Parse methods use this callback function to supply
the key for verification. The function receives the parsed,
but unverified Token. This allows you to use properties in the
Header of the token (such as `kid`) to identify which key to use.
func Parse(tokenString string, keyFunc Keyfunc) (*Token, error)
func ParseWithClaims(tokenString string, claims Claims, keyFunc Keyfunc) (*Token, error)
func (*Parser).Parse(tokenString string, keyFunc Keyfunc) (*Token, error)
func (*Parser).ParseWithClaims(tokenString string, claims Claims, keyFunc Keyfunc) (*Token, error)
Claims type that uses the map[string]interface{} for JSON decoding
This is the default claims type if you don't supply one
Validates time based claims "exp, iat, nbf".
There is no accounting for clock skew.
As well, if any of the above claims are not in the token, it will still
be considered a valid claim.
Compares the aud claim against cmp.
If required is false, this method will return true if the value matches or is unset
Compares the exp claim against cmp.
If required is false, this method will return true if the value matches or is unset
Compares the iat claim against cmp.
If required is false, this method will return true if the value matches or is unset
Compares the iss claim against cmp.
If required is false, this method will return true if the value matches or is unset
Compares the nbf claim against cmp.
If required is false, this method will return true if the value matches or is unset
T : Claims
// Skip claims validation during token parsing
// Use JSON Number format in JSON decoder
// If populated, only these methods will be considered valid
Parse, validate, and return a token.
keyFunc will receive the parsed token and should return the key for validating.
If everything is kosher, err will be nil
WARNING: Don't use this method unless you know what you're doing
This method parses the token but doesn't validate the signature. It's only
ever useful in cases where you know the signature is valid (because it has
been checked previously in the stack) and you want to extract values from
it.
(*T) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyfunc) (*Token, error)
Implements the ECDSA family of signing methods signing methods
Expects *ecdsa.PrivateKey for signing and *ecdsa.PublicKey for verification
CurveBitsintHashcrypto.HashKeySizeintNamestring(*T) Alg() string
Implements the Sign method from SigningMethod
For this signing method, key must be an ecdsa.PrivateKey struct
Implements the Verify method from SigningMethod
For this verify method, key must be an ecdsa.PublicKey struct
*T : SigningMethod
var SigningMethodES256 *SigningMethodECDSA
var SigningMethodES384 *SigningMethodECDSA
var SigningMethodES512 *SigningMethodECDSA
Implements the HMAC-SHA family of signing methods signing methods
Expects key type of []byte for both signing and validation
Hashcrypto.HashNamestring(*T) Alg() string
Implements the Sign method from SigningMethod for this signing method.
Key must be []byte
Verify the signature of HSXXX tokens. Returns nil if the signature is valid.
*T : SigningMethod
var SigningMethodHS256 *SigningMethodHMAC
var SigningMethodHS384 *SigningMethodHMAC
var SigningMethodHS512 *SigningMethodHMAC
Implements the RSA family of signing methods signing methods
Expects *rsa.PrivateKey for signing and *rsa.PublicKey for validation
Hashcrypto.HashNamestring(*T) Alg() string
Implements the Sign method from SigningMethod
For this signing method, must be an *rsa.PrivateKey structure.
Implements the Verify method from SigningMethod
For this signing method, must be an *rsa.PublicKey structure.
*T : SigningMethod
var SigningMethodRS256 *SigningMethodRSA
var SigningMethodRS384 *SigningMethodRSA
var SigningMethodRS512 *SigningMethodRSA
Structured version of Claims Section, as referenced at
https://tools.ietf.org/html/rfc7519#section-4.1
See examples for how to use this with your own claim types
AudiencestringExpiresAtint64IdstringIssuedAtint64IssuerstringNotBeforeint64Subjectstring
Validates time based claims "exp, iat, nbf".
There is no accounting for clock skew.
As well, if any of the above claims are not in the token, it will still
be considered a valid claim.
Compares the aud claim against cmp.
If required is false, this method will return true if the value matches or is unset
Compares the exp claim against cmp.
If required is false, this method will return true if the value matches or is unset
Compares the iat claim against cmp.
If required is false, this method will return true if the value matches or is unset
Compares the iss claim against cmp.
If required is false, this method will return true if the value matches or is unset
Compares the nbf claim against cmp.
If required is false, this method will return true if the value matches or is unset
T : Claims
A JWT Token. Different fields will be used depending on whether you're
creating or parsing/verifying a token.
// The second segment of the token
// The first segment of the token
// The signing method used or to be used
// The raw token. Populated when you Parse a token
// The third segment of the token. Populated when you Parse a token
// Is the token valid? Populated when you Parse/Verify a token
Get the complete, signed token
Generate the signing string. This is the
most expensive part of the whole deal. Unless you
need this for something special, just go straight for
the SignedString.
func New(method SigningMethod) *Token
func NewWithClaims(method SigningMethod, claims Claims) *Token
func Parse(tokenString string, keyFunc Keyfunc) (*Token, error)
func ParseWithClaims(tokenString string, claims Claims, keyFunc Keyfunc) (*Token, error)
func (*Parser).Parse(tokenString string, keyFunc Keyfunc) (*Token, error)
func (*Parser).ParseUnverified(tokenString string, claims Claims) (token *Token, parts []string, err error)
func (*Parser).ParseWithClaims(tokenString string, claims Claims, keyFunc Keyfunc) (*Token, error)
The error from Parse if token is not valid
// bitfield. see ValidationError... constants
// stores the error returned by external dependencies, i.e.: KeyFunc
// errors that do not have a valid error just have text
Validation error is an error type
No errors
T : error
func NewValidationError(errorText string, errorFlags uint32) *ValidationError
(*T) Alg() string
Only allow 'none' signing if UnsafeAllowNoneSignatureType is specified as the key
Only allow 'none' alg type if UnsafeAllowNoneSignatureType is specified as the key
*T : SigningMethod
var SigningMethodNone *signingMethodNone
Parse, validate, and return a token.
keyFunc will receive the parsed token and should return the key for validating.
If everything is kosher, err will be nil
Implements the none signing method. This is required by the spec
but you probably should never use it.
Specific instances for RS/PS and company
Specific instances for RS/PS and company
Specific instances for RS/PS and company
Specific instances for RS256 and company
Specific instances for RS256 and company
Specific instances for RS256 and company
TimeFunc provides the current time when parsing token to validate "exp" claim (expiration time).
You can override it to use another time value. This is useful for testing or if your
server uses a different time zone than your tokens.
The errors that might occur when parsing and validating a token
The errors that might occur when parsing and validating a token
The errors that might occur when parsing and validating a token
The errors that might occur when parsing and validating a token
The errors that might occur when parsing and validating a token
The errors that might occur when parsing and validating a token
The errors that might occur when parsing and validating a token
The errors that might occur when parsing and validating a token
The errors that might occur when parsing and validating a token
The pages are generated with Goldsv0.3.2. (GOOS=linux GOARCH=amd64)
Golds is a Go 101 project developed by Tapir Liu.
PR and bug reports are welcome and can be submitted to the issue list.
Please follow @Go100and1 (reachable from the left QR code) to get the latest news of Golds.
