Commit Graph

18 Commits

Author SHA1 Message Date
Jaana Burcu Dogan 75e75ddc3d jws: add notice that the package might be removed
This package is not a general-use JWS implementation and should live
under internal. For now, just add a warning that no new users should
depend on it.

Updates #196.

Change-Id: I0eef273c8327a5ad26eb33a4425afcadca23494b
Reviewed-on: https://go-review.googlesource.com/27692
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2016-08-25 17:13:15 +00:00
Dave Day a870243201 jws: use base64.RawURLEncoding
The Raw (unpadded) version of URL encoding was introduced in Go 1.5.
Since we no longer need to support Go 1.4 (and indeed, Go 1.4 won't work
because of our dependency on golang.org/x/net/context), we can simplify
the base64 encoding/decoding to use this directly.

Fixes golang/oauth2#190.

Change-Id: Ic2676edf5fe5b4d1680409fd9c02bd1c287ca39f
Reviewed-on: https://go-review.googlesource.com/25000
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2016-07-18 01:11:30 +00:00
Dave Day df5b72659a google: support key ID in JWTAccessTokenSourceFromJSON
Change-Id: I20ffede5bf81aa4990afb2820561d5633cdb43a8
Reviewed-on: https://go-review.googlesource.com/24440
Reviewed-by: Chris Broadfoot <cbro@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2016-07-02 01:08:09 +00:00
Jeff Craig 14446d3f8b jws: add RS256 Verification for JWS
Provides helper method for verifying a signed JWT against a provided
public key.

Change-Id: I498ecfce07862c372fd5f81c1fcdc09692ed0f5c
Reviewed-on: https://go-review.googlesource.com/21762
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2016-05-03 22:07:24 +00:00
David Symonds d4780cd8b5 jws: fix base64Decode for strings of length 1 (mod 4).
Change-Id: I5369e4d5454de2cf041363af1328f69d526b17d4
Reviewed-on: https://go-review.googlesource.com/16750
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-11-09 05:46:33 +00:00
David Symonds e347d2238c jws: add EncodeWithSigner function.
This permits controlling the mechanism for signing the token;
for instance, one can use EncodeWithSigner in an App Engine app
to use the App Identity API to perform the signing (you don't have
direct access to the private key there).

An alternate would be to replace Encode with EncodeWithSigner,
and add a little wrapper type that turns a *rsa.PrivateKey into
a Signer. That's probably what I'd do if this were being written
from scratch, but I wasn't keen on breaking existing code.

Change-Id: Id48f5dfa15c179832e613268d4a4098b96648f9a
Reviewed-on: https://go-review.googlesource.com/16711
Reviewed-by: Burcu Dogan <jbd@google.com>
Run-TryBot: David Symonds <dsymonds@golang.org>
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-11-09 00:47:20 +00:00
Andrew Gerrand 038cb4adce all: change copyright to 'Go Authors'
Fixes golang/go#12354

Change-Id: Ie4bbe9445e2a840c9db830c9bd52a783b7a6f9bc
Reviewed-on: https://go-review.googlesource.com/13952
Reviewed-by: Russ Cox <rsc@golang.org>
2015-10-22 04:14:42 +00:00
Emmanuel Odeke 82de3fe653 jwt: added missing format specifier
Updates golang/oauth#151

Change-Id: I2422dade4d72aa4fc33d9ad922508d2793e4ee27
Reviewed-on: https://go-review.googlesource.com/14779
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-09-22 02:43:36 +00:00
robnorman d5ff5ab876 jwt: allow setting a custom expiry time for JWT tokens
The current implementation of JWS/JWT in this package uses a fixed
1 hour expiry time for JWT tokens.

Some services do not accept such a long expiry time, e.g. Salesforce,
which defaults to a 5 minute expiry.
https://help.salesforce.com/HTViewHelpDoc?id=remoteaccess_oauth_jwt_flow.htm

This change adds an Expires time.Duration property to the jwt.Config
struct that, if set, will be used to calculate the jws.ClaimSet Exp property.
It allows a custom expiry to be set on a JWT token.

This change is backward compatible and will revert to previous behaviour if
the Expires property is not set.

Fixes golang/oauth2#151

Change-Id: I3159ac2a5711ef10389d83c0e290bfc7a9f54015
Reviewed-on: https://go-review.googlesource.com/14681
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-09-21 17:56:07 +00:00
Andrew Gerrand 397fe76494 google: add support for JWT Access Tokens
This is a new form of authentication for Google services, where instead
of passing a signed claim to obtain a token from the OAuth endpoint, you
present the signed claim *as* the token to the API endpoint.

Fixes #139.
Fixes #140.

Change-Id: Ibf0f168a0ec111660ac08b86121c943fb96e146c
Reviewed-on: https://go-review.googlesource.com/10667
Reviewed-by: David Symonds <dsymonds@golang.org>
Reviewed-by: Dave Day <djd@golang.org>
2015-08-13 22:40:26 +00:00
Burcu Dogan 7512128337 oauth2/jws: minor readability improvements
Change-Id: I8bcf0bc88b3db49ac281531524e792e8547e1e07
Reviewed-on: https://go-review.googlesource.com/1671
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2014-12-17 00:04:31 +00:00
Burcu Dogan b3f9a68f05 oauth2: fix lint errors
Change-Id: I9cc4c61767be5e6eda189468430e9a89fe2f3796
2014-12-01 18:03:32 -08:00
Burcu Dogan e750a2fd5a oauth2: add vanity URL import comments, use the vanity URL on builds
Change-Id: Ia20e40d98aa709e3d598388e0a15501584152ab5
2014-11-26 11:47:34 -08:00
Burcu Dogan 0cf6f9b144 Introduce an option function type
- Reduce the duplicate code by merging the flows and
determining the flow type by looking at the provided options.
- Options as a function type allows us to validate an individual
an option in its scope and makes it easier to compose the
built-in options with the third-party ones.
2014-11-08 09:46:26 +11:00
Burcu Dogan eb7270d354 oauth2: Allow use of arbitrary RSA private keys to sign JWT token retrieving requests. 2014-08-11 17:54:04 -07:00
Burcu Dogan abc4bcd940 Reverting the license back to the original. 2014-05-17 17:26:57 +02:00
Burcu Dogan d7c8bcd0d0 oauth2: adding license. 2014-05-13 21:06:46 +03:00
Burcu Dogan c32debaa6f Initial commit 2014-05-09 23:05:13 +02:00