const (
// JWTContextKey holds the key used to store a JWT in the context.
JWTContextKey contextKey = "JWTToken"
// JWTTokenContextKey is an alias for JWTContextKey.
//
// Deprecated: prefer JWTContextKey.
JWTTokenContextKey = JWTContextKey
// JWTClaimsContextKey holds the key used to store the JWT Claims in the
// context.
JWTClaimsContextKey contextKey = "JWTClaims"
)
var (
// ErrTokenContextMissing denotes a token was not passed into the parsing
// middleware's context.
ErrTokenContextMissing = errors.New("token up for parsing was not passed through the context")
// ErrTokenInvalid denotes a token was not able to be validated.
ErrTokenInvalid = errors.New("JWT was invalid")
// ErrTokenExpired denotes a token's expire header (exp) has since passed.
ErrTokenExpired = errors.New("JWT is expired")
// ErrTokenMalformed denotes a token was not formatted as a JWT.
ErrTokenMalformed = errors.New("JWT is malformed")
// ErrTokenNotActive denotes a token's not before header (nbf) is in the
// future.
ErrTokenNotActive = errors.New("token is not valid yet")
// ErrUnexpectedSigningMethod denotes a token was signed with an unexpected
// signing method.
ErrUnexpectedSigningMethod = errors.New("unexpected signing method")
)
func ContextToGRPC() grpc.ClientRequestFunc
ContextToGRPC moves a JWT from context to grpc metadata. Particularly useful for clients.
func ContextToHTTP() http.RequestFunc
ContextToHTTP moves a JWT from context to request header. Particularly useful for clients.
func GRPCToContext() grpc.ServerRequestFunc
GRPCToContext moves a JWT from grpc metadata to context. Particularly userful for servers.
func HTTPToContext() http.RequestFunc
HTTPToContext moves a JWT from request header to context. Particularly useful for servers.
func MapClaimsFactory() jwt.Claims
MapClaimsFactory is a ClaimsFactory that returns an empty jwt.MapClaims.
func NewParser(keyFunc jwt.Keyfunc, method jwt.SigningMethod, newClaims ClaimsFactory) endpoint.Middleware
NewParser creates a new JWT parsing middleware, specifying a jwt.Keyfunc interface, the signing method and the claims type to be used. NewParser adds the resulting claims to endpoint context or returns error on invalid token. Particularly useful for servers.
func NewSigner(kid string, key []byte, method jwt.SigningMethod, claims jwt.Claims) endpoint.Middleware
NewSigner creates a new JWT generating middleware, specifying key ID, signing string, signing method and the claims you would like it to contain. Tokens are signed with a Key ID header (kid) which is useful for determining the key to use for parsing. Particularly useful for clients.
func StandardClaimsFactory() jwt.Claims
StandardClaimsFactory is a ClaimsFactory that returns an empty jwt.StandardClaims.
ClaimsFactory is a factory for jwt.Claims. Useful in NewParser middleware.
type ClaimsFactory func() jwt.Claims