golazy.dev golazy.dev / lazyjwt Index | Files

package lazyjwt

import "golazy.dev/lazyjwt"

Package lazyjwt signs and validates JSON Web Tokens for GoLazy packages.

The package intentionally stays below OAuth, MCP, and application account systems. It owns token encoding, signature verification, registered claim validation, extra claim accessors, and request-context helpers for packages that receive an already validated token.

Variables

var ErrMalformedToken, ErrUnsupportedAlg, ErrInvalidSignature, ErrExpiredToken, ErrTokenNotYetValid, ErrInvalidIssuer, ErrInvalidAudience, ErrInvalidClient

var (
	ErrMalformedToken	= errors.New("lazyjwt: malformed token")
	ErrUnsupportedAlg	= errors.New("lazyjwt: unsupported signing algorithm")
	ErrInvalidSignature	= errors.New("lazyjwt: invalid signature")
	ErrExpiredToken		= errors.New("lazyjwt: token is expired")
	ErrTokenNotYetValid	= errors.New("lazyjwt: token is not yet valid")
	ErrInvalidIssuer	= errors.New("lazyjwt: invalid issuer")
	ErrInvalidAudience	= errors.New("lazyjwt: invalid audience")
	ErrInvalidClient	= errors.New("lazyjwt: invalid client")
)

Functions

func WithClaims

WithClaims stores validated claims in ctx.

func WithClaims(ctx context.Context, claims Claims) context.Context

Types

type Claims

Claims contains the registered JWT claims GoLazy packages need plus an Extra map for application or protocol-specific values such as "mcps".

type Claims struct {
	Issuer		string
	Subject		string
	Audience	[]string
	ExpiresAt	time.Time
	NotBefore	time.Time
	IssuedAt	time.Time
	ID		string
	Scope		[]string
	ClientID	string
	ClientDomain	string
	Extra		map[string]any
}
func ClaimsFromContext

ClaimsFromContext returns validated claims stored in ctx.

func ClaimsFromContext(ctx context.Context) (Claims, bool)
func Verify

Verify validates token and returns its claims.

func Verify(token string, config ValidatorConfig) (Claims, error)
func (claims Claims) HasScope

HasScope reports whether claims include scope.

func (claims Claims) HasScope(scope string) bool
func (claims Claims) StringSlice

StringSlice returns an extra claim as a string slice.

func (claims Claims) StringSlice(name string) []string