jws

package

v1.1.0 Latest Latest Go to latest Published: Feb 18, 2025 License: MIT Imports: 15 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/a-novel-kit/jwt

Documentation ¶

Index ¶

Variables
type ECDSAPreset
type ECDSASigner
- func NewECDSASigner(secretKey *ecdsa.PrivateKey, preset ECDSAPreset) *ECDSASigner
- func (signer *ECDSASigner) Header(_ context.Context, header *jwa.JWH) (*jwa.JWH, error)
- func (signer *ECDSASigner) Transform(_ context.Context, _ *jwa.JWH, rawToken string) (string, error)
type ECDSAVerifier
- func NewECDSAVerifier(publicKey *ecdsa.PublicKey, preset ECDSAPreset) *ECDSAVerifier
- func (verifier *ECDSAVerifier) Transform(_ context.Context, header *jwa.JWH, rawToken string) ([]byte, error)
type ED25519Signer
- func NewED25519Signer(secretKey ed25519.PrivateKey) *ED25519Signer
- func (signer *ED25519Signer) Header(_ context.Context, header *jwa.JWH) (*jwa.JWH, error)
- func (signer *ED25519Signer) Transform(_ context.Context, _ *jwa.JWH, rawToken string) (string, error)
type ED25519Verifier
- func NewED25519Verifier(publicKey ed25519.PublicKey) *ED25519Verifier
- func (verifier *ED25519Verifier) Transform(_ context.Context, header *jwa.JWH, rawToken string) ([]byte, error)
type HMACPreset
type HMACSigner
- func NewHMACSigner(secretKey []byte, preset HMACPreset) *HMACSigner
- func (signer *HMACSigner) Header(_ context.Context, header *jwa.JWH) (*jwa.JWH, error)
- func (signer *HMACSigner) Transform(_ context.Context, _ *jwa.JWH, tokenRaw string) (string, error)
type HMACVerifier
- func NewHMACVerifier(secretKey []byte, preset HMACPreset) *HMACVerifier
- func (verifier *HMACVerifier) Transform(_ context.Context, header *jwa.JWH, rawToken string) ([]byte, error)
type RSAPSSPreset
type RSAPSSSigner
- func NewRSAPSSSigner(secretKey *rsa.PrivateKey, preset RSAPSSPreset) *RSAPSSSigner
- func (signer *RSAPSSSigner) Header(_ context.Context, header *jwa.JWH) (*jwa.JWH, error)
- func (signer *RSAPSSSigner) Transform(_ context.Context, _ *jwa.JWH, tokenRaw string) (string, error)
type RSAPSSVerifier
- func NewRSAPSSVerifier(publicKey *rsa.PublicKey, preset RSAPSSPreset) *RSAPSSVerifier
- func (verifier *RSAPSSVerifier) Transform(_ context.Context, header *jwa.JWH, rawToken string) ([]byte, error)
type RSAPreset
type RSASigner
- func NewRSASigner(secretKey *rsa.PrivateKey, preset RSAPreset) *RSASigner
- func (signer *RSASigner) Header(_ context.Context, header *jwa.JWH) (*jwa.JWH, error)
- func (signer *RSASigner) Transform(_ context.Context, _ *jwa.JWH, tokenRaw string) (string, error)
type RSAVerifier
- func NewRSAVerifier(publicKey *rsa.PublicKey, preset RSAPreset) *RSAVerifier
- func (verifier *RSAVerifier) Transform(_ context.Context, header *jwa.JWH, rawToken string) ([]byte, error)
type SourceHMACSigner
- func NewSourcedHMACSigner(source *jwk.Source[[]byte], preset HMACPreset) *SourceHMACSigner
- func (signer *SourceHMACSigner) Header(ctx context.Context, header *jwa.JWH) (*jwa.JWH, error)
- func (signer *SourceHMACSigner) Transform(ctx context.Context, header *jwa.JWH, rawToken string) (string, error)
type SourceHMACVerifier
- func NewSourcedHMACVerifier(source *jwk.Source[[]byte], preset HMACPreset) *SourceHMACVerifier
- func (verifier *SourceHMACVerifier) Transform(ctx context.Context, header *jwa.JWH, rawToken string) ([]byte, error)
type SourcedECDSASigner
- func NewSourcedECDSASigner(source *jwk.Source[*ecdsa.PrivateKey], preset ECDSAPreset) *SourcedECDSASigner
- func (signer *SourcedECDSASigner) Header(ctx context.Context, header *jwa.JWH) (*jwa.JWH, error)
- func (signer *SourcedECDSASigner) Transform(ctx context.Context, header *jwa.JWH, rawToken string) (string, error)
type SourcedECDSAVerifier
- func NewSourcedECDSAVerifier(source *jwk.Source[*ecdsa.PublicKey], preset ECDSAPreset) *SourcedECDSAVerifier
- func (verifier *SourcedECDSAVerifier) Transform(ctx context.Context, header *jwa.JWH, rawToken string) ([]byte, error)
type SourcedED25519Signer
- func NewSourcedED25519Signer(source *jwk.Source[ed25519.PrivateKey]) *SourcedED25519Signer
- func (signer *SourcedED25519Signer) Header(ctx context.Context, header *jwa.JWH) (*jwa.JWH, error)
- func (signer *SourcedED25519Signer) Transform(ctx context.Context, header *jwa.JWH, rawToken string) (string, error)
type SourcedED25519Verifier
- func NewSourcedED25519Verifier(source *jwk.Source[ed25519.PublicKey]) *SourcedED25519Verifier
- func (verifier *SourcedED25519Verifier) Transform(ctx context.Context, header *jwa.JWH, rawToken string) ([]byte, error)
type SourcedRSAPSSSigner
- func NewSourcedRSAPSSSigner(source *jwk.Source[*rsa.PrivateKey], preset RSAPSSPreset) *SourcedRSAPSSSigner
- func (signer *SourcedRSAPSSSigner) Header(ctx context.Context, header *jwa.JWH) (*jwa.JWH, error)
- func (signer *SourcedRSAPSSSigner) Transform(ctx context.Context, header *jwa.JWH, rawToken string) (string, error)
type SourcedRSAPSSVerifier
- func NewSourcedRSAPSSVerifier(source *jwk.Source[*rsa.PublicKey], preset RSAPSSPreset) *SourcedRSAPSSVerifier
- func (verifier *SourcedRSAPSSVerifier) Transform(ctx context.Context, header *jwa.JWH, rawToken string) ([]byte, error)
type SourcedRSASigner
- func NewSourcedRSASigner(source *jwk.Source[*rsa.PrivateKey], preset RSAPreset) *SourcedRSASigner
- func (signer *SourcedRSASigner) Header(ctx context.Context, header *jwa.JWH) (*jwa.JWH, error)
- func (signer *SourcedRSASigner) Transform(ctx context.Context, header *jwa.JWH, rawToken string) (string, error)
type SourcedRSAVerifier
- func NewSourcedRSAVerifier(source *jwk.Source[*rsa.PublicKey], preset RSAPreset) *SourcedRSAVerifier
- func (verifier *SourcedRSAVerifier) Transform(ctx context.Context, header *jwa.JWH, rawToken string) ([]byte, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ES256 = ECDSAPreset{
		Hash: crypto.SHA256,
		Alg:  jwa.ES256,
		Crv:  elliptic.P256(),
	}
	ES384 = ECDSAPreset{
		Hash: crypto.SHA384,
		Alg:  jwa.ES384,
		Crv:  elliptic.P384(),
	}
	ES512 = ECDSAPreset{
		Hash: crypto.SHA512,
		Alg:  jwa.ES512,
		Crv:  elliptic.P521(),
	}
)

View Source

var (
	HS256 = HMACPreset{
		Hash: crypto.SHA256,
		Alg:  jwa.HS256,
	}
	HS384 = HMACPreset{
		Hash: crypto.SHA384,
		Alg:  jwa.HS384,
	}
	HS512 = HMACPreset{
		Hash: crypto.SHA512,
		Alg:  jwa.HS512,
	}
)

View Source

var (
	RS256 = RSAPreset{
		Hash: crypto.SHA256,
		Alg:  jwa.RS256,
	}
	RS384 = RSAPreset{
		Hash: crypto.SHA384,
		Alg:  jwa.RS384,
	}
	RS512 = RSAPreset{
		Hash: crypto.SHA512,
		Alg:  jwa.RS512,
	}
)

View Source

var (
	PS256 = RSAPSSPreset{
		Hash: crypto.SHA256,
		Alg:  jwa.PS256,
	}
	PS384 = RSAPSSPreset{
		Hash: crypto.SHA384,
		Alg:  jwa.PS384,
	}
	PS512 = RSAPSSPreset{
		Hash: crypto.SHA512,
		Alg:  jwa.PS512,
	}
)

View Source

var ErrInvalidSignature = errors.New("invalid signature")

Functions ¶

This section is empty.

Types ¶

type ECDSAPreset ¶

type ECDSAPreset struct {
	Hash crypto.Hash
	Alg  jwa.Alg
	Crv  elliptic.Curve
}

type ECDSASigner ¶

type ECDSASigner struct {
	// contains filtered or unexported fields
}

func NewECDSASigner ¶

func NewECDSASigner(secretKey *ecdsa.PrivateKey, preset ECDSAPreset) *ECDSASigner

NewECDSASigner creates a new jwt.ProducerPlugin for a signed token using ECDSA.

Use any of the ECDSAPreset constants to configure the signing parameters.

ES256: ECDSA using P-256 and SHA-256
ES384: ECDSA using P-384 and SHA-384
ES512: ECDSA using P-521 and SHA-512

https://datatracker.ietf.org/doc/html/rfc7518#section-3.4

func (signer *ECDSASigner) Header(_ context.Context, header *jwa.JWH) (*jwa.JWH, error)

func (*ECDSASigner) Transform ¶

func (signer *ECDSASigner) Transform(_ context.Context, _ *jwa.JWH, rawToken string) (string, error)

type ECDSAVerifier ¶

type ECDSAVerifier struct {
	// contains filtered or unexported fields
}

func NewECDSAVerifier ¶

func NewECDSAVerifier(publicKey *ecdsa.PublicKey, preset ECDSAPreset) *ECDSAVerifier

NewECDSAVerifier creates a new jwt.RecipientPlugin for a signed token using ECDSA.

Use any of the ECDSAPreset constants to configure the verification parameters.

ES256: ECDSA using P-256 and SHA-256
ES384: ECDSA using P-384 and SHA-384
ES512: ECDSA using P-521 and SHA-512

https://datatracker.ietf.org/doc/html/rfc7518#section-3.4

func (*ECDSAVerifier) Transform ¶

func (verifier *ECDSAVerifier) Transform(_ context.Context, header *jwa.JWH, rawToken string) ([]byte, error)

type ED25519Signer ¶

type ED25519Signer struct {
	// contains filtered or unexported fields
}

func NewED25519Signer ¶

func NewED25519Signer(secretKey ed25519.PrivateKey) *ED25519Signer

NewED25519Signer creates a new jwt.ProducerPlugin for a signed token using Edwards-Curve Digital Signature Algorithm.

https://datatracker.ietf.org/doc/html/rfc8032#section-3.3

func (signer *ED25519Signer) Header(_ context.Context, header *jwa.JWH) (*jwa.JWH, error)

func (*ED25519Signer) Transform ¶

func (signer *ED25519Signer) Transform(_ context.Context, _ *jwa.JWH, rawToken string) (string, error)

type ED25519Verifier ¶

type ED25519Verifier struct {
	// contains filtered or unexported fields
}

func NewED25519Verifier ¶

func NewED25519Verifier(publicKey ed25519.PublicKey) *ED25519Verifier

NewED25519Verifier creates a new jwt.RecipientPlugin for a signed token using Edwards-Curve Digital Signature Algorithm.

https://datatracker.ietf.org/doc/html/rfc8032#section-3.3

func (*ED25519Verifier) Transform ¶

func (verifier *ED25519Verifier) Transform(_ context.Context, header *jwa.JWH, rawToken string) ([]byte, error)

type HMACPreset ¶

type HMACPreset struct {
	Hash crypto.Hash
	Alg  jwa.Alg
}

type HMACSigner ¶

type HMACSigner struct {
	// contains filtered or unexported fields
}

func NewHMACSigner ¶

func NewHMACSigner(secretKey []byte, preset HMACPreset) *HMACSigner

NewHMACSigner creates a new jwt.ProducerPlugin for a signed token using HMAC with SHA-2.

Use any of the HMACPreset constants to configure the signing parameters.

HS256: HMAC using SHA-256
HS384: HMAC using SHA-384
HS512: HMAC using SHA-512

https://datatracker.ietf.org/doc/html/rfc7518#section-3.2

func (signer *HMACSigner) Header(_ context.Context, header *jwa.JWH) (*jwa.JWH, error)

func (*HMACSigner) Transform ¶

func (signer *HMACSigner) Transform(_ context.Context, _ *jwa.JWH, tokenRaw string) (string, error)

type HMACVerifier ¶

type HMACVerifier struct {
	// contains filtered or unexported fields
}

func NewHMACVerifier ¶

func NewHMACVerifier(secretKey []byte, preset HMACPreset) *HMACVerifier

NewHMACVerifier creates a new jwt.RecipientPlugin for a signed token using HMAC with SHA-2.

Use any of the HMACPreset constants to configure the signing parameters.

HS256: HMAC using SHA-256
HS384: HMAC using SHA-384
HS512: HMAC using SHA-512

https://datatracker.ietf.org/doc/html/rfc7518#section-3.2

func (*HMACVerifier) Transform ¶

func (verifier *HMACVerifier) Transform(_ context.Context, header *jwa.JWH, rawToken string) ([]byte, error)

type RSAPSSPreset ¶

type RSAPSSPreset struct {
	Hash crypto.Hash
	Alg  jwa.Alg
}

type RSAPSSSigner ¶

type RSAPSSSigner struct {
	// contains filtered or unexported fields
}

func NewRSAPSSSigner ¶

func NewRSAPSSSigner(secretKey *rsa.PrivateKey, preset RSAPSSPreset) *RSAPSSSigner

NewRSAPSSSigner creates a new jwt.ProducerPlugin for a signed token using RSASSA-PSS.

A key of size 2048 bits or larger MUST be used with this algorithm.

Use any of the RSAPSSPreset constants to configure the signing parameters.

PS256: RSASSA-PSS using SHA-384 and MGF1 with SHA-256
PS384: RSASSA-PSS using SHA-384 and MGF1 with SHA-384
PS512: RSASSA-PSS using SHA-512 and MGF1 with SHA-512

https://datatracker.ietf.org/doc/html/rfc7518#section-3.5

func (signer *RSAPSSSigner) Header(_ context.Context, header *jwa.JWH) (*jwa.JWH, error)

func (*RSAPSSSigner) Transform ¶

func (signer *RSAPSSSigner) Transform(_ context.Context, _ *jwa.JWH, tokenRaw string) (string, error)

type RSAPSSVerifier ¶

type RSAPSSVerifier struct {
	// contains filtered or unexported fields
}

func NewRSAPSSVerifier ¶

func NewRSAPSSVerifier(publicKey *rsa.PublicKey, preset RSAPSSPreset) *RSAPSSVerifier

NewRSAPSSVerifier creates a new jwt.RecipientPlugin for a signed token using RSASSA-PSS.

A key of size 2048 bits or larger MUST be used with this algorithm.

Use any of the RSAPSSPreset constants to configure the signing parameters.

PS256: RSASSA-PSS using SHA-384 and MGF1 with SHA-256
PS384: RSASSA-PSS using SHA-384 and MGF1 with SHA-384
PS512: RSASSA-PSS using SHA-512 and MGF1 with SHA-512

https://datatracker.ietf.org/doc/html/rfc7518#section-3.5

func (*RSAPSSVerifier) Transform ¶

func (verifier *RSAPSSVerifier) Transform(_ context.Context, header *jwa.JWH, rawToken string) ([]byte, error)

type RSAPreset ¶

type RSAPreset struct {
	Hash crypto.Hash
	Alg  jwa.Alg
}

type RSASigner ¶

type RSASigner struct {
	// contains filtered or unexported fields
}

func NewRSASigner ¶

func NewRSASigner(secretKey *rsa.PrivateKey, preset RSAPreset) *RSASigner

NewRSASigner creates a new jwt.ProducerPlugin for a signed token using RSASSA-PKCS1-v1_5. A key of size 2048 bits or larger MUST be used with these algorithms.

Use any of the RSAPreset constants to configure the signing parameters.

RS256: RSASSA-PKCS1-v1_5 using SHA-256
RS384: RSASSA-PKCS1-v1_5 using SHA-384
RS512: RSASSA-PKCS1-v1_5 using SHA-512

https://datatracker.ietf.org/doc/html/rfc7518#section-3.3

func (signer *RSASigner) Header(_ context.Context, header *jwa.JWH) (*jwa.JWH, error)

func (*RSASigner) Transform ¶

func (signer *RSASigner) Transform(_ context.Context, _ *jwa.JWH, tokenRaw string) (string, error)

type RSAVerifier ¶

type RSAVerifier struct {
	// contains filtered or unexported fields
}

func NewRSAVerifier ¶

func NewRSAVerifier(publicKey *rsa.PublicKey, preset RSAPreset) *RSAVerifier

NewRSAVerifier creates a new jwt.RecipientPlugin for a signed token using RSASSA-PKCS1-v1_5. A key of size 2048 bits or larger MUST be used with these algorithms.

Use any of the RSAPreset constants to configure the signing parameters.

RS256: RSASSA-PKCS1-v1_5 using SHA-256
RS384: RSASSA-PKCS1-v1_5 using SHA-384
RS512: RSASSA-PKCS1-v1_5 using SHA-512

https://datatracker.ietf.org/doc/html/rfc7518#section-3.3

func (*RSAVerifier) Transform ¶

func (verifier *RSAVerifier) Transform(_ context.Context, header *jwa.JWH, rawToken string) ([]byte, error)

type SourceHMACSigner ¶

type SourceHMACSigner struct {
	// contains filtered or unexported fields
}

func NewSourcedHMACSigner ¶

func NewSourcedHMACSigner(source *jwk.Source[[]byte], preset HMACPreset) *SourceHMACSigner

NewSourceHMACSigner creates a new jwt.ProducerPlugin for a signed token using HMAC with SHA-2.

Use any of the HMACPreset constants to configure the signing parameters.

HS256: HMAC using SHA-256
HS384: HMAC using SHA-384
HS512: HMAC using SHA-512

https://datatracker.ietf.org/doc/html/rfc7518#section-3.2

func (signer *SourceHMACSigner) Header(ctx context.Context, header *jwa.JWH) (*jwa.JWH, error)

func (*SourceHMACSigner) Transform ¶

func (signer *SourceHMACSigner) Transform(ctx context.Context, header *jwa.JWH, rawToken string) (string, error)

type SourceHMACVerifier ¶

type SourceHMACVerifier struct {
	// contains filtered or unexported fields
}

func NewSourcedHMACVerifier ¶

func NewSourcedHMACVerifier(source *jwk.Source[[]byte], preset HMACPreset) *SourceHMACVerifier

NewSourceHMACVerifier creates a new jwt.RecipientPlugin for a signed token using HMAC with SHA-2.

Use any of the HMACPreset constants to configure the signing parameters.

HS256: HMAC using SHA-256
HS384: HMAC using SHA-384
HS512: HMAC using SHA-512

https://datatracker.ietf.org/doc/html/rfc7518#section-3.2

func (*SourceHMACVerifier) Transform ¶

func (verifier *SourceHMACVerifier) Transform(ctx context.Context, header *jwa.JWH, rawToken string) ([]byte, error)

type SourcedECDSASigner ¶

type SourcedECDSASigner struct {
	// contains filtered or unexported fields
}

func NewSourcedECDSASigner ¶

func NewSourcedECDSASigner(source *jwk.Source[*ecdsa.PrivateKey], preset ECDSAPreset) *SourcedECDSASigner

NewSourcedECDSASigner creates a new jwt.ProducerPlugin for a signed token using ECDSA.

Use any of the ECDSAPreset constants to configure the signing parameters.

ES256: ECDSA using P-256 and SHA-256
ES384: ECDSA using P-384 and SHA-384
ES512: ECDSA using P-521 and SHA-512

https://datatracker.ietf.org/doc/html/rfc7518#section-3.4

func (signer *SourcedECDSASigner) Header(ctx context.Context, header *jwa.JWH) (*jwa.JWH, error)

func (*SourcedECDSASigner) Transform ¶

func (signer *SourcedECDSASigner) Transform(ctx context.Context, header *jwa.JWH, rawToken string) (string, error)

type SourcedECDSAVerifier ¶

type SourcedECDSAVerifier struct {
	// contains filtered or unexported fields
}

func NewSourcedECDSAVerifier ¶

func NewSourcedECDSAVerifier(source *jwk.Source[*ecdsa.PublicKey], preset ECDSAPreset) *SourcedECDSAVerifier

NewSourcedECDSAVerifier creates a new jwt.RecipientPlugin for a signed token using ECDSA.

Use any of the ECDSAPreset constants to configure the verification parameters.

ES256: ECDSA using P-256 and SHA-256
ES384: ECDSA using P-384 and SHA-384
ES512: ECDSA using P-521 and SHA-512

https://datatracker.ietf.org/doc/html/rfc7518#section-3.4

func (*SourcedECDSAVerifier) Transform ¶

func (verifier *SourcedECDSAVerifier) Transform(ctx context.Context, header *jwa.JWH, rawToken string) ([]byte, error)

type SourcedED25519Signer ¶

type SourcedED25519Signer struct {
	// contains filtered or unexported fields
}

func NewSourcedED25519Signer ¶

func NewSourcedED25519Signer(source *jwk.Source[ed25519.PrivateKey]) *SourcedED25519Signer

NewSourcedED25519Signer creates a new jwt.ProducerPlugin for a signed token using Edwards-Curve Digital Signature Algorithm.

https://datatracker.ietf.org/doc/html/rfc8032#section-3.3

func (signer *SourcedED25519Signer) Header(ctx context.Context, header *jwa.JWH) (*jwa.JWH, error)

func (*SourcedED25519Signer) Transform ¶

func (signer *SourcedED25519Signer) Transform(ctx context.Context, header *jwa.JWH, rawToken string) (string, error)

type SourcedED25519Verifier ¶

type SourcedED25519Verifier struct {
	// contains filtered or unexported fields
}

func NewSourcedED25519Verifier ¶

func NewSourcedED25519Verifier(source *jwk.Source[ed25519.PublicKey]) *SourcedED25519Verifier

NewSourcedED25519Verifier creates a new jwt.RecipientPlugin for a signed token using Edwards-Curve Digital Signature Algorithm.

https://datatracker.ietf.org/doc/html/rfc8032#section-3.3

func (*SourcedED25519Verifier) Transform ¶

func (verifier *SourcedED25519Verifier) Transform(
	ctx context.Context, header *jwa.JWH, rawToken string,
) ([]byte, error)

type SourcedRSAPSSSigner ¶

type SourcedRSAPSSSigner struct {
	// contains filtered or unexported fields
}

func NewSourcedRSAPSSSigner ¶

func NewSourcedRSAPSSSigner(source *jwk.Source[*rsa.PrivateKey], preset RSAPSSPreset) *SourcedRSAPSSSigner

NewSourcedRSAPSSSigner creates a new jwt.ProducerPlugin for a signed token using RSASSA-PSS.

A key of size 2048 bits or larger MUST be used with this algorithm.

Use any of the RSAPSSPreset constants to configure the signing parameters.

PS256: RSASSA-PSS using SHA-384 and MGF1 with SHA-256
PS384: RSASSA-PSS using SHA-384 and MGF1 with SHA-384
PS512: RSASSA-PSS using SHA-512 and MGF1 with SHA-512

https://datatracker.ietf.org/doc/html/rfc7518#section-3.5

func (signer *SourcedRSAPSSSigner) Header(ctx context.Context, header *jwa.JWH) (*jwa.JWH, error)

func (*SourcedRSAPSSSigner) Transform ¶

func (signer *SourcedRSAPSSSigner) Transform(ctx context.Context, header *jwa.JWH, rawToken string) (string, error)

type SourcedRSAPSSVerifier ¶

type SourcedRSAPSSVerifier struct {
	// contains filtered or unexported fields
}

func NewSourcedRSAPSSVerifier ¶

func NewSourcedRSAPSSVerifier(source *jwk.Source[*rsa.PublicKey], preset RSAPSSPreset) *SourcedRSAPSSVerifier

NewSourcedRSAPSSVerifier creates a new jwt.RecipientPlugin for a signed token using RSASSA-PSS.

A key of size 2048 bits or larger MUST be used with this algorithm.

Use any of the RSAPSSPreset constants to configure the signing parameters.

PS256: RSASSA-PSS using SHA-384 and MGF1 with SHA-256
PS384: RSASSA-PSS using SHA-384 and MGF1 with SHA-384
PS512: RSASSA-PSS using SHA-512 and MGF1 with SHA-512

https://datatracker.ietf.org/doc/html/rfc7518#section-3.5

func (*SourcedRSAPSSVerifier) Transform ¶

func (verifier *SourcedRSAPSSVerifier) Transform(
	ctx context.Context, header *jwa.JWH, rawToken string,
) ([]byte, error)

type SourcedRSASigner ¶

type SourcedRSASigner struct {
	// contains filtered or unexported fields
}

func NewSourcedRSASigner ¶

func NewSourcedRSASigner(source *jwk.Source[*rsa.PrivateKey], preset RSAPreset) *SourcedRSASigner

NewSourcedRSASigner creates a new jwt.ProducerPlugin for a signed token using RSASSA-PKCS1-v1_5. A key of size 2048 bits or larger MUST be used with these algorithms.

Use any of the RSAPreset constants to configure the signing parameters.

RS256: RSASSA-PKCS1-v1_5 using SHA-256
RS384: RSASSA-PKCS1-v1_5 using SHA-384
RS512: RSASSA-PKCS1-v1_5 using SHA-512

https://datatracker.ietf.org/doc/html/rfc7518#section-3.3

func (signer *SourcedRSASigner) Header(ctx context.Context, header *jwa.JWH) (*jwa.JWH, error)

func (*SourcedRSASigner) Transform ¶

func (signer *SourcedRSASigner) Transform(ctx context.Context, header *jwa.JWH, rawToken string) (string, error)

type SourcedRSAVerifier ¶

type SourcedRSAVerifier struct {
	// contains filtered or unexported fields
}

func NewSourcedRSAVerifier ¶

func NewSourcedRSAVerifier(source *jwk.Source[*rsa.PublicKey], preset RSAPreset) *SourcedRSAVerifier

NewSourcedRSAVerifier creates a new jwt.RecipientPlugin for a signed token using RSASSA-PKCS1-v1_5. A key of size 2048 bits or larger MUST be used with these algorithms.

Use any of the RSAPreset constants to configure the signing parameters.

RS256: RSASSA-PKCS1-v1_5 using SHA-256
RS384: RSASSA-PKCS1-v1_5 using SHA-384
RS512: RSASSA-PKCS1-v1_5 using SHA-512

https://datatracker.ietf.org/doc/html/rfc7518#section-3.3

func (*SourcedRSAVerifier) Transform ¶

func (verifier *SourcedRSAVerifier) Transform(
	ctx context.Context, header *jwa.JWH, rawToken string,
) ([]byte, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

Documentation ¶

Index ¶

Constants ¶

Variables ¶

Functions ¶

Types ¶

type ECDSAPreset ¶

type ECDSASigner ¶

func NewECDSASigner ¶

func (*ECDSASigner) Header ¶

func (*ECDSASigner) Transform ¶

type ECDSAVerifier ¶

func NewECDSAVerifier ¶

func (*ECDSAVerifier) Transform ¶

type ED25519Signer ¶

func NewED25519Signer ¶

func (*ED25519Signer) Header ¶

func (*ED25519Signer) Transform ¶

type ED25519Verifier ¶

func NewED25519Verifier ¶

func (*ED25519Verifier) Transform ¶

type HMACPreset ¶

type HMACSigner ¶

func NewHMACSigner ¶

func (*HMACSigner) Header ¶

func (*HMACSigner) Transform ¶

type HMACVerifier ¶

func NewHMACVerifier ¶

func (*HMACVerifier) Transform ¶

type RSAPSSPreset ¶

type RSAPSSSigner ¶

func NewRSAPSSSigner ¶

func (*RSAPSSSigner) Header ¶

func (*RSAPSSSigner) Transform ¶

type RSAPSSVerifier ¶

func NewRSAPSSVerifier ¶

func (*RSAPSSVerifier) Transform ¶

type RSAPreset ¶

type RSASigner ¶

func NewRSASigner ¶

func (*RSASigner) Header ¶

func (*RSASigner) Transform ¶

type RSAVerifier ¶

func NewRSAVerifier ¶

func (*RSAVerifier) Transform ¶

type SourceHMACSigner ¶

func NewSourcedHMACSigner ¶

func (*SourceHMACSigner) Header ¶

func (*SourceHMACSigner) Transform ¶

type SourceHMACVerifier ¶

func NewSourcedHMACVerifier ¶

func (*SourceHMACVerifier) Transform ¶

type SourcedECDSASigner ¶

func NewSourcedECDSASigner ¶

func (*SourcedECDSASigner) Header ¶

func (*SourcedECDSASigner) Transform ¶

type SourcedECDSAVerifier ¶

func NewSourcedECDSAVerifier ¶

func (*SourcedECDSAVerifier) Transform ¶

type SourcedED25519Signer ¶

func NewSourcedED25519Signer ¶

func (*SourcedED25519Signer) Header ¶

func (*SourcedED25519Signer) Transform ¶

type SourcedED25519Verifier ¶

func NewSourcedED25519Verifier ¶

func (*SourcedED25519Verifier) Transform ¶

type SourcedRSAPSSSigner ¶

func NewSourcedRSAPSSSigner ¶

func (*SourcedRSAPSSSigner) Header ¶

func (*SourcedRSAPSSSigner) Transform ¶

type SourcedRSAPSSVerifier ¶

func NewSourcedRSAPSSVerifier ¶

func (*SourcedRSAPSSVerifier) Transform ¶

type SourcedRSASigner ¶

func NewSourcedRSASigner ¶

func (*SourcedRSASigner) Header ¶

func (*SourcedRSASigner) Transform ¶

type SourcedRSAVerifier ¶

func NewSourcedRSAVerifier ¶

func (*SourcedRSAVerifier) Transform ¶