211 lines
8.1 KiB
YAML
211 lines
8.1 KiB
YAML
package_name: jwt
|
|
output: jwt/options_gen.go
|
|
interfaces:
|
|
- name: GlobalOption
|
|
comment: |
|
|
GlobalOption describes an Option that can be passed to `Settings()`.
|
|
- name: EncryptOption
|
|
comment: |
|
|
EncryptOption describes an Option that can be passed to (jwt.Serializer).Encrypt
|
|
- name: ParseOption
|
|
methods:
|
|
- parseOption
|
|
- readFileOption
|
|
comment: |
|
|
ParseOption describes an Option that can be passed to `jwt.Parse()`.
|
|
ParseOption also implements ReadFileOption, therefore it may be
|
|
safely pass them to `jwt.ReadFile()`
|
|
- name: SignOption
|
|
comment: |
|
|
SignOption describes an Option that can be passed to `jwt.Sign()` or
|
|
(jwt.Serializer).Sign
|
|
- name: SignEncryptParseOption
|
|
methods:
|
|
- parseOption
|
|
- encryptOption
|
|
- readFileOption
|
|
- signOption
|
|
comment: |
|
|
SignParseOption describes an Option that can be passed to both `jwt.Sign()` or
|
|
`jwt.Parse()`
|
|
- name: ValidateOption
|
|
methods:
|
|
- parseOption
|
|
- readFileOption
|
|
- validateOption
|
|
comment: |
|
|
ValidateOption describes an Option that can be passed to Validate().
|
|
ValidateOption also implements ParseOption, therefore it may be
|
|
safely passed to `Parse()` (and thus `jwt.ReadFile()`)
|
|
- name: ReadFileOption
|
|
comment: |
|
|
ReadFileOption is a type of `Option` that can be passed to `jws.ReadFile`
|
|
options:
|
|
- ident: AcceptableSkew
|
|
interface: ValidateOption
|
|
argument_type: time.Duration
|
|
comment: |
|
|
WithAcceptableSkew specifies the duration in which exp and nbf
|
|
claims may differ by. This value should be positive
|
|
- ident: Truncation
|
|
interface: ValidateOption
|
|
argument_type: time.Duration
|
|
comment: |
|
|
WithTruncation speficies the amount that should be used when
|
|
truncating time values used during time-based validation routines.
|
|
By default time values are truncated down to second accuracy.
|
|
If you want to use sub-second accuracy, you will need to set
|
|
this value to 0.
|
|
- ident: Clock
|
|
interface: ValidateOption
|
|
argument_type: Clock
|
|
comment: |
|
|
WithClock specifies the `Clock` to be used when verifying
|
|
exp and nbf claims.
|
|
- ident: Context
|
|
interface: ValidateOption
|
|
argument_type: context.Context
|
|
comment: |
|
|
WithContext allows you to specify a context.Context object to be used
|
|
with `jwt.Validate()` option.
|
|
|
|
Please be aware that in the next major release of this library,
|
|
`jwt.Validate()`'s signature will change to include an explicit
|
|
`context.Context` object.
|
|
- ident: FlattenAudience
|
|
interface: GlobalOption
|
|
argument_type: bool
|
|
comment: |
|
|
WithFlattenAudience specifies if the "aud" claim should be flattened
|
|
to a single string upon the token being serialized to JSON.
|
|
|
|
This is sometimes important when a JWT consumer does not understand that
|
|
the "aud" claim can actually take the form of an array of strings.
|
|
|
|
The default value is `false`, which means that "aud" claims are always
|
|
rendered as a arrays of strings. This setting has a global effect,
|
|
and will change the behavior for all JWT serialization.
|
|
- ident: FormKey
|
|
interface: ParseOption
|
|
argument_type: string
|
|
comment: |
|
|
WithFormKey is used to specify header keys to search for tokens.
|
|
|
|
While the type system allows this option to be passed to jwt.Parse() directly,
|
|
doing so will have no effect. Only use it for HTTP request parsing functions
|
|
- ident: HeaderKey
|
|
interface: ParseOption
|
|
argument_type: string
|
|
comment: |
|
|
WithHeaderKey is used to specify header keys to search for tokens.
|
|
|
|
While the type system allows this option to be passed to `jwt.Parse()` directly,
|
|
doing so will have no effect. Only use it for HTTP request parsing functions
|
|
- ident: Token
|
|
interface: ParseOption
|
|
argument_type: Token
|
|
comment: |
|
|
WithToken specifies the token instance where the result JWT is stored
|
|
when parsing JWT tokensthat is used when parsing
|
|
- ident: Validate
|
|
interface: ParseOption
|
|
argument_type: bool
|
|
comment: |
|
|
WithValidate is passed to `Parse()` method to denote that the
|
|
validation of the JWT token should be performed (or not) after
|
|
a successful parsing of the incoming payload.
|
|
|
|
This option is enabled by default.
|
|
|
|
If you would like disable validation,
|
|
you must use `jwt.WithValidate(false)` or use `jwt.ParseInsecure()`
|
|
- ident: Verify
|
|
interface: ParseOption
|
|
argument_type: bool
|
|
comment: |
|
|
WithVerify is passed to `Parse()` method to denote that the
|
|
signature verification should be performed after a successful
|
|
deserialization of the incoming payload.
|
|
|
|
This option is enabled by default.
|
|
|
|
If you do not provide any verification key sources, `jwt.Parse()`
|
|
would return an error.
|
|
|
|
If you would like to only parse the JWT payload and not verify it,
|
|
you must use `jwt.WithVerify(false)` or use `jwt.ParseInsecure()`
|
|
- ident: KeyProvider
|
|
interface: ParseOption
|
|
argument_type: jws.KeyProvider
|
|
comment: |
|
|
WithKeyProvider allows users to specify an object to provide keys to
|
|
sign/verify tokens using arbitrary code. Please read the documentation
|
|
for `jws.KeyProvider` in the `jws` package for details on how this works.
|
|
- ident: Pedantic
|
|
interface: ParseOption
|
|
argument_type: bool
|
|
comment: |
|
|
WithPedantic enables pedantic mode for parsing JWTs. Currently this only
|
|
applies to checking for the correct `typ` and/or `cty` when necessary.
|
|
- ident: EncryptOption
|
|
interface: EncryptOption
|
|
argument_type: jwe.EncryptOption
|
|
comment: |
|
|
WithEncryptOption provides an escape hatch for cases where extra options to
|
|
`(jws.Serializer).Encrypt()` must be specified when usng `jwt.Sign()`. Normally you do not
|
|
need to use this.
|
|
- ident: SignOption
|
|
interface: SignOption
|
|
argument_type: jws.SignOption
|
|
comment: |
|
|
WithSignOption provides an escape hatch for cases where extra options to
|
|
`jws.Sign()` must be specified when usng `jwt.Sign()`. Normally you do not
|
|
need to use this.
|
|
- ident: Validator
|
|
interface: ValidateOption
|
|
argument_type: Validator
|
|
comment: |
|
|
WithValidator validates the token with the given Validator.
|
|
|
|
For example, in order to validate tokens that are only valid during August, you would write
|
|
|
|
validator := jwt.ValidatorFunc(func(_ context.Context, t jwt.Token) error {
|
|
if time.Now().Month() != 8 {
|
|
return fmt.Errorf(`tokens are only valid during August!`)
|
|
}
|
|
return nil
|
|
})
|
|
err := jwt.Validate(token, jwt.WithValidator(validator))
|
|
- ident: FS
|
|
interface: ReadFileOption
|
|
argument_type: fs.FS
|
|
comment: |
|
|
WithFS specifies the source `fs.FS` object to read the file from.
|
|
- ident: NumericDateParsePrecision
|
|
interface: GlobalOption
|
|
argument_type: int
|
|
comment: |
|
|
WithNumericDateParsePrecision sets the precision up to which the
|
|
library uses to parse fractional dates found in the numeric date
|
|
fields. Default is 0 (second, no fractionals), max is 9 (nanosecond)
|
|
- ident: NumericDateFormatPrecision
|
|
interface: GlobalOption
|
|
argument_type: int
|
|
comment: |
|
|
WithNumericDateFormatPrecision sets the precision up to which the
|
|
library uses to format fractional dates found in the numeric date
|
|
fields. Default is 0 (second, no fractionals), max is 9 (nanosecond)
|
|
- ident: NumericDateParsePedantic
|
|
interface: GlobalOption
|
|
argument_type: bool
|
|
comment: |
|
|
WithNumericDateParsePedantic specifies if the parser should behave
|
|
in a pedantic manner when parsing numeric dates. Normally this library
|
|
attempts to interpret timestamps as a numeric value representing
|
|
number of seconds (with an optional fractional part), but if that fails
|
|
it tries to parse using a RFC3339 parser. This allows us to parse
|
|
payloads from non-comforming servers.
|
|
|
|
However, when you set WithNumericDateParePedantic to `true`, the
|
|
RFC3339 parser is not tried, and we expect a numeric value strictly
|