Categorygithub.com/LUSHDigital/coreauth
package
0.24.0
Repository: https://github.com/lushdigital/core.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
8
Dependents
3
Files
181 SLOC

# README

Auth

The core/auth package provides functions for services to issue and sign api consumer tokens.

Using the issuer

Start a new issuer

You can initiate an token issuer by passing a valid RSA or ECDSA PEM block.

var private = []byte(`... private key ...`)
issuer := auth.NewIssuerFromPEM(private, jwt.SigningMethodRS256)

Issue new tokens

A token can be issued with any struct that follows the jwt.Claims interface.

claims := jwt.StandardClaims{
	Id:        "1234",
	Issuer:    "Tests",
	Audience:  "Developers",
	Subject:   "Example",
	ExpiresAt: time.Now().Add(24 * time.Hour).Unix(),
	IssuedAt:  time.Now().Unix(),
	NotBefore: time.Now().Unix(),
}
raw, err := issuer.Issue(&claims)
if err != nil {
	return
}

Using the parser

Start a new parser

You can initiate an token parser by passing a valid RSA or ECDSA PEM block.

var public = []byte(`... public key ...`)
var fn func(pk crypto.PublicKey) jwt.Keyfunc {
	return func(token *jwt.Token) (interface{}, error) {
		if _, ok := token.Method.(*jwt.SigningMethodRSA); !ok {
			return pk, fmt.Errorf("unknown algorithm: %v", token.Header["alg"])
		}
		return pk, nil
	}
}
parser := auth.NewParserFromPEM(public, fn)

Parse existing tokens

Now you can parse any token that is signed with the public key provided to the parser.

var claims jwt.StandardClaims
err := parser.Parse(`... jwt ...`, &claims)
if err != nil {
	return
}

Mocking the issuer & parser

An issuer can be mocked with a temporary key pair for testing.

issuer, parser, err := authmock.NewRSAIssuerAndParser()
if err != nil {
	log.Fatalln(err)
}

# Packages

No description provided by the author

# Functions

NewIssuer creates a new issuer.
NewIssuerFromPEM will take a private key PEM and derive the private key from it.
NewIssuerFromPEMWithPassword will take a private key PEM with a password and derive the private key from it.
NewParser returns a new parser with a public key.
NewParserFromPEM will take a PEM and derive the public key from it and instantiate a parser.
PrivateKeyFromPEM will take a private key PEM and derive the private key from it.
PrivateKeyFromPEMWithPassword will take a private key PEM with a password and derive the private key from it.
PublicKeyFromPEM will take a public key PEM and derive the public key from it.

# Variables

ErrKeyMustBePEMEncoded happens when the PEM format is not valid.
ErrNotPrivateKey happens when the key is neither an RSA or ECDSA private key.
ErrNotPublicKey happens when the key is neither an RSA or ECDSA public key.
ErrNotRSAPrivateKey happens when the key is not a valid RSA private key.

# Structs

Issuer represents a set of methods for generating a JWT with a private key.
Parser represents a set of methods for parsing and validating a JWT against a public key.

# Interfaces

RSAPublicKeyCopierRenewer represents the combination of a Copier and Renewer interface.

# Type aliases

PublicKeyFunc is used to parse tokens using a public key.