Google Git
Sign in
fuchsia / third_party / tink / 77ea5026740aaedda87a23e0254bd8a1639674b4 / . / go / jwt / verified_jwt.go
blob: 937ad10d48219abe159d1a00442c8a6a905139e1 [file] [log] [blame]
// Copyright 2022 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
////////////////////////////////////////////////////////////////////////////////
package jwt
import (
"fmt"
"time"
)
// VerifiedJWT is a verified JWT token.
type VerifiedJWT struct {
token *RawJWT
}
// newVerifiedJWT generates a new VerifiedJWT
func newVerifiedJWT(rawJWT *RawJWT) (*VerifiedJWT, error) {
if rawJWT == nil {
return nil, fmt.Errorf("rawJWT can't be nil")
}
return &VerifiedJWT{
token: rawJWT,
}, nil
}
// JSONPayload marshals a VerifiedJWT payload to JSON.
func (v *VerifiedJWT) JSONPayload() ([]byte, error) {
return v.token.JSONPayload()
}
// HasTypeHeader return whether a RawJWT contains a type header.
func (v *VerifiedJWT) HasTypeHeader() bool {
return v.token.HasTypeHeader()
}
// TypeHeader returns the JWT type header.
func (v *VerifiedJWT) TypeHeader() (string, error) {
return v.token.TypeHeader()
}
// HasAudiences checks whether a JWT contains the audience claim ('aud').
func (v *VerifiedJWT) HasAudiences() bool {
return v.token.HasAudiences()
}
// Audiences returns a list of audiences from the 'aud' claim.
// If the 'aud' claim is a single string, it is converted into a list with a single entry.
func (v *VerifiedJWT) Audiences() ([]string, error) {
return v.token.Audiences()
}
// HasSubject checks whether a JWT contains an issuer claim ('sub').
func (v *VerifiedJWT) HasSubject() bool {
return v.token.HasSubject()
}
// Subject returns the subject claim ('sub') or an error if no claim is present.
func (v *VerifiedJWT) Subject() (string, error) {
return v.token.Subject()
}
// HasIssuer checks whether a JWT contains an issuer claim ('iss').
func (v *VerifiedJWT) HasIssuer() bool {
return v.token.HasIssuer()
}
// Issuer returns the issuer claim ('iss') or an error if no claim is present.
func (v *VerifiedJWT) Issuer() (string, error) {
return v.token.Issuer()
}
// HasJWTID checks whether a JWT contains an JWT ID claim ('jti').
func (v *VerifiedJWT) HasJWTID() bool {
return v.token.HasJWTID()
}
// JWTID returns the JWT ID claim ('jti') or an error if no claim is present.
func (v *VerifiedJWT) JWTID() (string, error) {
return v.token.JWTID()
}
// HasIssuedAt checks whether a JWT contains an issued at claim ('iat').
func (v *VerifiedJWT) HasIssuedAt() bool {
return v.token.HasIssuedAt()
}
// IssuedAt returns the issued at claim ('iat') or an error if no claim is present.
func (v *VerifiedJWT) IssuedAt() (time.Time, error) {
return v.token.IssuedAt()
}
// HasExpiration checks whether a JWT contains an expiration time claim ('exp').
func (v *VerifiedJWT) HasExpiration() bool {
return v.token.HasExpiration()
}
// ExpiresAt returns the expiration claim ('exp') or an error if no claim is present.
func (v *VerifiedJWT) ExpiresAt() (time.Time, error) {
return v.token.ExpiresAt()
}
// HasNotBefore checks whether a JWT contains a not before claim ('nbf').
func (v *VerifiedJWT) HasNotBefore() bool {
return v.token.HasNotBefore()
}
// NotBefore returns the not before claim ('nbf') or an error if no claim is present.
func (v *VerifiedJWT) NotBefore() (time.Time, error) {
return v.token.NotBefore()
}
// HasStringClaim checks whether a claim of type string is present.
func (v *VerifiedJWT) HasStringClaim(name string) bool {
return v.token.HasStringClaim(name)
}
// StringClaim returns a custom string claim or an error if no claim is present.
func (v *VerifiedJWT) StringClaim(name string) (string, error) {
return v.token.StringClaim(name)
}
// HasNumberClaim checks whether a claim of type number is present.
func (v *VerifiedJWT) HasNumberClaim(name string) bool {
return v.token.HasNumberClaim(name)
}
// NumberClaim returns a custom number claim or an error if no claim is present.
func (v *VerifiedJWT) NumberClaim(name string) (float64, error) {
return v.token.NumberClaim(name)
}
// HasBooleanClaim checks whether a claim of type boolean is present.
func (v *VerifiedJWT) HasBooleanClaim(name string) bool {
return v.token.HasBooleanClaim(name)
}
// BooleanClaim returns a custom bool claim or an error if no claim is present.
func (v *VerifiedJWT) BooleanClaim(name string) (bool, error) {
return v.token.BooleanClaim(name)
}
// HasNullClaim checks whether a claim of type null is present.
func (v *VerifiedJWT) HasNullClaim(name string) bool {
return v.token.HasNullClaim(name)
}
// HasArrayClaim checks whether a claim of type list is present.
func (v *VerifiedJWT) HasArrayClaim(name string) bool {
return v.token.HasArrayClaim(name)
}
// ArrayClaim returns a slice representing a JSON array for a claim or an error if the claim is empty.
func (v *VerifiedJWT) ArrayClaim(name string) ([]interface{}, error) {
return v.token.ArrayClaim(name)
}
// HasObjectClaim checks whether a claim of type JSON object is present.
func (v *VerifiedJWT) HasObjectClaim(name string) bool {
return v.token.HasObjectClaim(name)
}
// ObjectClaim returns a map representing a JSON object for a claim or an error if the claim is empty.
func (v *VerifiedJWT) ObjectClaim(name string) (map[string]interface{}, error) {
return v.token.ObjectClaim(name)
}
// CustomClaimNames returns a list with the name of custom claims in a VerifiedJWT.
func (v *VerifiedJWT) CustomClaimNames() []string {
return v.token.CustomClaimNames()
}