forked from mirror/jwt
documentation
This commit is contained in:
parent
5119d0e151
commit
2ed3fe8ded
10
jwt.go
10
jwt.go
|
@ -16,6 +16,7 @@ type Token struct {
|
||||||
Method SigningMethod
|
Method SigningMethod
|
||||||
// This is only populated when you Parse a token
|
// This is only populated when you Parse a token
|
||||||
Signature string
|
Signature string
|
||||||
|
// This is only populated when you Parse/Verify a token
|
||||||
Valid bool
|
Valid bool
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -29,6 +30,7 @@ func New(method SigningMethod)*Token {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Get the complete, signed token
|
||||||
func (t *Token) SignedString(key []byte)(string, error) {
|
func (t *Token) SignedString(key []byte)(string, error) {
|
||||||
var sig, sstr string
|
var sig, sstr string
|
||||||
var err error
|
var err error
|
||||||
|
@ -41,6 +43,10 @@ func (t *Token) SignedString(key []byte)(string, error) {
|
||||||
return strings.Join([]string{sstr, sig}, "."), nil
|
return strings.Join([]string{sstr, sig}, "."), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Generate the signing string. This is the
|
||||||
|
// most expensive part of the whole deal. Unless you
|
||||||
|
// need this for something special, just go straight for
|
||||||
|
// the SignedString.
|
||||||
func (t *Token) SigningString()(string, error) {
|
func (t *Token) SigningString()(string, error) {
|
||||||
var err error
|
var err error
|
||||||
parts := make([]string, 2)
|
parts := make([]string, 2)
|
||||||
|
@ -121,6 +127,8 @@ func Parse(tokenString string, keyFunc func(*Token) ([]byte, error)) (token *Tok
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Try to find the token in an http.Request.
|
||||||
|
// Currently, it only looks in the Authorization header
|
||||||
func ParseFromRequest(req *http.Request, keyFunc func(*Token) ([]byte, error)) (token *Token, err error) {
|
func ParseFromRequest(req *http.Request, keyFunc func(*Token) ([]byte, error)) (token *Token, err error) {
|
||||||
|
|
||||||
// Look for an Authorization header
|
// Look for an Authorization header
|
||||||
|
@ -135,10 +143,12 @@ func ParseFromRequest(req *http.Request, keyFunc func(*Token) ([]byte, error)) (
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Encode JWT specific base64url encoding with padding stripped
|
||||||
func EncodeSegment(seg []byte)string {
|
func EncodeSegment(seg []byte)string {
|
||||||
return strings.TrimRight(base64.URLEncoding.EncodeToString(seg), "=")
|
return strings.TrimRight(base64.URLEncoding.EncodeToString(seg), "=")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Decode JWT specific base64url encoding with padding stripped
|
||||||
func DecodeSegment(seg string) ([]byte, error) {
|
func DecodeSegment(seg string) ([]byte, error) {
|
||||||
// len % 4
|
// len % 4
|
||||||
switch len(seg) % 4 {
|
switch len(seg) % 4 {
|
||||||
|
|
|
@ -14,10 +14,13 @@ type SigningMethod interface {
|
||||||
Alg() string
|
Alg() string
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Register the "alg" name and a factory function for signing method.
|
||||||
|
// This is typically done during init() in the method's implementation
|
||||||
func RegisterSigningMethod(alg string, f func() SigningMethod) {
|
func RegisterSigningMethod(alg string, f func() SigningMethod) {
|
||||||
signingMethods[alg] = f
|
signingMethods[alg] = f
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Get a signing method from an "alg" string
|
||||||
func GetSigningMethod(alg string) (method SigningMethod, err error) {
|
func GetSigningMethod(alg string) (method SigningMethod, err error) {
|
||||||
if methodF, ok := signingMethods[alg]; ok {
|
if methodF, ok := signingMethods[alg]; ok {
|
||||||
method = methodF()
|
method = methodF()
|
||||||
|
|
Loading…
Reference in New Issue