token_gen.go

Documentation: github.com/lestrrat-go/jwx/jwt/openid

     1  // This file is auto-generated by jwt/internal/cmd/gentoken/main.go. DO NOT EDIT
     2  
     3  package openid
     4  
     5  import (
     6  	"bytes"
     7  	"context"
     8  	"sort"
     9  	"sync"
    10  	"time"
    11  
    12  	"github.com/lestrrat-go/iter/mapiter"
    13  	"github.com/lestrrat-go/jwx/internal/base64"
    14  	"github.com/lestrrat-go/jwx/internal/iter"
    15  	"github.com/lestrrat-go/jwx/internal/json"
    16  	"github.com/lestrrat-go/jwx/internal/pool"
    17  	"github.com/lestrrat-go/jwx/jwt"
    18  	"github.com/lestrrat-go/jwx/jwt/internal/types"
    19  	"github.com/pkg/errors"
    20  )
    21  
    22  const (
    23  	AddressKey             = "address"
    24  	AudienceKey            = "aud"
    25  	BirthdateKey           = "birthdate"
    26  	EmailKey               = "email"
    27  	EmailVerifiedKey       = "email_verified"
    28  	ExpirationKey          = "exp"
    29  	FamilyNameKey          = "family_name"
    30  	GenderKey              = "gender"
    31  	GivenNameKey           = "given_name"
    32  	IssuedAtKey            = "iat"
    33  	IssuerKey              = "iss"
    34  	JwtIDKey               = "jti"
    35  	LocaleKey              = "locale"
    36  	MiddleNameKey          = "middle_name"
    37  	NameKey                = "name"
    38  	NicknameKey            = "nickname"
    39  	NotBeforeKey           = "nbf"
    40  	PhoneNumberKey         = "phone_number"
    41  	PhoneNumberVerifiedKey = "phone_number_verified"
    42  	PictureKey             = "picture"
    43  	PreferredUsernameKey   = "preferred_username"
    44  	ProfileKey             = "profile"
    45  	SubjectKey             = "sub"
    46  	UpdatedAtKey           = "updated_at"
    47  	WebsiteKey             = "website"
    48  	ZoneinfoKey            = "zoneinfo"
    49  )
    50  
    51  type Token interface {
    52  
    53  	// Address returns the value for "address" field of the token
    54  	Address() *AddressClaim
    55  
    56  	// Audience returns the value for "aud" field of the token
    57  	Audience() []string
    58  
    59  	// Birthdate returns the value for "birthdate" field of the token
    60  	Birthdate() *BirthdateClaim
    61  
    62  	// Email returns the value for "email" field of the token
    63  	Email() string
    64  
    65  	// EmailVerified returns the value for "email_verified" field of the token
    66  	EmailVerified() bool
    67  
    68  	// Expiration returns the value for "exp" field of the token
    69  	Expiration() time.Time
    70  
    71  	// FamilyName returns the value for "family_name" field of the token
    72  	FamilyName() string
    73  
    74  	// Gender returns the value for "gender" field of the token
    75  	Gender() string
    76  
    77  	// GivenName returns the value for "given_name" field of the token
    78  	GivenName() string
    79  
    80  	// IssuedAt returns the value for "iat" field of the token
    81  	IssuedAt() time.Time
    82  
    83  	// Issuer returns the value for "iss" field of the token
    84  	Issuer() string
    85  
    86  	// JwtID returns the value for "jti" field of the token
    87  	JwtID() string
    88  
    89  	// Locale returns the value for "locale" field of the token
    90  	Locale() string
    91  
    92  	// MiddleName returns the value for "middle_name" field of the token
    93  	MiddleName() string
    94  
    95  	// Name returns the value for "name" field of the token
    96  	Name() string
    97  
    98  	// Nickname returns the value for "nickname" field of the token
    99  	Nickname() string
   100  
   101  	// NotBefore returns the value for "nbf" field of the token
   102  	NotBefore() time.Time
   103  
   104  	// PhoneNumber returns the value for "phone_number" field of the token
   105  	PhoneNumber() string
   106  
   107  	// PhoneNumberVerified returns the value for "phone_number_verified" field of the token
   108  	PhoneNumberVerified() bool
   109  
   110  	// Picture returns the value for "picture" field of the token
   111  	Picture() string
   112  
   113  	// PreferredUsername returns the value for "preferred_username" field of the token
   114  	PreferredUsername() string
   115  
   116  	// Profile returns the value for "profile" field of the token
   117  	Profile() string
   118  
   119  	// Subject returns the value for "sub" field of the token
   120  	Subject() string
   121  
   122  	// UpdatedAt returns the value for "updated_at" field of the token
   123  	UpdatedAt() time.Time
   124  
   125  	// Website returns the value for "website" field of the token
   126  	Website() string
   127  
   128  	// Zoneinfo returns the value for "zoneinfo" field of the token
   129  	Zoneinfo() string
   130  
   131  	// PrivateClaims return the entire set of fields (claims) in the token
   132  	// *other* than the pre-defined fields such as `iss`, `nbf`, `iat`, etc.
   133  	PrivateClaims() map[string]interface{}
   134  
   135  	// Get returns the value of the corresponding field in the token, such as
   136  	// `nbf`, `exp`, `iat`, and other user-defined fields. If the field does not
   137  	// exist in the token, the second return value will be `false`
   138  	//
   139  	// If you need to access fields like `alg`, `kid`, `jku`, etc, you need
   140  	// to access the corresponding fields in the JWS/JWE message. For this,
   141  	// you will need to access them by directly parsing the payload using
   142  	// `jws.Parse` and `jwe.Parse`
   143  	Get(string) (interface{}, bool)
   144  
   145  	// Set assigns a value to the corresponding field in the token. Some
   146  	// pre-defined fields such as `nbf`, `iat`, `iss` need their values to
   147  	// be of a specific type. See the other getter methods in this interface
   148  	// for the types of each of these fields
   149  	Set(string, interface{}) error
   150  	Remove(string) error
   151  	Clone() (jwt.Token, error)
   152  	Iterate(context.Context) Iterator
   153  	Walk(context.Context, Visitor) error
   154  	AsMap(context.Context) (map[string]interface{}, error)
   155  }
   156  type stdToken struct {
   157  	mu                  *sync.RWMutex
   158  	dc                  DecodeCtx // per-object context for decoding
   159  	address             *AddressClaim
   160  	audience            types.StringList // https://tools.ietf.org/html/rfc7519#section-4.1.3
   161  	birthdate           *BirthdateClaim
   162  	email               *string
   163  	emailVerified       *bool
   164  	expiration          *types.NumericDate // https://tools.ietf.org/html/rfc7519#section-4.1.4
   165  	familyName          *string
   166  	gender              *string
   167  	givenName           *string
   168  	issuedAt            *types.NumericDate // https://tools.ietf.org/html/rfc7519#section-4.1.6
   169  	issuer              *string            // https://tools.ietf.org/html/rfc7519#section-4.1.1
   170  	jwtID               *string            // https://tools.ietf.org/html/rfc7519#section-4.1.7
   171  	locale              *string
   172  	middleName          *string
   173  	name                *string
   174  	nickname            *string
   175  	notBefore           *types.NumericDate // https://tools.ietf.org/html/rfc7519#section-4.1.5
   176  	phoneNumber         *string
   177  	phoneNumberVerified *bool
   178  	picture             *string
   179  	preferredUsername   *string
   180  	profile             *string
   181  	subject             *string // https://tools.ietf.org/html/rfc7519#section-4.1.2
   182  	updatedAt           *types.NumericDate
   183  	website             *string
   184  	zoneinfo            *string
   185  	privateClaims       map[string]interface{}
   186  }
   187  
   188  // New creates a standard token, with minimal knowledge of
   189  // possible claims. Standard claims include"address", "aud", "birthdate", "email", "email_verified", "exp", "family_name", "gender", "given_name", "iat", "iss", "jti", "locale", "middle_name", "name", "nickname", "nbf", "phone_number", "phone_number_verified", "picture", "preferred_username", "profile", "sub", "updated_at", "website" and "zoneinfo".
   190  // Convenience accessors are provided for these standard claims
   191  func New() Token {
   192  	return &stdToken{
   193  		mu:            &sync.RWMutex{},
   194  		privateClaims: make(map[string]interface{}),
   195  	}
   196  }
   197  
   198  func (t *stdToken) Get(name string) (interface{}, bool) {
   199  	t.mu.RLock()
   200  	defer t.mu.RUnlock()
   201  	switch name {
   202  	case AddressKey:
   203  		if t.address == nil {
   204  			return nil, false
   205  		}
   206  		v := t.address
   207  		return v, true
   208  	case AudienceKey:
   209  		if t.audience == nil {
   210  			return nil, false
   211  		}
   212  		v := t.audience.Get()
   213  		return v, true
   214  	case BirthdateKey:
   215  		if t.birthdate == nil {
   216  			return nil, false
   217  		}
   218  		v := t.birthdate
   219  		return v, true
   220  	case EmailKey:
   221  		if t.email == nil {
   222  			return nil, false
   223  		}
   224  		v := *(t.email)
   225  		return v, true
   226  	case EmailVerifiedKey:
   227  		if t.emailVerified == nil {
   228  			return nil, false
   229  		}
   230  		v := *(t.emailVerified)
   231  		return v, true
   232  	case ExpirationKey:
   233  		if t.expiration == nil {
   234  			return nil, false
   235  		}
   236  		v := t.expiration.Get()
   237  		return v, true
   238  	case FamilyNameKey:
   239  		if t.familyName == nil {
   240  			return nil, false
   241  		}
   242  		v := *(t.familyName)
   243  		return v, true
   244  	case GenderKey:
   245  		if t.gender == nil {
   246  			return nil, false
   247  		}
   248  		v := *(t.gender)
   249  		return v, true
   250  	case GivenNameKey:
   251  		if t.givenName == nil {
   252  			return nil, false
   253  		}
   254  		v := *(t.givenName)
   255  		return v, true
   256  	case IssuedAtKey:
   257  		if t.issuedAt == nil {
   258  			return nil, false
   259  		}
   260  		v := t.issuedAt.Get()
   261  		return v, true
   262  	case IssuerKey:
   263  		if t.issuer == nil {
   264  			return nil, false
   265  		}
   266  		v := *(t.issuer)
   267  		return v, true
   268  	case JwtIDKey:
   269  		if t.jwtID == nil {
   270  			return nil, false
   271  		}
   272  		v := *(t.jwtID)
   273  		return v, true
   274  	case LocaleKey:
   275  		if t.locale == nil {
   276  			return nil, false
   277  		}
   278  		v := *(t.locale)
   279  		return v, true
   280  	case MiddleNameKey:
   281  		if t.middleName == nil {
   282  			return nil, false
   283  		}
   284  		v := *(t.middleName)
   285  		return v, true
   286  	case NameKey:
   287  		if t.name == nil {
   288  			return nil, false
   289  		}
   290  		v := *(t.name)
   291  		return v, true
   292  	case NicknameKey:
   293  		if t.nickname == nil {
   294  			return nil, false
   295  		}
   296  		v := *(t.nickname)
   297  		return v, true
   298  	case NotBeforeKey:
   299  		if t.notBefore == nil {
   300  			return nil, false
   301  		}
   302  		v := t.notBefore.Get()
   303  		return v, true
   304  	case PhoneNumberKey:
   305  		if t.phoneNumber == nil {
   306  			return nil, false
   307  		}
   308  		v := *(t.phoneNumber)
   309  		return v, true
   310  	case PhoneNumberVerifiedKey:
   311  		if t.phoneNumberVerified == nil {
   312  			return nil, false
   313  		}
   314  		v := *(t.phoneNumberVerified)
   315  		return v, true
   316  	case PictureKey:
   317  		if t.picture == nil {
   318  			return nil, false
   319  		}
   320  		v := *(t.picture)
   321  		return v, true
   322  	case PreferredUsernameKey:
   323  		if t.preferredUsername == nil {
   324  			return nil, false
   325  		}
   326  		v := *(t.preferredUsername)
   327  		return v, true
   328  	case ProfileKey:
   329  		if t.profile == nil {
   330  			return nil, false
   331  		}
   332  		v := *(t.profile)
   333  		return v, true
   334  	case SubjectKey:
   335  		if t.subject == nil {
   336  			return nil, false
   337  		}
   338  		v := *(t.subject)
   339  		return v, true
   340  	case UpdatedAtKey:
   341  		if t.updatedAt == nil {
   342  			return nil, false
   343  		}
   344  		v := t.updatedAt.Get()
   345  		return v, true
   346  	case WebsiteKey:
   347  		if t.website == nil {
   348  			return nil, false
   349  		}
   350  		v := *(t.website)
   351  		return v, true
   352  	case ZoneinfoKey:
   353  		if t.zoneinfo == nil {
   354  			return nil, false
   355  		}
   356  		v := *(t.zoneinfo)
   357  		return v, true
   358  	default:
   359  		v, ok := t.privateClaims[name]
   360  		return v, ok
   361  	}
   362  }
   363  
   364  func (t *stdToken) Remove(key string) error {
   365  	t.mu.Lock()
   366  	defer t.mu.Unlock()
   367  	switch key {
   368  	case AddressKey:
   369  		t.address = nil
   370  	case AudienceKey:
   371  		t.audience = nil
   372  	case BirthdateKey:
   373  		t.birthdate = nil
   374  	case EmailKey:
   375  		t.email = nil
   376  	case EmailVerifiedKey:
   377  		t.emailVerified = nil
   378  	case ExpirationKey:
   379  		t.expiration = nil
   380  	case FamilyNameKey:
   381  		t.familyName = nil
   382  	case GenderKey:
   383  		t.gender = nil
   384  	case GivenNameKey:
   385  		t.givenName = nil
   386  	case IssuedAtKey:
   387  		t.issuedAt = nil
   388  	case IssuerKey:
   389  		t.issuer = nil
   390  	case JwtIDKey:
   391  		t.jwtID = nil
   392  	case LocaleKey:
   393  		t.locale = nil
   394  	case MiddleNameKey:
   395  		t.middleName = nil
   396  	case NameKey:
   397  		t.name = nil
   398  	case NicknameKey:
   399  		t.nickname = nil
   400  	case NotBeforeKey:
   401  		t.notBefore = nil
   402  	case PhoneNumberKey:
   403  		t.phoneNumber = nil
   404  	case PhoneNumberVerifiedKey:
   405  		t.phoneNumberVerified = nil
   406  	case PictureKey:
   407  		t.picture = nil
   408  	case PreferredUsernameKey:
   409  		t.preferredUsername = nil
   410  	case ProfileKey:
   411  		t.profile = nil
   412  	case SubjectKey:
   413  		t.subject = nil
   414  	case UpdatedAtKey:
   415  		t.updatedAt = nil
   416  	case WebsiteKey:
   417  		t.website = nil
   418  	case ZoneinfoKey:
   419  		t.zoneinfo = nil
   420  	default:
   421  		delete(t.privateClaims, key)
   422  	}
   423  	return nil
   424  }
   425  
   426  func (t *stdToken) Set(name string, value interface{}) error {
   427  	t.mu.Lock()
   428  	defer t.mu.Unlock()
   429  	return t.setNoLock(name, value)
   430  }
   431  
   432  func (t *stdToken) DecodeCtx() DecodeCtx {
   433  	t.mu.RLock()
   434  	defer t.mu.RUnlock()
   435  	return t.dc
   436  }
   437  
   438  func (t *stdToken) SetDecodeCtx(v DecodeCtx) {
   439  	t.mu.Lock()
   440  	defer t.mu.Unlock()
   441  	t.dc = v
   442  }
   443  
   444  func (t *stdToken) setNoLock(name string, value interface{}) error {
   445  	switch name {
   446  	case AddressKey:
   447  		var acceptor AddressClaim
   448  		if err := acceptor.Accept(value); err != nil {
   449  			return errors.Wrapf(err, `invalid value for %s key`, AddressKey)
   450  		}
   451  		t.address = &acceptor
   452  		return nil
   453  	case AudienceKey:
   454  		var acceptor types.StringList
   455  		if err := acceptor.Accept(value); err != nil {
   456  			return errors.Wrapf(err, `invalid value for %s key`, AudienceKey)
   457  		}
   458  		t.audience = acceptor
   459  		return nil
   460  	case BirthdateKey:
   461  		var acceptor BirthdateClaim
   462  		if err := acceptor.Accept(value); err != nil {
   463  			return errors.Wrapf(err, `invalid value for %s key`, BirthdateKey)
   464  		}
   465  		t.birthdate = &acceptor
   466  		return nil
   467  	case EmailKey:
   468  		if v, ok := value.(string); ok {
   469  			t.email = &v
   470  			return nil
   471  		}
   472  		return errors.Errorf(`invalid value for %s key: %T`, EmailKey, value)
   473  	case EmailVerifiedKey:
   474  		if v, ok := value.(bool); ok {
   475  			t.emailVerified = &v
   476  			return nil
   477  		}
   478  		return errors.Errorf(`invalid value for %s key: %T`, EmailVerifiedKey, value)
   479  	case ExpirationKey:
   480  		var acceptor types.NumericDate
   481  		if err := acceptor.Accept(value); err != nil {
   482  			return errors.Wrapf(err, `invalid value for %s key`, ExpirationKey)
   483  		}
   484  		t.expiration = &acceptor
   485  		return nil
   486  	case FamilyNameKey:
   487  		if v, ok := value.(string); ok {
   488  			t.familyName = &v
   489  			return nil
   490  		}
   491  		return errors.Errorf(`invalid value for %s key: %T`, FamilyNameKey, value)
   492  	case GenderKey:
   493  		if v, ok := value.(string); ok {
   494  			t.gender = &v
   495  			return nil
   496  		}
   497  		return errors.Errorf(`invalid value for %s key: %T`, GenderKey, value)
   498  	case GivenNameKey:
   499  		if v, ok := value.(string); ok {
   500  			t.givenName = &v
   501  			return nil
   502  		}
   503  		return errors.Errorf(`invalid value for %s key: %T`, GivenNameKey, value)
   504  	case IssuedAtKey:
   505  		var acceptor types.NumericDate
   506  		if err := acceptor.Accept(value); err != nil {
   507  			return errors.Wrapf(err, `invalid value for %s key`, IssuedAtKey)
   508  		}
   509  		t.issuedAt = &acceptor
   510  		return nil
   511  	case IssuerKey:
   512  		if v, ok := value.(string); ok {
   513  			t.issuer = &v
   514  			return nil
   515  		}
   516  		return errors.Errorf(`invalid value for %s key: %T`, IssuerKey, value)
   517  	case JwtIDKey:
   518  		if v, ok := value.(string); ok {
   519  			t.jwtID = &v
   520  			return nil
   521  		}
   522  		return errors.Errorf(`invalid value for %s key: %T`, JwtIDKey, value)
   523  	case LocaleKey:
   524  		if v, ok := value.(string); ok {
   525  			t.locale = &v
   526  			return nil
   527  		}
   528  		return errors.Errorf(`invalid value for %s key: %T`, LocaleKey, value)
   529  	case MiddleNameKey:
   530  		if v, ok := value.(string); ok {
   531  			t.middleName = &v
   532  			return nil
   533  		}
   534  		return errors.Errorf(`invalid value for %s key: %T`, MiddleNameKey, value)
   535  	case NameKey:
   536  		if v, ok := value.(string); ok {
   537  			t.name = &v
   538  			return nil
   539  		}
   540  		return errors.Errorf(`invalid value for %s key: %T`, NameKey, value)
   541  	case NicknameKey:
   542  		if v, ok := value.(string); ok {
   543  			t.nickname = &v
   544  			return nil
   545  		}
   546  		return errors.Errorf(`invalid value for %s key: %T`, NicknameKey, value)
   547  	case NotBeforeKey:
   548  		var acceptor types.NumericDate
   549  		if err := acceptor.Accept(value); err != nil {
   550  			return errors.Wrapf(err, `invalid value for %s key`, NotBeforeKey)
   551  		}
   552  		t.notBefore = &acceptor
   553  		return nil
   554  	case PhoneNumberKey:
   555  		if v, ok := value.(string); ok {
   556  			t.phoneNumber = &v
   557  			return nil
   558  		}
   559  		return errors.Errorf(`invalid value for %s key: %T`, PhoneNumberKey, value)
   560  	case PhoneNumberVerifiedKey:
   561  		if v, ok := value.(bool); ok {
   562  			t.phoneNumberVerified = &v
   563  			return nil
   564  		}
   565  		return errors.Errorf(`invalid value for %s key: %T`, PhoneNumberVerifiedKey, value)
   566  	case PictureKey:
   567  		if v, ok := value.(string); ok {
   568  			t.picture = &v
   569  			return nil
   570  		}
   571  		return errors.Errorf(`invalid value for %s key: %T`, PictureKey, value)
   572  	case PreferredUsernameKey:
   573  		if v, ok := value.(string); ok {
   574  			t.preferredUsername = &v
   575  			return nil
   576  		}
   577  		return errors.Errorf(`invalid value for %s key: %T`, PreferredUsernameKey, value)
   578  	case ProfileKey:
   579  		if v, ok := value.(string); ok {
   580  			t.profile = &v
   581  			return nil
   582  		}
   583  		return errors.Errorf(`invalid value for %s key: %T`, ProfileKey, value)
   584  	case SubjectKey:
   585  		if v, ok := value.(string); ok {
   586  			t.subject = &v
   587  			return nil
   588  		}
   589  		return errors.Errorf(`invalid value for %s key: %T`, SubjectKey, value)
   590  	case UpdatedAtKey:
   591  		var acceptor types.NumericDate
   592  		if err := acceptor.Accept(value); err != nil {
   593  			return errors.Wrapf(err, `invalid value for %s key`, UpdatedAtKey)
   594  		}
   595  		t.updatedAt = &acceptor
   596  		return nil
   597  	case WebsiteKey:
   598  		if v, ok := value.(string); ok {
   599  			t.website = &v
   600  			return nil
   601  		}
   602  		return errors.Errorf(`invalid value for %s key: %T`, WebsiteKey, value)
   603  	case ZoneinfoKey:
   604  		if v, ok := value.(string); ok {
   605  			t.zoneinfo = &v
   606  			return nil
   607  		}
   608  		return errors.Errorf(`invalid value for %s key: %T`, ZoneinfoKey, value)
   609  	default:
   610  		if t.privateClaims == nil {
   611  			t.privateClaims = map[string]interface{}{}
   612  		}
   613  		t.privateClaims[name] = value
   614  	}
   615  	return nil
   616  }
   617  
   618  func (t *stdToken) Address() *AddressClaim {
   619  	t.mu.RLock()
   620  	defer t.mu.RUnlock()
   621  	return t.address
   622  }
   623  
   624  func (t *stdToken) Audience() []string {
   625  	t.mu.RLock()
   626  	defer t.mu.RUnlock()
   627  	if t.audience != nil {
   628  		return t.audience.Get()
   629  	}
   630  	return nil
   631  }
   632  
   633  func (t *stdToken) Birthdate() *BirthdateClaim {
   634  	t.mu.RLock()
   635  	defer t.mu.RUnlock()
   636  	return t.birthdate
   637  }
   638  
   639  func (t *stdToken) Email() string {
   640  	t.mu.RLock()
   641  	defer t.mu.RUnlock()
   642  	if t.email != nil {
   643  		return *(t.email)
   644  	}
   645  	return ""
   646  }
   647  
   648  func (t *stdToken) EmailVerified() bool {
   649  	t.mu.RLock()
   650  	defer t.mu.RUnlock()
   651  	if t.emailVerified != nil {
   652  		return *(t.emailVerified)
   653  	}
   654  	return false
   655  }
   656  
   657  func (t *stdToken) Expiration() time.Time {
   658  	t.mu.RLock()
   659  	defer t.mu.RUnlock()
   660  	if t.expiration != nil {
   661  		return t.expiration.Get()
   662  	}
   663  	return time.Time{}
   664  }
   665  
   666  func (t *stdToken) FamilyName() string {
   667  	t.mu.RLock()
   668  	defer t.mu.RUnlock()
   669  	if t.familyName != nil {
   670  		return *(t.familyName)
   671  	}
   672  	return ""
   673  }
   674  
   675  func (t *stdToken) Gender() string {
   676  	t.mu.RLock()
   677  	defer t.mu.RUnlock()
   678  	if t.gender != nil {
   679  		return *(t.gender)
   680  	}
   681  	return ""
   682  }
   683  
   684  func (t *stdToken) GivenName() string {
   685  	t.mu.RLock()
   686  	defer t.mu.RUnlock()
   687  	if t.givenName != nil {
   688  		return *(t.givenName)
   689  	}
   690  	return ""
   691  }
   692  
   693  func (t *stdToken) IssuedAt() time.Time {
   694  	t.mu.RLock()
   695  	defer t.mu.RUnlock()
   696  	if t.issuedAt != nil {
   697  		return t.issuedAt.Get()
   698  	}
   699  	return time.Time{}
   700  }
   701  
   702  func (t *stdToken) Issuer() string {
   703  	t.mu.RLock()
   704  	defer t.mu.RUnlock()
   705  	if t.issuer != nil {
   706  		return *(t.issuer)
   707  	}
   708  	return ""
   709  }
   710  
   711  func (t *stdToken) JwtID() string {
   712  	t.mu.RLock()
   713  	defer t.mu.RUnlock()
   714  	if t.jwtID != nil {
   715  		return *(t.jwtID)
   716  	}
   717  	return ""
   718  }
   719  
   720  func (t *stdToken) Locale() string {
   721  	t.mu.RLock()
   722  	defer t.mu.RUnlock()
   723  	if t.locale != nil {
   724  		return *(t.locale)
   725  	}
   726  	return ""
   727  }
   728  
   729  func (t *stdToken) MiddleName() string {
   730  	t.mu.RLock()
   731  	defer t.mu.RUnlock()
   732  	if t.middleName != nil {
   733  		return *(t.middleName)
   734  	}
   735  	return ""
   736  }
   737  
   738  func (t *stdToken) Name() string {
   739  	t.mu.RLock()
   740  	defer t.mu.RUnlock()
   741  	if t.name != nil {
   742  		return *(t.name)
   743  	}
   744  	return ""
   745  }
   746  
   747  func (t *stdToken) Nickname() string {
   748  	t.mu.RLock()
   749  	defer t.mu.RUnlock()
   750  	if t.nickname != nil {
   751  		return *(t.nickname)
   752  	}
   753  	return ""
   754  }
   755  
   756  func (t *stdToken) NotBefore() time.Time {
   757  	t.mu.RLock()
   758  	defer t.mu.RUnlock()
   759  	if t.notBefore != nil {
   760  		return t.notBefore.Get()
   761  	}
   762  	return time.Time{}
   763  }
   764  
   765  func (t *stdToken) PhoneNumber() string {
   766  	t.mu.RLock()
   767  	defer t.mu.RUnlock()
   768  	if t.phoneNumber != nil {
   769  		return *(t.phoneNumber)
   770  	}
   771  	return ""
   772  }
   773  
   774  func (t *stdToken) PhoneNumberVerified() bool {
   775  	t.mu.RLock()
   776  	defer t.mu.RUnlock()
   777  	if t.phoneNumberVerified != nil {
   778  		return *(t.phoneNumberVerified)
   779  	}
   780  	return false
   781  }
   782  
   783  func (t *stdToken) Picture() string {
   784  	t.mu.RLock()
   785  	defer t.mu.RUnlock()
   786  	if t.picture != nil {
   787  		return *(t.picture)
   788  	}
   789  	return ""
   790  }
   791  
   792  func (t *stdToken) PreferredUsername() string {
   793  	t.mu.RLock()
   794  	defer t.mu.RUnlock()
   795  	if t.preferredUsername != nil {
   796  		return *(t.preferredUsername)
   797  	}
   798  	return ""
   799  }
   800  
   801  func (t *stdToken) Profile() string {
   802  	t.mu.RLock()
   803  	defer t.mu.RUnlock()
   804  	if t.profile != nil {
   805  		return *(t.profile)
   806  	}
   807  	return ""
   808  }
   809  
   810  func (t *stdToken) Subject() string {
   811  	t.mu.RLock()
   812  	defer t.mu.RUnlock()
   813  	if t.subject != nil {
   814  		return *(t.subject)
   815  	}
   816  	return ""
   817  }
   818  
   819  func (t *stdToken) UpdatedAt() time.Time {
   820  	t.mu.RLock()
   821  	defer t.mu.RUnlock()
   822  	if t.updatedAt != nil {
   823  		return t.updatedAt.Get()
   824  	}
   825  	return time.Time{}
   826  }
   827  
   828  func (t *stdToken) Website() string {
   829  	t.mu.RLock()
   830  	defer t.mu.RUnlock()
   831  	if t.website != nil {
   832  		return *(t.website)
   833  	}
   834  	return ""
   835  }
   836  
   837  func (t *stdToken) Zoneinfo() string {
   838  	t.mu.RLock()
   839  	defer t.mu.RUnlock()
   840  	if t.zoneinfo != nil {
   841  		return *(t.zoneinfo)
   842  	}
   843  	return ""
   844  }
   845  
   846  func (t *stdToken) PrivateClaims() map[string]interface{} {
   847  	t.mu.RLock()
   848  	defer t.mu.RUnlock()
   849  	return t.privateClaims
   850  }
   851  
   852  func (t *stdToken) makePairs() []*ClaimPair {
   853  	t.mu.RLock()
   854  	defer t.mu.RUnlock()
   855  
   856  	pairs := make([]*ClaimPair, 0, 26)
   857  	if t.address != nil {
   858  		v := t.address
   859  		pairs = append(pairs, &ClaimPair{Key: AddressKey, Value: v})
   860  	}
   861  	if t.audience != nil {
   862  		v := t.audience.Get()
   863  		pairs = append(pairs, &ClaimPair{Key: AudienceKey, Value: v})
   864  	}
   865  	if t.birthdate != nil {
   866  		v := t.birthdate
   867  		pairs = append(pairs, &ClaimPair{Key: BirthdateKey, Value: v})
   868  	}
   869  	if t.email != nil {
   870  		v := *(t.email)
   871  		pairs = append(pairs, &ClaimPair{Key: EmailKey, Value: v})
   872  	}
   873  	if t.emailVerified != nil {
   874  		v := *(t.emailVerified)
   875  		pairs = append(pairs, &ClaimPair{Key: EmailVerifiedKey, Value: v})
   876  	}
   877  	if t.expiration != nil {
   878  		v := t.expiration.Get()
   879  		pairs = append(pairs, &ClaimPair{Key: ExpirationKey, Value: v})
   880  	}
   881  	if t.familyName != nil {
   882  		v := *(t.familyName)
   883  		pairs = append(pairs, &ClaimPair{Key: FamilyNameKey, Value: v})
   884  	}
   885  	if t.gender != nil {
   886  		v := *(t.gender)
   887  		pairs = append(pairs, &ClaimPair{Key: GenderKey, Value: v})
   888  	}
   889  	if t.givenName != nil {
   890  		v := *(t.givenName)
   891  		pairs = append(pairs, &ClaimPair{Key: GivenNameKey, Value: v})
   892  	}
   893  	if t.issuedAt != nil {
   894  		v := t.issuedAt.Get()
   895  		pairs = append(pairs, &ClaimPair{Key: IssuedAtKey, Value: v})
   896  	}
   897  	if t.issuer != nil {
   898  		v := *(t.issuer)
   899  		pairs = append(pairs, &ClaimPair{Key: IssuerKey, Value: v})
   900  	}
   901  	if t.jwtID != nil {
   902  		v := *(t.jwtID)
   903  		pairs = append(pairs, &ClaimPair{Key: JwtIDKey, Value: v})
   904  	}
   905  	if t.locale != nil {
   906  		v := *(t.locale)
   907  		pairs = append(pairs, &ClaimPair{Key: LocaleKey, Value: v})
   908  	}
   909  	if t.middleName != nil {
   910  		v := *(t.middleName)
   911  		pairs = append(pairs, &ClaimPair{Key: MiddleNameKey, Value: v})
   912  	}
   913  	if t.name != nil {
   914  		v := *(t.name)
   915  		pairs = append(pairs, &ClaimPair{Key: NameKey, Value: v})
   916  	}
   917  	if t.nickname != nil {
   918  		v := *(t.nickname)
   919  		pairs = append(pairs, &ClaimPair{Key: NicknameKey, Value: v})
   920  	}
   921  	if t.notBefore != nil {
   922  		v := t.notBefore.Get()
   923  		pairs = append(pairs, &ClaimPair{Key: NotBeforeKey, Value: v})
   924  	}
   925  	if t.phoneNumber != nil {
   926  		v := *(t.phoneNumber)
   927  		pairs = append(pairs, &ClaimPair{Key: PhoneNumberKey, Value: v})
   928  	}
   929  	if t.phoneNumberVerified != nil {
   930  		v := *(t.phoneNumberVerified)
   931  		pairs = append(pairs, &ClaimPair{Key: PhoneNumberVerifiedKey, Value: v})
   932  	}
   933  	if t.picture != nil {
   934  		v := *(t.picture)
   935  		pairs = append(pairs, &ClaimPair{Key: PictureKey, Value: v})
   936  	}
   937  	if t.preferredUsername != nil {
   938  		v := *(t.preferredUsername)
   939  		pairs = append(pairs, &ClaimPair{Key: PreferredUsernameKey, Value: v})
   940  	}
   941  	if t.profile != nil {
   942  		v := *(t.profile)
   943  		pairs = append(pairs, &ClaimPair{Key: ProfileKey, Value: v})
   944  	}
   945  	if t.subject != nil {
   946  		v := *(t.subject)
   947  		pairs = append(pairs, &ClaimPair{Key: SubjectKey, Value: v})
   948  	}
   949  	if t.updatedAt != nil {
   950  		v := t.updatedAt.Get()
   951  		pairs = append(pairs, &ClaimPair{Key: UpdatedAtKey, Value: v})
   952  	}
   953  	if t.website != nil {
   954  		v := *(t.website)
   955  		pairs = append(pairs, &ClaimPair{Key: WebsiteKey, Value: v})
   956  	}
   957  	if t.zoneinfo != nil {
   958  		v := *(t.zoneinfo)
   959  		pairs = append(pairs, &ClaimPair{Key: ZoneinfoKey, Value: v})
   960  	}
   961  	for k, v := range t.privateClaims {
   962  		pairs = append(pairs, &ClaimPair{Key: k, Value: v})
   963  	}
   964  	sort.Slice(pairs, func(i, j int) bool {
   965  		return pairs[i].Key.(string) < pairs[j].Key.(string)
   966  	})
   967  	return pairs
   968  }
   969  
   970  func (t *stdToken) UnmarshalJSON(buf []byte) error {
   971  	t.mu.Lock()
   972  	defer t.mu.Unlock()
   973  	t.address = nil
   974  	t.audience = nil
   975  	t.birthdate = nil
   976  	t.email = nil
   977  	t.emailVerified = nil
   978  	t.expiration = nil
   979  	t.familyName = nil
   980  	t.gender = nil
   981  	t.givenName = nil
   982  	t.issuedAt = nil
   983  	t.issuer = nil
   984  	t.jwtID = nil
   985  	t.locale = nil
   986  	t.middleName = nil
   987  	t.name = nil
   988  	t.nickname = nil
   989  	t.notBefore = nil
   990  	t.phoneNumber = nil
   991  	t.phoneNumberVerified = nil
   992  	t.picture = nil
   993  	t.preferredUsername = nil
   994  	t.profile = nil
   995  	t.subject = nil
   996  	t.updatedAt = nil
   997  	t.website = nil
   998  	t.zoneinfo = nil
   999  	dec := json.NewDecoder(bytes.NewReader(buf))
  1000  LOOP:
  1001  	for {
  1002  		tok, err := dec.Token()
  1003  		if err != nil {
  1004  			return errors.Wrap(err, `error reading token`)
  1005  		}
  1006  		switch tok := tok.(type) {
  1007  		case json.Delim:
  1008  			// Assuming we're doing everything correctly, we should ONLY
  1009  			// get either '{' or '}' here.
  1010  			if tok == '}' { // End of object
  1011  				break LOOP
  1012  			} else if tok != '{' {
  1013  				return errors.Errorf(`expected '{', but got '%c'`, tok)
  1014  			}
  1015  		case string: // Objects can only have string keys
  1016  			switch tok {
  1017  			case AddressKey:
  1018  				var decoded AddressClaim
  1019  				if err := dec.Decode(&decoded); err != nil {
  1020  					return errors.Wrapf(err, `failed to decode value for key %s`, AddressKey)
  1021  				}
  1022  				t.address = &decoded
  1023  			case AudienceKey:
  1024  				var decoded types.StringList
  1025  				if err := dec.Decode(&decoded); err != nil {
  1026  					return errors.Wrapf(err, `failed to decode value for key %s`, AudienceKey)
  1027  				}
  1028  				t.audience = decoded
  1029  			case BirthdateKey:
  1030  				var decoded BirthdateClaim
  1031  				if err := dec.Decode(&decoded); err != nil {
  1032  					return errors.Wrapf(err, `failed to decode value for key %s`, BirthdateKey)
  1033  				}
  1034  				t.birthdate = &decoded
  1035  			case EmailKey:
  1036  				if err := json.AssignNextStringToken(&t.email, dec); err != nil {
  1037  					return errors.Wrapf(err, `failed to decode value for key %s`, EmailKey)
  1038  				}
  1039  			case EmailVerifiedKey:
  1040  				var decoded bool
  1041  				if err := dec.Decode(&decoded); err != nil {
  1042  					return errors.Wrapf(err, `failed to decode value for key %s`, EmailVerifiedKey)
  1043  				}
  1044  				t.emailVerified = &decoded
  1045  			case ExpirationKey:
  1046  				var decoded types.NumericDate
  1047  				if err := dec.Decode(&decoded); err != nil {
  1048  					return errors.Wrapf(err, `failed to decode value for key %s`, ExpirationKey)
  1049  				}
  1050  				t.expiration = &decoded
  1051  			case FamilyNameKey:
  1052  				if err := json.AssignNextStringToken(&t.familyName, dec); err != nil {
  1053  					return errors.Wrapf(err, `failed to decode value for key %s`, FamilyNameKey)
  1054  				}
  1055  			case GenderKey:
  1056  				if err := json.AssignNextStringToken(&t.gender, dec); err != nil {
  1057  					return errors.Wrapf(err, `failed to decode value for key %s`, GenderKey)
  1058  				}
  1059  			case GivenNameKey:
  1060  				if err := json.AssignNextStringToken(&t.givenName, dec); err != nil {
  1061  					return errors.Wrapf(err, `failed to decode value for key %s`, GivenNameKey)
  1062  				}
  1063  			case IssuedAtKey:
  1064  				var decoded types.NumericDate
  1065  				if err := dec.Decode(&decoded); err != nil {
  1066  					return errors.Wrapf(err, `failed to decode value for key %s`, IssuedAtKey)
  1067  				}
  1068  				t.issuedAt = &decoded
  1069  			case IssuerKey:
  1070  				if err := json.AssignNextStringToken(&t.issuer, dec); err != nil {
  1071  					return errors.Wrapf(err, `failed to decode value for key %s`, IssuerKey)
  1072  				}
  1073  			case JwtIDKey:
  1074  				if err := json.AssignNextStringToken(&t.jwtID, dec); err != nil {
  1075  					return errors.Wrapf(err, `failed to decode value for key %s`, JwtIDKey)
  1076  				}
  1077  			case LocaleKey:
  1078  				if err := json.AssignNextStringToken(&t.locale, dec); err != nil {
  1079  					return errors.Wrapf(err, `failed to decode value for key %s`, LocaleKey)
  1080  				}
  1081  			case MiddleNameKey:
  1082  				if err := json.AssignNextStringToken(&t.middleName, dec); err != nil {
  1083  					return errors.Wrapf(err, `failed to decode value for key %s`, MiddleNameKey)
  1084  				}
  1085  			case NameKey:
  1086  				if err := json.AssignNextStringToken(&t.name, dec); err != nil {
  1087  					return errors.Wrapf(err, `failed to decode value for key %s`, NameKey)
  1088  				}
  1089  			case NicknameKey:
  1090  				if err := json.AssignNextStringToken(&t.nickname, dec); err != nil {
  1091  					return errors.Wrapf(err, `failed to decode value for key %s`, NicknameKey)
  1092  				}
  1093  			case NotBeforeKey:
  1094  				var decoded types.NumericDate
  1095  				if err := dec.Decode(&decoded); err != nil {
  1096  					return errors.Wrapf(err, `failed to decode value for key %s`, NotBeforeKey)
  1097  				}
  1098  				t.notBefore = &decoded
  1099  			case PhoneNumberKey:
  1100  				if err := json.AssignNextStringToken(&t.phoneNumber, dec); err != nil {
  1101  					return errors.Wrapf(err, `failed to decode value for key %s`, PhoneNumberKey)
  1102  				}
  1103  			case PhoneNumberVerifiedKey:
  1104  				var decoded bool
  1105  				if err := dec.Decode(&decoded); err != nil {
  1106  					return errors.Wrapf(err, `failed to decode value for key %s`, PhoneNumberVerifiedKey)
  1107  				}
  1108  				t.phoneNumberVerified = &decoded
  1109  			case PictureKey:
  1110  				if err := json.AssignNextStringToken(&t.picture, dec); err != nil {
  1111  					return errors.Wrapf(err, `failed to decode value for key %s`, PictureKey)
  1112  				}
  1113  			case PreferredUsernameKey:
  1114  				if err := json.AssignNextStringToken(&t.preferredUsername, dec); err != nil {
  1115  					return errors.Wrapf(err, `failed to decode value for key %s`, PreferredUsernameKey)
  1116  				}
  1117  			case ProfileKey:
  1118  				if err := json.AssignNextStringToken(&t.profile, dec); err != nil {
  1119  					return errors.Wrapf(err, `failed to decode value for key %s`, ProfileKey)
  1120  				}
  1121  			case SubjectKey:
  1122  				if err := json.AssignNextStringToken(&t.subject, dec); err != nil {
  1123  					return errors.Wrapf(err, `failed to decode value for key %s`, SubjectKey)
  1124  				}
  1125  			case UpdatedAtKey:
  1126  				var decoded types.NumericDate
  1127  				if err := dec.Decode(&decoded); err != nil {
  1128  					return errors.Wrapf(err, `failed to decode value for key %s`, UpdatedAtKey)
  1129  				}
  1130  				t.updatedAt = &decoded
  1131  			case WebsiteKey:
  1132  				if err := json.AssignNextStringToken(&t.website, dec); err != nil {
  1133  					return errors.Wrapf(err, `failed to decode value for key %s`, WebsiteKey)
  1134  				}
  1135  			case ZoneinfoKey:
  1136  				if err := json.AssignNextStringToken(&t.zoneinfo, dec); err != nil {
  1137  					return errors.Wrapf(err, `failed to decode value for key %s`, ZoneinfoKey)
  1138  				}
  1139  			default:
  1140  				if dc := t.dc; dc != nil {
  1141  					if localReg := dc.Registry(); localReg != nil {
  1142  						decoded, err := localReg.Decode(dec, tok)
  1143  						if err == nil {
  1144  							t.setNoLock(tok, decoded)
  1145  							continue
  1146  						}
  1147  					}
  1148  				}
  1149  				decoded, err := registry.Decode(dec, tok)
  1150  				if err == nil {
  1151  					t.setNoLock(tok, decoded)
  1152  					continue
  1153  				}
  1154  				return errors.Wrapf(err, `could not decode field %s`, tok)
  1155  			}
  1156  		default:
  1157  			return errors.Errorf(`invalid token %T`, tok)
  1158  		}
  1159  	}
  1160  	return nil
  1161  }
  1162  
  1163  func (t stdToken) MarshalJSON() ([]byte, error) {
  1164  	t.mu.RLock()
  1165  	defer t.mu.RUnlock()
  1166  	buf := pool.GetBytesBuffer()
  1167  	defer pool.ReleaseBytesBuffer(buf)
  1168  	buf.WriteByte('{')
  1169  	enc := json.NewEncoder(buf)
  1170  	for i, pair := range t.makePairs() {
  1171  		f := pair.Key.(string)
  1172  		if i > 0 {
  1173  			buf.WriteByte(',')
  1174  		}
  1175  		buf.WriteRune('"')
  1176  		buf.WriteString(f)
  1177  		buf.WriteString(`":`)
  1178  		switch f {
  1179  		case AudienceKey:
  1180  			if err := json.EncodeAudience(enc, pair.Value.([]string)); err != nil {
  1181  				return nil, errors.Wrap(err, `failed to encode "aud"`)
  1182  			}
  1183  			continue
  1184  		case ExpirationKey, IssuedAtKey, NotBeforeKey, UpdatedAtKey:
  1185  			enc.Encode(pair.Value.(time.Time).Unix())
  1186  			continue
  1187  		}
  1188  		switch v := pair.Value.(type) {
  1189  		case []byte:
  1190  			buf.WriteRune('"')
  1191  			buf.WriteString(base64.EncodeToString(v))
  1192  			buf.WriteRune('"')
  1193  		default:
  1194  			if err := enc.Encode(v); err != nil {
  1195  				return nil, errors.Wrapf(err, `failed to marshal field %s`, f)
  1196  			}
  1197  			buf.Truncate(buf.Len() - 1)
  1198  		}
  1199  	}
  1200  	buf.WriteByte('}')
  1201  	ret := make([]byte, buf.Len())
  1202  	copy(ret, buf.Bytes())
  1203  	return ret, nil
  1204  }
  1205  
  1206  func (t *stdToken) Iterate(ctx context.Context) Iterator {
  1207  	pairs := t.makePairs()
  1208  	ch := make(chan *ClaimPair, len(pairs))
  1209  	go func(ctx context.Context, ch chan *ClaimPair, pairs []*ClaimPair) {
  1210  		defer close(ch)
  1211  		for _, pair := range pairs {
  1212  			select {
  1213  			case <-ctx.Done():
  1214  				return
  1215  			case ch <- pair:
  1216  			}
  1217  		}
  1218  	}(ctx, ch, pairs)
  1219  	return mapiter.New(ch)
  1220  }
  1221  
  1222  func (t *stdToken) Walk(ctx context.Context, visitor Visitor) error {
  1223  	return iter.WalkMap(ctx, t, visitor)
  1224  }
  1225  
  1226  func (t *stdToken) AsMap(ctx context.Context) (map[string]interface{}, error) {
  1227  	return iter.AsMap(ctx, t)
  1228  }
  1229
View as plain text