__codelineno-2-9" name="__codelineno-2-9" href="#__codelineno-2-9"></a><span class="w"> </span><span class="nx">jwt</span><span class="p">.</span><span class="nx">MapClaims</span><span class="p">{</span><span class="w"> </span><span class="c1">// (2)!</span>
</span><span id="__span-2-10"><a id="__codelineno-2-10" name="__codelineno-2-10" href="#__codelineno-2-10"></a><span class="w"> </span><span class="s">&quot;iss&quot;</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;my-auth-server&quot;</span><span class="p">,</span><span class="w"> </span><span class="c1">// (3)!</span>
</span><span id="__span-2-11"><a id="__codelineno-2-11" name="__codelineno-2-11" href="#__codelineno-2-11"></a><span class="w"> </span><span class="s">&quot;sub&quot;</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;john&quot;</span><span class="p">,</span><span class="w"> </span><span class="c1">// (4)!</span>
</span><span id="__span-2-12"><a id="__codelineno-2-12" name="__codelineno-2-12" href="#__codelineno-2-12"></a><span class="w"> </span><span class="s">&quot;foo&quot;</span><span class="p">:</span><span class="w"> </span><span class="mi">2</span><span class="p">,</span><span class="w"> </span><span class="c1">// (5)!</span>
</span><span id="__span-2-13"><a id="__codelineno-2-13" name="__codelineno-2-13" href="#__codelineno-2-13"></a><span class="w"> </span><span class="p">})</span>
</span><span id="__span-2-14"><a id="__codelineno-2-14" name="__codelineno-2-14" href="#__codelineno-2-14"></a><span class="nx">s</span><span class="w"> </span><span class="p">=</span><span class="w"> </span><span class="nx">t</span><span class="p">.</span><span class="nx">SignedString</span><span class="p">(</span><span class="nx">key</span><span class="p">)</span><span class="w"> </span><span class="c1">// (6)!</span>
</span></code></pre></div>
<ol>
<li>This initializes a new <a href="https://pkg.go.dev/github.com/golang-jwt/jwt/v5#Token"><code>jwt.Token</code></a> struct based on the supplied signing method. In this case a <strong>asymmetric</strong> method is chosen, which is the first parameter.</li>
<li>The second parameter contains the desired claims in form of the <a href="https://pkg.go.dev/github.com/golang-jwt/jwt/v5#Claims"><code>jwt.Claims</code></a> interface. In this case <a href="https://pkg.go.dev/github.com/golang-jwt/jwt/v5#MapClaims"><code>jwt.MapClaims</code></a> are used, which is a wrapper type around a Go map containing <code>string</code> keys.</li>
<li>The <code>"iss"</code><sup id="fnref:iss"><a class="footnote-ref" href="#fn:iss">2</a></sup> claim is a registered claim name that contains the issuer of the token. More technical, this claim identifies the principal that <em>issued</em> the token.</li>
<li>The <code>"sub"</code><sup id="fnref:sub"><a class="footnote-ref" href="#fn:sub">3</a></sup> claim is a registered claim name that contains the subject this token identifies, e.g. a user name. More technical, this claim identifies the principal that is the <em>subject</em> of the token.</li>
<li>The <code>"foo"</code> claim is a custom claim containing a numeric value. Any string value can be chosen as a claim name, as long as it does not interfere with a registered claim name.</li>
<li>This step computes a cryptographic signature based on the supplied private
key.</li>
</ol>
<h2 id="with-options">With Options</h2>
<p>While we already prepared a
<a href="https://pkg.go.dev/github.com/golang-jwt/jwt/v5#TokenOption"><code>jwt.TokenOption</code></a>
type, which can be supplied as a varargs to
<a href="https://pkg.go.dev/github.com/golang-jwt/jwt/v5#New"><code>jwt.New</code></a> and
<a href="https://pkg.go.dev/github.com/golang-jwt/jwt/v5#NewWithClaims"><code>jwt.NewWithClaims</code></a>,
these are strictly for future compatibility and are currently not used.</p>
<div class="footnote">
<hr />
<ol>
<li id="fn:claims">
<p><a href="https://datatracker.ietf.org/doc/html/rfc7519#section-4.1">Section 4.1 of RFC 7519</a>&#160;<a class="footnote-backref" href="#fnref:claims" title="Jump back to footnote 1 in the text">&#8617;</a></p>
</li>
<li id="fn:iss">
<p><a href="https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.1">Section 4.1.1 of RFC 7519</a>&#160;<a class="footnote-backref" href="#fnref:iss" title="Jump back to footnote 2 in the text">&#8617;</a></p>
</li>
<li id="fn:sub">
<p><a href="https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.2">Section 4.1.2 of RFC 7519</a>&#160;<a class="footnote-backref" href="#fnref:sub" title="Jump back to footnote 3 in the text">&#8617;</a></p>
</li>
</ol>
</div>
</article>
</div>
</div>
</main>
<footer class="md-footer">
<div class="md-footer-meta md-typeset">
<div class="md-footer-meta__inner md-grid">
<div class="md-copyright">
Made with
<a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener">
Material for MkDocs
</a>
</div>
</div>
</div>
</footer>
</div>
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "../..", "features": ["navigation.instant", "navigation.tabs", "toc.integrate", "content.code.copy", "content.code.annotate"], "search": "../../assets/javascripts/workers/search.dfff1995.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
<script src="../../assets/javascripts/bundle.dff1b7c8.min.js"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink