mirror of https://github.com/tidwall/tile38.git
094d35757c
- Updated all dependencies - Updated geoindex Box api |
||
---|---|---|
.. | ||
.gitignore | ||
.travis.yml | ||
LICENSE | ||
Makefile | ||
README.md | ||
ReleaseNotes.md | ||
account_claims.go | ||
activation_claims.go | ||
claims.go | ||
cluster_claims.go | ||
creds_utils.go | ||
exports.go | ||
genericlaims.go | ||
go.mod | ||
go.sum | ||
header.go | ||
imports.go | ||
operator_claims.go | ||
revocation_list.go | ||
server_claims.go | ||
types.go | ||
user_claims.go | ||
validation.go |
README.md
JWT
A JWT implementation that uses nkeys to digitally sign JWT tokens. Nkeys use Ed25519 to provide authentication of JWT claims.
// Need a private key to sign the claim, nkeys makes it easy to create
kp, err := nkeys.CreateAccount()
if err != nil {
t.Fatal("unable to create account key", err)
}
pk, err := kp.PublicKey()
if err != nil {
t.Fatal("error getting public key", err)
}
// create a new claim
claims := NewAccountClaims(pk)
claims.Expires = time.Now().Add(time.Duration(time.Hour)).Unix()
// add details by modifying claims.Account
// serialize the claim to a JWT token
token, err := claims.Encode(kp)
if err != nil {
t.Fatal("error encoding token", err)
}
// on the receiving side, decode the token
c, err := DecodeAccountClaims(token)
if err != nil {
t.Fatal(err)
}
// if the token was decoded, it means that it
// validated and it wasn't tampered. the remaining and
// required test is to insure the issuer is trusted
pk, err := kp.PublicKey()
if err != nil {
t.Fatalf("unable to read public key: %v", err)
}
if c.Issuer != pk {
t.Fatalf("the public key is not trusted")
}