golazy.dev
–
golazy.dev
/
lazyjwt
Index
|
Files
package lazyjwt ¶
import "golazy.dev/lazyjwt"
Variables ¶
var ErrMalformedToken, ErrUnsupportedAlg, ErrInvalidSignature, ErrExpiredToken, ErrTokenNotYetValid, ErrInvalidIssuer, ErrInvalidAudience, ErrInvalidClient ¶
var (
ErrMalformedToken = errors.New("lazyjwt: malformed token")
ErrUnsupportedAlg = errors.New("lazyjwt: unsupported signing algorithm")
ErrInvalidSignature = errors.New("lazyjwt: invalid signature")
ErrExpiredToken = errors.New("lazyjwt: token is expired")
ErrTokenNotYetValid = errors.New("lazyjwt: token is not yet valid")
ErrInvalidIssuer = errors.New("lazyjwt: invalid issuer")
ErrInvalidAudience = errors.New("lazyjwt: invalid audience")
ErrInvalidClient = errors.New("lazyjwt: invalid client")
)
Functions ¶
func WithClaims ¶
WithClaims stores validated claims in ctx.
func WithClaims(ctx context.Context, claims Claims) context.Context
Types ¶
type Claims ¶
Claims contains the registered JWT claims GoLazy packages need plus an Extra map for application or protocol-specific values such as "mcps".
type Claims struct {
Issuer string
Subject string
Audience []string
ExpiresAt time.Time
NotBefore time.Time
IssuedAt time.Time
ID string
Scope []string
ClientID string
ClientDomain string
Extra map[string]any
}
func ClaimsFromContext ¶
ClaimsFromContext returns validated claims stored in ctx.
func ClaimsFromContext(ctx context.Context) (Claims, bool)
func Verify ¶
Verify validates token and returns its claims.
func Verify(token string, config ValidatorConfig) (Claims, error)
func (claims Claims) HasScope ¶
HasScope reports whether claims include scope.
func (claims Claims) HasScope(scope string) bool
func (claims Claims) StringSlice ¶
StringSlice returns an extra claim as a string slice.
func (claims Claims) StringSlice(name string) []string
type ClientRule ¶
ClientRule constrains tokens for one OAuth client.
type ClientRule struct {
ClientID string
Domain string
}
type Signer ¶
Signer signs JWTs with a symmetric HS256 key.
type Signer struct {
KeyID string
Key []byte
}
func (signer Signer) Sign ¶
Sign signs claims as an HS256 JWT.
func (signer Signer) Sign(claims Claims) (string, error)
type ValidatorConfig ¶
ValidatorConfig configures JWT validation.
type ValidatorConfig struct {
Keys map[string][]byte
Issuer string
Audience []string
ClientRules []ClientRule
Now func() time.Time
}
Package lazyjwt signs and validates JSON Web Tokens for GoLazy packages.
The package intentionally stays below OAuth, MCP, and application account systems. It owns token encoding, signature verification, registered claim validation, extra claim accessors, and request-context helpers for packages that receive an already validated token.