dotenv, parsing fix email, moved dump tracnsport to new file gz, removed unwanted var jwt, added in HS256 sign/parse
ptr, ref and deref funcs response, use fmt.Fprint(f) validate, few new funcs
This commit is contained in:
51
jwt/jwt.go
51
jwt/jwt.go
@@ -8,6 +8,7 @@ package jwt
|
||||
import (
|
||||
"crypto/ed25519"
|
||||
"errors"
|
||||
"fmt"
|
||||
"log"
|
||||
"maps"
|
||||
"time"
|
||||
@@ -15,7 +16,18 @@ import (
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
)
|
||||
|
||||
// Sign using EdDSA
|
||||
func Sign(key ed25519.PrivateKey, claims map[string]any, issuer string, d time.Duration) (string, error) {
|
||||
return SignEdDSA(key, claims, issuer, d)
|
||||
}
|
||||
|
||||
func Parse(key ed25519.PrivateKey, tokenString string, issuer string) (jwt.MapClaims, error) {
|
||||
return ParseEdDSA(key, tokenString, issuer)
|
||||
}
|
||||
|
||||
// SignEdDSA (Edwards-curve Digital Signature Algorithm, typically Ed25519) is an excellent,
|
||||
// modern choice for JWT signing—arguably safer and more efficient than both HS256 and traditional RSA/ECDSA.
|
||||
func SignEdDSA(key ed25519.PrivateKey, claims map[string]any, issuer string, d time.Duration) (string, error) {
|
||||
cl := jwt.MapClaims{
|
||||
"iss": issuer,
|
||||
"iat": jwt.NewNumericDate(time.Now().UTC()),
|
||||
@@ -27,7 +39,7 @@ func Sign(key ed25519.PrivateKey, claims map[string]any, issuer string, d time.D
|
||||
return t.SignedString(key)
|
||||
}
|
||||
|
||||
func Parse(key ed25519.PrivateKey, tokenString string, issuer string) (jwt.MapClaims, error) {
|
||||
func ParseEdDSA(key ed25519.PrivateKey, tokenString string, issuer string) (jwt.MapClaims, error) {
|
||||
token, err := jwt.Parse(
|
||||
tokenString,
|
||||
func(token *jwt.Token) (any, error) {
|
||||
@@ -48,3 +60,40 @@ func Parse(key ed25519.PrivateKey, tokenString string, issuer string) (jwt.MapCl
|
||||
return nil, errors.New("no claims found")
|
||||
}
|
||||
}
|
||||
|
||||
func SignHS256(secret []byte, claims map[string]any, issuer string, d time.Duration) (string, error) {
|
||||
cl := jwt.MapClaims{
|
||||
"iss": issuer,
|
||||
"iat": jwt.NewNumericDate(time.Now().UTC()),
|
||||
"exp": jwt.NewNumericDate(time.Now().Add(d)),
|
||||
}
|
||||
maps.Copy(cl, claims)
|
||||
|
||||
t := jwt.NewWithClaims(jwt.SigningMethodHS256, cl)
|
||||
return t.SignedString(secret)
|
||||
}
|
||||
|
||||
func ParseHS256(secret []byte, tokenString string, issuer string) (jwt.MapClaims, error) {
|
||||
token, err := jwt.Parse(
|
||||
tokenString,
|
||||
func(token *jwt.Token) (any, error) {
|
||||
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
|
||||
return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
|
||||
}
|
||||
return secret, nil
|
||||
},
|
||||
jwt.WithValidMethods([]string{jwt.SigningMethodHS256.Alg()}),
|
||||
jwt.WithIssuer(issuer),
|
||||
jwt.WithIssuedAt(),
|
||||
jwt.WithExpirationRequired(),
|
||||
)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
if claims, ok := token.Claims.(jwt.MapClaims); ok {
|
||||
return claims, nil
|
||||
} else {
|
||||
return nil, errors.New("no claims found")
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user