jwt

package

v0.24.0 Latest Latest Go to latest Published: Nov 1, 2024 License: BSD-3-Clause Imports: 12 Imported by: 2,409

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

cs.opensource.google/go/x/oauth2

Links

Documentation ¶

Overview ¶

Package jwt implements the OAuth 2.0 JSON Web Token flow, commonly known as "two-legged OAuth 2.0".

See: https://tools.ietf.org/html/draft-ietf-oauth-jwt-bearer-12

Index ¶

Examples ¶

Config

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	// Email is the OAuth client identifier used when communicating with
	// the configured OAuth provider.
	Email string

	// PrivateKey contains the contents of an RSA private key or the
	// contents of a PEM file that contains a private key. The provided
	// private key is used to sign JWT payloads.
	// PEM containers with a passphrase are not supported.
	// Use the following command to convert a PKCS 12 file into a PEM.
	//
	//    $ openssl pkcs12 -in key.p12 -out key.pem -nodes
	//
	PrivateKey []byte

	// PrivateKeyID contains an optional hint indicating which key is being
	// used.
	PrivateKeyID string

	// Subject is the optional user to impersonate.
	Subject string

	// Scopes optionally specifies a list of requested permission scopes.
	Scopes []string

	// TokenURL is the endpoint required to complete the 2-legged JWT flow.
	TokenURL string

	// Expires optionally specifies how long the token is valid for.
	Expires time.Duration

	// Audience optionally specifies the intended audience of the
	// request.  If empty, the value of TokenURL is used as the
	// intended audience.
	Audience string

	// PrivateClaims optionally specifies custom private claims in the JWT.
	// See http://tools.ietf.org/html/draft-jones-json-web-token-10#section-4.3
	PrivateClaims map[string]interface{}

	// UseIDToken optionally specifies whether ID token should be used instead
	// of access token when the server returns both.
	UseIDToken bool
}

Config is the configuration for using JWT to fetch tokens, commonly known as "two-legged OAuth 2.0".

Example ¶

package main

import (
	"context"

	"golang.org/x/oauth2/jwt"
)

func main() {
	ctx := context.Background()
	conf := &jwt.Config{
		Email: "[email protected]",
		// The contents of your RSA private key or your PEM file
		// that contains a private key.
		// If you have a p12 file instead, you
		// can use `openssl` to export the private key into a pem file.
		//
		//    $ openssl pkcs12 -in key.p12 -out key.pem -nodes
		//
		// It only supports PEM containers with no passphrase.
		PrivateKey: []byte("-----BEGIN RSA PRIVATE KEY-----..."),
		Subject:    "[email protected]",
		TokenURL:   "https://provider.com/o/oauth2/token",
	}
	// Initiate an http.Client, the following GET request will be
	// authorized and authenticated on the behalf of [email protected].
	client := conf.Client(ctx)
	client.Get("...")
}

Output:

func (*Config) Client ¶

func (c *Config) Client(ctx context.Context) *http.Client

Client returns an HTTP client wrapping the context's HTTP transport and adding Authorization headers with tokens obtained from c.

The returned client and its Transport should not be modified.

func (*Config) TokenSource ¶

func (c *Config) TokenSource(ctx context.Context) oauth2.TokenSource

TokenSource returns a JWT TokenSource using the configuration in c and the HTTP client from the provided context.

Source Files ¶

View all Source files

jwt.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL