ClientContext returns a new Context that carries the provided HTTP client.

InsecureIssuerURLContext allows discovery to work when the issuer_url reported by upstream is mismatched with the discovery URL.

NewProvider uses the OpenID Connect discovery mechanism to construct a Provider.

NewRemoteKeySet returns a KeySet that can validate JSON web tokens by using HTTP GETs to fetch JSON web token sets hosted at a remote URL.

NewVerifier returns a verifier manually constructed from a key set and issuer URL.

Nonce returns an auth code option which requires the ID Token created by the OpenID Connect provider to contain the specified nonce.

Ed25519 using SHA-512.

ECDSA using P-256 and SHA-256.

ECDSA using P-384 and SHA-384.

ECDSA using P-521 and SHA-512.

RSASSA-PSS using SHA256 and MGF1-SHA256.

RSASSA-PSS using SHA384 and MGF1-SHA384.

RSASSA-PSS using SHA512 and MGF1-SHA512.

RSASSA-PKCS-v1.5 using SHA-256.

RSASSA-PKCS-v1.5 using SHA-384.

RSASSA-PKCS-v1.5 using SHA-512.

ScopeOfflineAccess is an optional scope defined by OpenID Connect for requesting OAuth2 refresh tokens.

ScopeOpenID is the mandatory scope for all OpenID Connect OAuth2 requests.

Config is the configuration for an IDTokenVerifier.

IDToken is an OpenID Connect extension that provides a predictable representation of an authorization event.

IDTokenVerifier provides verification for ID Tokens.

Provider represents an OpenID Connect server's configuration.

ProviderConfig allows direct creation of a [Provider] from metadata configuration.

RemoteKeySet is a KeySet implementation that validates JSON web tokens against a jwks_uri endpoint.

StaticKeySet is a verifier that validates JWT against a static set of public keys.

TokenExpiredError indicates that Verify failed because the token was expired.

UserInfo represents the OpenID Connect userinfo claims.

KeySet is a set of publc JSON Web Keys that can be used to validate the signature of JSON web tokens.