mirror of https://github.com/tidwall/tile38.git
3ed048242e
- Updated all dependencies - Updated geoindex Box api |
||
|---|---|---|
| .. | ||
| .gitignore | ||
| .travis.yml | ||
| LICENSE | ||
| Makefile | ||
| README.md | ||
| ReleaseNotes.md | ||
| account_claims.go | ||
| activation_claims.go | ||
| claims.go | ||
| cluster_claims.go | ||
| creds_utils.go | ||
| exports.go | ||
| genericlaims.go | ||
| go.mod | ||
| go.sum | ||
| header.go | ||
| imports.go | ||
| operator_claims.go | ||
| revocation_list.go | ||
| server_claims.go | ||
| types.go | ||
| user_claims.go | ||
| validation.go | ||
README.md
JWT
A JWT implementation that uses nkeys to digitally sign JWT tokens. Nkeys use Ed25519 to provide authentication of JWT claims.
// Need a private key to sign the claim, nkeys makes it easy to create
kp, err := nkeys.CreateAccount()
if err != nil {
t.Fatal("unable to create account key", err)
}
pk, err := kp.PublicKey()
if err != nil {
t.Fatal("error getting public key", err)
}
// create a new claim
claims := NewAccountClaims(pk)
claims.Expires = time.Now().Add(time.Duration(time.Hour)).Unix()
// add details by modifying claims.Account
// serialize the claim to a JWT token
token, err := claims.Encode(kp)
if err != nil {
t.Fatal("error encoding token", err)
}
// on the receiving side, decode the token
c, err := DecodeAccountClaims(token)
if err != nil {
t.Fatal(err)
}
// if the token was decoded, it means that it
// validated and it wasn't tampered. the remaining and
// required test is to insure the issuer is trusted
pk, err := kp.PublicKey()
if err != nil {
t.Fatalf("unable to read public key: %v", err)
}
if c.Issuer != pk {
t.Fatalf("the public key is not trusted")
}