CreateValidationResults creates an empty list of validation issues.

Decode takes a JWT string decodes it and validates it and return the embedded Claims.

DecodeAccountClaims decodes account claims from a JWT string.

DecodeActivationClaims tries to create an activation claim from a JWT string.

DecodeAuthorizationRequestClaims tries to parse an auth request claims from a JWT string.

DecodeAuthorizationResponseClaims tries to parse an auth request claims from a JWT string.

DecodeGeneric takes a JWT string and decodes it into a ClaimsData and map.

DecodeOperatorClaims tries to create an operator claims from a JWt string.

DecodeUserClaims tries to parse a user claims from a JWT string.

DecorateJWT returns a decorated JWT that describes the kind of JWT.

DecorateSeed takes a seed and returns a string that wraps the seed in the form: ************************* IMPORTANT ************************* NKEY Seed printed below can be used sign and prove identity.

FormatUserConfig returns a decorated file with a decorated JWT and decorated seed.

IssueUserJWT takes an account scoped signing key, account id, and use public key (and optionally a user's name, an expiration duration and tags) and returns a valid signed JWT.

NewAccountClaims creates a new account JWT.

NewActivationClaims creates a new activation claim with the provided sub.

NewAuthorizationRequestClaims creates an auth request JWT with the specific subject/public key.

NewGenericClaims creates a map-based Claims.

NewOperatorClaims creates a new operator claim with the specified subject, which should be an operator public key.

NewUserClaims creates a user JWT with the specific subject/public key.

ParseDecoratedJWT takes a creds file and returns the JWT portion.

ParseDecoratedNKey takes a creds file, finds the NKey portion and creates a key pair from it.

ParseDecoratedUserNKey takes a creds file, finds the NKey portion and creates a key pair from it.

ValidateOperatorServiceURL returns an error if the URL is not a valid NATS or TLS url.

AccountClaim is the type of an Account JWT.

ActivationClaim is the type of an activation JWT.

AlgorithmNkey is the algorithm supported by JWT tokens encoded and decoded by this library.

NoLimit is used to indicate a limit field is unlimited in value.

AuthorizationRequestClaim is the type of an auth request claim JWT.

AuthorizationResponseClaim is the response for an auth request.

GenericClaim is a type that doesn't match Operator/Account/User/ActionClaim.

NoLimit is used to indicate a limit field is unlimited in value.

OperatorClaim is the type of an operator JWT.

ResponseTypeChunked is used for a service that sends a single response in chunks (so not quite a stream).

ResponseTypeSingleton is used for a service that sends a single response only.

ResponseTypeStream is used for a service that will send multiple responses.

Service defines the type field value for a service "service".

Stream defines the type field value for a stream "stream".

TokenTypeJwt is the JWT token type supported JWT tokens encoded and decoded by this library from RFC7519 5.1 "typ": it is RECOMMENDED that "JWT" always be spelled using uppercase characters for compatibility.

Unknown is used if we don't know the type.

UserClaim is the type of an user JWT.

Version is semantic version.

Account holds account specific claims data.

AccountClaims defines the body of an account JWT.

Activation defines the custom parts of an activation claim.

ActivationClaims holds the data specific to an activation JWT.

AuthorizationRequest represents all the information we know about the client that will be sent to an external authorization service.

AuthorizationRequestClaims defines an external auth request JWT.

ClaimsData is the base struct for all claims.

ClientInformation is information about a client that is trying to authorize.

ClientTLS is information about TLS state if present, including client certs.

ConnectOptions represents options that were set in the CONNECT protocol from the client during authorization.

Export represents a single export.

ExternalAuthorization enables external authorization for account users.

GenericClaims can be used to read a JWT as a map for any non-generic fields.

Header is a JWT Jose Header.

Import describes a mapping from another account into this one.

Limits are used to control acccess for users and importing accounts.

MsgTrace holds distributed message tracing configuration.

Operator specific claims.

OperatorClaims define the data for an operator JWT.

OperatorLimits are used to limit access by an account.

Permission defines allow/deny subjects.

Permissions are used to restrict subject access, either on a user or for everyone on a server by default.

Prefix holds the prefix byte for an NKey.

ResponsePermission can be used to allow responses to any reply subject that is received on a valid subscription.

ServerID is basic static info for a NATS server.

ServiceLatency is used when observing and exported service for latency measurements.

TimeRange is used to represent a start and end time.

User defines the user specific data in a user JWT.

UserClaims defines a user JWT.

Src is a comma separated list of CIDR specifications.

ValidationIssue represents an issue during JWT validation, it may or may not be a blocking error.

ValidationResults is a list of ValidationIssue pointers.

WeightedMapping for publishes.

Claims is a JWT claims.

ClaimType is used to indicate the type of JWT being stored in a Claim.

Exports is a slice of exports.

ExportType defines the type of import/export.

Imports is a list of import structs.

ResponseType is used to store an export response type.

RevocationList is used to store a mapping of public keys to unix timestamps.

SignFn is used in an external sign environment.

SigningKeys is a map keyed by a public account key.

StringList is a wrapper for an array of strings.

Subject is a string that represents a NATS subject.

TagList is a unique array of lower case strings All tag list methods lower case the strings in the arguments.