...

Source file src/github.com/MicahParks/keyfunc/examples/recommended_options/main.go

Documentation: github.com/MicahParks/keyfunc/examples/recommended_options 

     1  package main
     2  
     3  import (
     4  	"context"
     5  	"log"
     6  	"time"
     7  
     8  	"github.com/golang-jwt/jwt/v4"
     9  
    10  	"github.com/MicahParks/keyfunc"
    11  )
    12  
    13  func main() {
    14  	// Get the JWKS URL.
    15  	//
    16  	// This is a sample JWKS service. Visit https://jwks-service.appspot.com/ and grab a token to test this example.
    17  	jwksURL := "https://jwks-service.appspot.com/.well-known/jwks.json"
    18  
    19  	// Create a context that, when cancelled, ends the JWKS background refresh goroutine.
    20  	ctx, cancel := context.WithCancel(context.Background())
    21  
    22  	// Create the keyfunc options. Use an error handler that logs. Refresh the JWKS when a JWT signed by an unknown KID
    23  	// is found or at the specified interval. Rate limit these refreshes. Timeout the initial JWKS refresh request after
    24  	// 10 seconds. This timeout is also used to create the initial context.Context for keyfunc.Get.
    25  	options := keyfunc.Options{
    26  		Ctx: ctx,
    27  		RefreshErrorHandler: func(err error) {
    28  			log.Printf("There was an error with the jwt.Keyfunc\nError: %s", err.Error())
    29  		},
    30  		RefreshInterval:   time.Hour,
    31  		RefreshRateLimit:  time.Minute * 5,
    32  		RefreshTimeout:    time.Second * 10,
    33  		RefreshUnknownKID: true,
    34  	}
    35  
    36  	// Create the JWKS from the resource at the given URL.
    37  	jwks, err := keyfunc.Get(jwksURL, options)
    38  	if err != nil {
    39  		log.Fatalf("Failed to create JWKS from resource at the given URL.\nError: %s", err.Error())
    40  	}
    41  
    42  	// Get a JWT to parse.
    43  	jwtB64 := "eyJraWQiOiJlZThkNjI2ZCIsInR5cCI6IkpXVCIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiJXZWlkb25nIiwiYXVkIjoiVGFzaHVhbiIsImlzcyI6Imp3a3Mtc2VydmljZS5hcHBzcG90LmNvbSIsImlhdCI6MTYzMTM2OTk1NSwianRpIjoiNDY2M2E5MTAtZWU2MC00NzcwLTgxNjktY2I3NDdiMDljZjU0In0.LwD65d5h6U_2Xco81EClMa_1WIW4xXZl8o4b7WzY_7OgPD2tNlByxvGDzP7bKYA9Gj--1mi4Q4li4CAnKJkaHRYB17baC0H5P9lKMPuA6AnChTzLafY6yf-YadA7DmakCtIl7FNcFQQL2DXmh6gS9J6TluFoCIXj83MqETbDWpL28o3XAD_05UP8VLQzH2XzyqWKi97mOuvz-GsDp9mhBYQUgN3csNXt2v2l-bUPWe19SftNej0cxddyGu06tXUtaS6K0oe0TTbaqc3hmfEiu5G0J8U6ztTUMwXkBvaknE640NPgMQJqBaey0E4u0txYgyvMvvxfwtcOrDRYqYPBnA"
    44  
    45  	// Parse the JWT.
    46  	token, err := jwt.Parse(jwtB64, jwks.Keyfunc)
    47  	if err != nil {
    48  		log.Fatalf("Failed to parse the JWT.\nError: %s", err.Error())
    49  	}
    50  
    51  	// Check if the token is valid.
    52  	if !token.Valid {
    53  		log.Fatalf("The token is not valid.")
    54  	}
    55  	log.Println("The token is valid.")
    56  
    57  	// End the background refresh goroutine when it's no longer needed.
    58  	cancel()
    59  
    60  	// This will be ineffectual because the line above this canceled the parent context.Context.
    61  	// This method call is idempotent similar to context.CancelFunc.
    62  	jwks.EndBackground()
    63  }
    64  

View as plain text