...

Package openid

import "github.com/lestrrat-go/jwx/jwt/openid"
Overview
Index

Overview ▾

Package openid provides a specialized token that provides utilities to work with OpenID JWT tokens.

In order to use OpenID claims, you specify the token to use in the jwt.Parse method 

jwt.Parse(data, jwt.WithToken(openid.New())

Index ▾

Constants
func RegisterCustomField(name string, object interface{})
type AddressClaim
    func NewAddress() *AddressClaim
    func (t *AddressClaim) Accept(v interface{}) error
    func (t AddressClaim) Country() string
    func (t AddressClaim) Formatted() string
    func (t *AddressClaim) Get(s string) (interface{}, bool)
    func (t AddressClaim) Locality() string
    func (t AddressClaim) MarshalJSON() ([]byte, error)
    func (t AddressClaim) PostalCode() string
    func (t AddressClaim) Region() string
    func (t *AddressClaim) Set(key string, value interface{}) error
    func (t AddressClaim) StreetAddress() string
    func (t *AddressClaim) UnmarshalJSON(data []byte) error
type BirthdateClaim
    func (b *BirthdateClaim) Accept(v interface{}) error
    func (b BirthdateClaim) Day() int
    func (b BirthdateClaim) MarshalText() ([]byte, error)
    func (b BirthdateClaim) Month() int
    func (b BirthdateClaim) String() string
    func (b *BirthdateClaim) UnmarshalJSON(data []byte) error
    func (b BirthdateClaim) Year() int
type Builder
    func NewBuilder() *Builder
    func (b *Builder) Address(v *AddressClaim) *Builder
    func (b *Builder) Audience(v []string) *Builder
    func (b *Builder) Birthdate(v *BirthdateClaim) *Builder
    func (b *Builder) Build() (Token, error)
    func (b *Builder) Claim(name string, value interface{}) *Builder
    func (b *Builder) Email(v string) *Builder
    func (b *Builder) EmailVerified(v bool) *Builder
    func (b *Builder) Expiration(v time.Time) *Builder
    func (b *Builder) FamilyName(v string) *Builder
    func (b *Builder) Gender(v string) *Builder
    func (b *Builder) GivenName(v string) *Builder
    func (b *Builder) IssuedAt(v time.Time) *Builder
    func (b *Builder) Issuer(v string) *Builder
    func (b *Builder) JwtID(v string) *Builder
    func (b *Builder) Locale(v string) *Builder
    func (b *Builder) MiddleName(v string) *Builder
    func (b *Builder) Name(v string) *Builder
    func (b *Builder) Nickname(v string) *Builder
    func (b *Builder) NotBefore(v time.Time) *Builder
    func (b *Builder) PhoneNumber(v string) *Builder
    func (b *Builder) PhoneNumberVerified(v bool) *Builder
    func (b *Builder) Picture(v string) *Builder
    func (b *Builder) PreferredUsername(v string) *Builder
    func (b *Builder) Profile(v string) *Builder
    func (b *Builder) Subject(v string) *Builder
    func (b *Builder) UpdatedAt(v time.Time) *Builder
    func (b *Builder) Website(v string) *Builder
    func (b *Builder) Zoneinfo(v string) *Builder
type ClaimPair
type DecodeCtx
type Iterator
type Token
    func New() Token
type TokenWithDecodeCtx
type Visitor
type VisitorFunc

Package files

address.go birthdate.go builder_gen.go interface.go openid.go token_gen.go

Constants

const (
    AddressFormattedKey     = "formatted"
    AddressStreetAddressKey = "street_address"
    AddressLocalityKey      = "locality"
    AddressRegionKey        = "region"
    AddressPostalCodeKey    = "postal_code"
    AddressCountryKey       = "country"
)
const (
    AddressKey             = "address"
    AudienceKey            = "aud"
    BirthdateKey           = "birthdate"
    EmailKey               = "email"
    EmailVerifiedKey       = "email_verified"
    ExpirationKey          = "exp"
    FamilyNameKey          = "family_name"
    GenderKey              = "gender"
    GivenNameKey           = "given_name"
    IssuedAtKey            = "iat"
    IssuerKey              = "iss"
    JwtIDKey               = "jti"
    LocaleKey              = "locale"
    MiddleNameKey          = "middle_name"
    NameKey                = "name"
    NicknameKey            = "nickname"
    NotBeforeKey           = "nbf"
    PhoneNumberKey         = "phone_number"
    PhoneNumberVerifiedKey = "phone_number_verified"
    PictureKey             = "picture"
    PreferredUsernameKey   = "preferred_username"
    ProfileKey             = "profile"
    SubjectKey             = "sub"
    UpdatedAtKey           = "updated_at"
    WebsiteKey             = "website"
    ZoneinfoKey            = "zoneinfo"
)

func RegisterCustomField 

func RegisterCustomField(name string, object interface{})

RegisterCustomField allows users to specify that a private field be decoded as an instance of the specified type. This option has a global effect.

For example, suppose you have a custom field `x-birthday`, which you want to represent as a string formatted in RFC3339 in JSON, but want it back as `time.Time`.

In that case you would register a custom field as follows 

jwt.RegisterCustomField(`x-birthday`, timeT)

Then `token.Get("x-birthday")` will still return an `interface{}`, but you can convert its type to `time.Time` 

bdayif, _ := token.Get(`x-birthday`)
bday := bdayif.(time.Time)

type AddressClaim

AddressClaim is the address claim as described in https://openid.net/specs/openid-connect-core-1_0.html#AddressClaim 

type AddressClaim struct {
    // contains filtered or unexported fields
}

func NewAddress 

func NewAddress() *AddressClaim

func (*AddressClaim) Accept 

func (t *AddressClaim) Accept(v interface{}) error

func (AddressClaim) Country 

func (t AddressClaim) Country() string

Country is a convenience function to retrieve the corresponding value store in the token if there is a problem retrieving the value, the zero value is returned. If you need to differentiate between existing/non-existing values, use `Get` instead

func (AddressClaim) Formatted 

func (t AddressClaim) Formatted() string

Formatted is a convenience function to retrieve the corresponding value store in the token if there is a problem retrieving the value, the zero value is returned. If you need to differentiate between existing/non-existing values, use `Get` instead

func (*AddressClaim) Get 

func (t *AddressClaim) Get(s string) (interface{}, bool)

func (AddressClaim) Locality 

func (t AddressClaim) Locality() string

Locality is a convenience function to retrieve the corresponding value store in the token if there is a problem retrieving the value, the zero value is returned. If you need to differentiate between existing/non-existing values, use `Get` instead

func (AddressClaim) MarshalJSON 

func (t AddressClaim) MarshalJSON() ([]byte, error)

MarshalJSON serializes the token in JSON format.

func (AddressClaim) PostalCode 

func (t AddressClaim) PostalCode() string

PostalCode is a convenience function to retrieve the corresponding value store in the token if there is a problem retrieving the value, the zero value is returned. If you need to differentiate between existing/non-existing values, use `Get` instead

func (AddressClaim) Region 

func (t AddressClaim) Region() string

Region is a convenience function to retrieve the corresponding value store in the token if there is a problem retrieving the value, the zero value is returned. If you need to differentiate between existing/non-existing values, use `Get` instead

func (*AddressClaim) Set 

func (t *AddressClaim) Set(key string, value interface{}) error

func (AddressClaim) StreetAddress 

func (t AddressClaim) StreetAddress() string

StreetAddress is a convenience function to retrieve the corresponding value store in the token if there is a problem retrieving the value, the zero value is returned. If you need to differentiate between existing/non-existing values, use `Get` instead

func (*AddressClaim) UnmarshalJSON 

func (t *AddressClaim) UnmarshalJSON(data []byte) error

UnmarshalJSON deserializes data from a JSON data buffer into a AddressClaim

type BirthdateClaim 

type BirthdateClaim struct {
    // contains filtered or unexported fields
}

func (*BirthdateClaim) Accept 

func (b *BirthdateClaim) Accept(v interface{}) error

Accepts a value read from JSON, and converts it to a BirthdateClaim. This method DOES NOT verify the correctness of a date. Consumers should check for validity of dates such as Apr 31 et al

func (BirthdateClaim) Day 

func (b BirthdateClaim) Day() int

func (BirthdateClaim) MarshalText 

func (b BirthdateClaim) MarshalText() ([]byte, error)

func (BirthdateClaim) Month 

func (b BirthdateClaim) Month() int

func (BirthdateClaim) String 

func (b BirthdateClaim) String() string

func (*BirthdateClaim) UnmarshalJSON 

func (b *BirthdateClaim) UnmarshalJSON(data []byte) error

func (BirthdateClaim) Year 

func (b BirthdateClaim) Year() int

type Builder

Builder is a convenience wrapper around the New() constructor and the Set() methods to assign values to Token claims. Users can successively call Claim() on the Builder, and have it construct the Token when Build() is called. This alleviates the need for the user to check for the return value of every single Set() method call. Note that each call to Claim() overwrites the value set from the previous call. 

type Builder struct {
    // contains filtered or unexported fields
}

func NewBuilder 

func NewBuilder() *Builder

func (*Builder) Address 

func (b *Builder) Address(v *AddressClaim) *Builder

func (*Builder) Audience 

func (b *Builder) Audience(v []string) *Builder

func (*Builder) Birthdate 

func (b *Builder) Birthdate(v *BirthdateClaim) *Builder

func (*Builder) Build 

func (b *Builder) Build() (Token, error)

Build creates a new token based on the claims that the builder has received so far. If a claim cannot be set, then the method returns a nil Token with a en error as a second return value

func (*Builder) Claim 

func (b *Builder) Claim(name string, value interface{}) *Builder

func (*Builder) Email 

func (b *Builder) Email(v string) *Builder

func (*Builder) EmailVerified 

func (b *Builder) EmailVerified(v bool) *Builder

func (*Builder) Expiration 

func (b *Builder) Expiration(v time.Time) *Builder

func (*Builder) FamilyName 

func (b *Builder) FamilyName(v string) *Builder

func (*Builder) Gender 

func (b *Builder) Gender(v string) *Builder

func (*Builder) GivenName 

func (b *Builder) GivenName(v string) *Builder

func (*Builder) IssuedAt 

func (b *Builder) IssuedAt(v time.Time) *Builder

func (*Builder) Issuer 

func (b *Builder) Issuer(v string) *Builder

func (*Builder) JwtID 

func (b *Builder) JwtID(v string) *Builder

func (*Builder) Locale 

func (b *Builder) Locale(v string) *Builder

func (*Builder) MiddleName 

func (b *Builder) MiddleName(v string) *Builder

func (*Builder) Name 

func (b *Builder) Name(v string) *Builder

func (*Builder) Nickname 

func (b *Builder) Nickname(v string) *Builder

func (*Builder) NotBefore 

func (b *Builder) NotBefore(v time.Time) *Builder

func (*Builder) PhoneNumber 

func (b *Builder) PhoneNumber(v string) *Builder

func (*Builder) PhoneNumberVerified 

func (b *Builder) PhoneNumberVerified(v bool) *Builder

func (*Builder) Picture 

func (b *Builder) Picture(v string) *Builder

func (*Builder) PreferredUsername 

func (b *Builder) PreferredUsername(v string) *Builder

func (*Builder) Profile 

func (b *Builder) Profile(v string) *Builder

func (*Builder) Subject 

func (b *Builder) Subject(v string) *Builder

func (*Builder) UpdatedAt 

func (b *Builder) UpdatedAt(v time.Time) *Builder

func (*Builder) Website 

func (b *Builder) Website(v string) *Builder

func (*Builder) Zoneinfo 

func (b *Builder) Zoneinfo(v string) *Builder

type ClaimPair 

type ClaimPair = mapiter.Pair

type DecodeCtx 

type DecodeCtx = json.DecodeCtx

type Iterator 

type Iterator = mapiter.Iterator

type Token 

type Token interface {

    // Address returns the value for "address" field of the token
    Address() *AddressClaim

    // Audience returns the value for "aud" field of the token
    Audience() []string

    // Birthdate returns the value for "birthdate" field of the token
    Birthdate() *BirthdateClaim

    // Email returns the value for "email" field of the token
    Email() string

    // EmailVerified returns the value for "email_verified" field of the token
    EmailVerified() bool

    // Expiration returns the value for "exp" field of the token
    Expiration() time.Time

    // FamilyName returns the value for "family_name" field of the token
    FamilyName() string

    // Gender returns the value for "gender" field of the token
    Gender() string

    // GivenName returns the value for "given_name" field of the token
    GivenName() string

    // IssuedAt returns the value for "iat" field of the token
    IssuedAt() time.Time

    // Issuer returns the value for "iss" field of the token
    Issuer() string

    // JwtID returns the value for "jti" field of the token
    JwtID() string

    // Locale returns the value for "locale" field of the token
    Locale() string

    // MiddleName returns the value for "middle_name" field of the token
    MiddleName() string

    // Name returns the value for "name" field of the token
    Name() string

    // Nickname returns the value for "nickname" field of the token
    Nickname() string

    // NotBefore returns the value for "nbf" field of the token
    NotBefore() time.Time

    // PhoneNumber returns the value for "phone_number" field of the token
    PhoneNumber() string

    // PhoneNumberVerified returns the value for "phone_number_verified" field of the token
    PhoneNumberVerified() bool

    // Picture returns the value for "picture" field of the token
    Picture() string

    // PreferredUsername returns the value for "preferred_username" field of the token
    PreferredUsername() string

    // Profile returns the value for "profile" field of the token
    Profile() string

    // Subject returns the value for "sub" field of the token
    Subject() string

    // UpdatedAt returns the value for "updated_at" field of the token
    UpdatedAt() time.Time

    // Website returns the value for "website" field of the token
    Website() string

    // Zoneinfo returns the value for "zoneinfo" field of the token
    Zoneinfo() string

    // PrivateClaims return the entire set of fields (claims) in the token
    // *other* than the pre-defined fields such as `iss`, `nbf`, `iat`, etc.
    PrivateClaims() map[string]interface{}

    // Get returns the value of the corresponding field in the token, such as
    // `nbf`, `exp`, `iat`, and other user-defined fields. If the field does not
    // exist in the token, the second return value will be `false`
    //
    // If you need to access fields like `alg`, `kid`, `jku`, etc, you need
    // to access the corresponding fields in the JWS/JWE message. For this,
    // you will need to access them by directly parsing the payload using
    // `jws.Parse` and `jwe.Parse`
    Get(string) (interface{}, bool)

    // Set assigns a value to the corresponding field in the token. Some
    // pre-defined fields such as `nbf`, `iat`, `iss` need their values to
    // be of a specific type. See the other getter methods in this interface
    // for the types of each of these fields
    Set(string, interface{}) error
    Remove(string) error
    Clone() (jwt.Token, error)
    Iterate(context.Context) Iterator
    Walk(context.Context, Visitor) error
    AsMap(context.Context) (map[string]interface{}, error)
}

func New 

func New() Token

New creates a standard token, with minimal knowledge of possible claims. Standard claims include"address", "aud", "birthdate", "email", "email_verified", "exp", "family_name", "gender", "given_name", "iat", "iss", "jti", "locale", "middle_name", "name", "nickname", "nbf", "phone_number", "phone_number_verified", "picture", "preferred_username", "profile", "sub", "updated_at", "website" and "zoneinfo". Convenience accessors are provided for these standard claims

type TokenWithDecodeCtx 

type TokenWithDecodeCtx = json.DecodeCtxContainer

type Visitor 

type Visitor = iter.MapVisitor

type VisitorFunc 

type VisitorFunc = iter.MapVisitorFunc