summaryrefslogtreecommitdiff
path: root/vendor/gopkg.in/square/go-jose.v2/jwt/jwt.go
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/gopkg.in/square/go-jose.v2/jwt/jwt.go')
-rw-r--r--vendor/gopkg.in/square/go-jose.v2/jwt/jwt.go113
1 files changed, 113 insertions, 0 deletions
diff --git a/vendor/gopkg.in/square/go-jose.v2/jwt/jwt.go b/vendor/gopkg.in/square/go-jose.v2/jwt/jwt.go
new file mode 100644
index 000000000..2155b2d27
--- /dev/null
+++ b/vendor/gopkg.in/square/go-jose.v2/jwt/jwt.go
@@ -0,0 +1,113 @@
+/*-
+ * Copyright 2016 Zbigniew Mandziejewicz
+ * Copyright 2016 Square, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package jwt
+
+import (
+ "gopkg.in/square/go-jose.v2"
+ "gopkg.in/square/go-jose.v2/json"
+ "strings"
+)
+
+// JSONWebToken represents a JSON Web Token (as specified in RFC7519).
+type JSONWebToken struct {
+ payload func(k interface{}) ([]byte, error)
+ Headers []jose.Header
+}
+
+type NestedJSONWebToken struct {
+ enc *jose.JSONWebEncryption
+ Headers []jose.Header
+}
+
+// Claims deserializes a JSONWebToken into dest using the provided key.
+func (t *JSONWebToken) Claims(key interface{}, dest ...interface{}) error {
+ b, err := t.payload(key)
+ if err != nil {
+ return err
+ }
+
+ for _, d := range dest {
+ if err := json.Unmarshal(b, d); err != nil {
+ return err
+ }
+ }
+
+ return nil
+}
+
+func (t *NestedJSONWebToken) Decrypt(decryptionKey interface{}) (*JSONWebToken, error) {
+ b, err := t.enc.Decrypt(decryptionKey)
+ if err != nil {
+ return nil, err
+ }
+
+ sig, err := ParseSigned(string(b))
+ if err != nil {
+ return nil, err
+ }
+
+ return sig, nil
+}
+
+// ParseSigned parses token from JWS form.
+func ParseSigned(s string) (*JSONWebToken, error) {
+ sig, err := jose.ParseSigned(s)
+ if err != nil {
+ return nil, err
+ }
+ headers := make([]jose.Header, len(sig.Signatures))
+ for i, signature := range sig.Signatures {
+ headers[i] = signature.Header
+ }
+
+ return &JSONWebToken{
+ payload: sig.Verify,
+ Headers: headers,
+ }, nil
+}
+
+// ParseEncrypted parses token from JWE form.
+func ParseEncrypted(s string) (*JSONWebToken, error) {
+ enc, err := jose.ParseEncrypted(s)
+ if err != nil {
+ return nil, err
+ }
+
+ return &JSONWebToken{
+ payload: enc.Decrypt,
+ Headers: []jose.Header{enc.Header},
+ }, nil
+}
+
+// ParseSignedAndEncrypted parses signed-then-encrypted token from JWE form.
+func ParseSignedAndEncrypted(s string) (*NestedJSONWebToken, error) {
+ enc, err := jose.ParseEncrypted(s)
+ if err != nil {
+ return nil, err
+ }
+
+ contentType, _ := enc.Header.ExtraHeaders[jose.HeaderContentType].(string)
+ if strings.ToUpper(contentType) != "JWT" {
+ return nil, ErrInvalidContentType
+ }
+
+ return &NestedJSONWebToken{
+ enc: enc,
+ Headers: []jose.Header{enc.Header},
+ }, nil
+}
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-01-15 17:49:24 +0000