diff options
Diffstat (limited to 'vendor/github.com/golang-jwt/jwt/v5/parser_option.go')
-rw-r--r-- | vendor/github.com/golang-jwt/jwt/v5/parser_option.go | 128 |
1 files changed, 0 insertions, 128 deletions
diff --git a/vendor/github.com/golang-jwt/jwt/v5/parser_option.go b/vendor/github.com/golang-jwt/jwt/v5/parser_option.go deleted file mode 100644 index 88a780f..0000000 --- a/vendor/github.com/golang-jwt/jwt/v5/parser_option.go +++ /dev/null | |||
@@ -1,128 +0,0 @@ | |||
1 | package jwt | ||
2 | |||
3 | import "time" | ||
4 | |||
5 | // ParserOption is used to implement functional-style options that modify the | ||
6 | // behavior of the parser. To add new options, just create a function (ideally | ||
7 | // beginning with With or Without) that returns an anonymous function that takes | ||
8 | // a *Parser type as input and manipulates its configuration accordingly. | ||
9 | type ParserOption func(*Parser) | ||
10 | |||
11 | // WithValidMethods is an option to supply algorithm methods that the parser | ||
12 | // will check. Only those methods will be considered valid. It is heavily | ||
13 | // encouraged to use this option in order to prevent attacks such as | ||
14 | // https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries/. | ||
15 | func WithValidMethods(methods []string) ParserOption { | ||
16 | return func(p *Parser) { | ||
17 | p.validMethods = methods | ||
18 | } | ||
19 | } | ||
20 | |||
21 | // WithJSONNumber is an option to configure the underlying JSON parser with | ||
22 | // UseNumber. | ||
23 | func WithJSONNumber() ParserOption { | ||
24 | return func(p *Parser) { | ||
25 | p.useJSONNumber = true | ||
26 | } | ||
27 | } | ||
28 | |||
29 | // WithoutClaimsValidation is an option to disable claims validation. This | ||
30 | // option should only be used if you exactly know what you are doing. | ||
31 | func WithoutClaimsValidation() ParserOption { | ||
32 | return func(p *Parser) { | ||
33 | p.skipClaimsValidation = true | ||
34 | } | ||
35 | } | ||
36 | |||
37 | // WithLeeway returns the ParserOption for specifying the leeway window. | ||
38 | func WithLeeway(leeway time.Duration) ParserOption { | ||
39 | return func(p *Parser) { | ||
40 | p.validator.leeway = leeway | ||
41 | } | ||
42 | } | ||
43 | |||
44 | // WithTimeFunc returns the ParserOption for specifying the time func. The | ||
45 | // primary use-case for this is testing. If you are looking for a way to account | ||
46 | // for clock-skew, WithLeeway should be used instead. | ||
47 | func WithTimeFunc(f func() time.Time) ParserOption { | ||
48 | return func(p *Parser) { | ||
49 | p.validator.timeFunc = f | ||
50 | } | ||
51 | } | ||
52 | |||
53 | // WithIssuedAt returns the ParserOption to enable verification | ||
54 | // of issued-at. | ||
55 | func WithIssuedAt() ParserOption { | ||
56 | return func(p *Parser) { | ||
57 | p.validator.verifyIat = true | ||
58 | } | ||
59 | } | ||
60 | |||
61 | // WithExpirationRequired returns the ParserOption to make exp claim required. | ||
62 | // By default exp claim is optional. | ||
63 | func WithExpirationRequired() ParserOption { | ||
64 | return func(p *Parser) { | ||
65 | p.validator.requireExp = true | ||
66 | } | ||
67 | } | ||
68 | |||
69 | // WithAudience configures the validator to require the specified audience in | ||
70 | // the `aud` claim. Validation will fail if the audience is not listed in the | ||
71 | // token or the `aud` claim is missing. | ||
72 | // | ||
73 | // NOTE: While the `aud` claim is OPTIONAL in a JWT, the handling of it is | ||
74 | // application-specific. Since this validation API is helping developers in | ||
75 | // writing secure application, we decided to REQUIRE the existence of the claim, | ||
76 | // if an audience is expected. | ||
77 | func WithAudience(aud string) ParserOption { | ||
78 | return func(p *Parser) { | ||
79 | p.validator.expectedAud = aud | ||
80 | } | ||
81 | } | ||
82 | |||
83 | // WithIssuer configures the validator to require the specified issuer in the | ||
84 | // `iss` claim. Validation will fail if a different issuer is specified in the | ||
85 | // token or the `iss` claim is missing. | ||
86 | // | ||
87 | // NOTE: While the `iss` claim is OPTIONAL in a JWT, the handling of it is | ||
88 | // application-specific. Since this validation API is helping developers in | ||
89 | // writing secure application, we decided to REQUIRE the existence of the claim, | ||
90 | // if an issuer is expected. | ||
91 | func WithIssuer(iss string) ParserOption { | ||
92 | return func(p *Parser) { | ||
93 | p.validator.expectedIss = iss | ||
94 | } | ||
95 | } | ||
96 | |||
97 | // WithSubject configures the validator to require the specified subject in the | ||
98 | // `sub` claim. Validation will fail if a different subject is specified in the | ||
99 | // token or the `sub` claim is missing. | ||
100 | // | ||
101 | // NOTE: While the `sub` claim is OPTIONAL in a JWT, the handling of it is | ||
102 | // application-specific. Since this validation API is helping developers in | ||
103 | // writing secure application, we decided to REQUIRE the existence of the claim, | ||
104 | // if a subject is expected. | ||
105 | func WithSubject(sub string) ParserOption { | ||
106 | return func(p *Parser) { | ||
107 | p.validator.expectedSub = sub | ||
108 | } | ||
109 | } | ||
110 | |||
111 | // WithPaddingAllowed will enable the codec used for decoding JWTs to allow | ||
112 | // padding. Note that the JWS RFC7515 states that the tokens will utilize a | ||
113 | // Base64url encoding with no padding. Unfortunately, some implementations of | ||
114 | // JWT are producing non-standard tokens, and thus require support for decoding. | ||
115 | func WithPaddingAllowed() ParserOption { | ||
116 | return func(p *Parser) { | ||
117 | p.decodePaddingAllowed = true | ||
118 | } | ||
119 | } | ||
120 | |||
121 | // WithStrictDecoding will switch the codec used for decoding JWTs into strict | ||
122 | // mode. In this mode, the decoder requires that trailing padding bits are zero, | ||
123 | // as described in RFC 4648 section 3.5. | ||
124 | func WithStrictDecoding() ParserOption { | ||
125 | return func(p *Parser) { | ||
126 | p.decodeStrict = true | ||
127 | } | ||
128 | } | ||