Skip to content

PEngG7/jwt-go-rsa

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

30 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

jwt-go-auth

This Go module generates JWTs using RSA encryption, tailored to specific services and purposes as defined in a policy file. It dynamically adjusts token claims based on the policy, including permissions and conditions for the token's use, then signs it with a private RSA key. The token's expiration is set according to the specified duration.

The function structure is:

GenerateToken(policyPath string, serviceName string, purpose string, keyPath string, expirationInHours time.Duration)

The key should be an RSA private key and the JSON structure of the policy should be:

{
  "services": [
    {
      "service1": {
        "purpose1": {
          "allowed":
          {
            "field1": [
              "string"
            ],
            "field2": [
              "string"
            ],
            "field3": [
              "string"
            ]
          },
          "generalized":
          {
            "field1": [
              "string",
              "parameter if necessary"
            ],
            "field2": [
              "string",
              "parameter if necessary"
            ],
            "field3": [
              "string",
              "parameter if necessary"
            ]
          },
          "noised":
          {
            "field1": [
              "string",
              "parameter if necessary"
            ],
            "field2": [
              "string",
              "parameter if necessary"

            ],
            "field3": [
              "string",
              "parameter if necessary"
            ]
          },
          "reduced":
          {
            "field1": [
              "string",
              "parameter if necessary"
            ],
            "field2": [
              "string",
              "parameter if necessary"
            ],
            "field3": [
              "string",
              "parameter if necessary"
            ]
          }
        },
        "purpose2": {
          ...
        }
      },
      "service2": {
        ...
      },
      ...
  ]
}

Example: You can find an example here.

Usage

To use this module run:

go get -u github.com/Siar-Akbayin/[email protected]

and add this import statement to your Go file:

import ("github.com/Siar-Akbayin/jwt-go-auth")

Testing

The test.go file contains a test for the GenerateToken function. It uses the policy.json file and the private key provided in this repo. The provided test generates the following token:

eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJwb2xpY3kiOnsiYWxsb3dlZCI6e30sImdlbmVyYWxpemVkIjp7ImNpdHkiOlsic3RyaW5nIiwiMiJdLCJjcmVkaXRfY2FyZF9jdnYiOlsiaW50IiwiMyJdLCJjcmVkaXRfY2FyZF9leHBpcmF0aW9uX3llYXIiOlsiaW50IiwiMTAiXSwiY3JlZGl0X2NhcmRfbnVtYmVyIjpbInN0cmluZyIsIjUiXSwiemlwX2NvZGUiOlsiaW50IiwiOCJdfSwibm9pc2VkIjp7ImFnZSI6WyJpbnQiLCJMYXBsYWNlIl0sImNyZWRpdF9jYXJkX2V4cGlyYXRpb25fbW9udGgiOlsiaW50IiwiTGFwbGFjZSJdLCJzdHJlZXRfbmFtZSI6WyJzdHJpbmciLCJMYXBsYWNlIl0sInN0cmVldF9udW1iZXIiOlsiaW50IiwiTGFwbGFjZSJdfSwicmVkdWNlZCI6eyJjb3VudHJ5IjpbInN0cmluZyIsIjMiXSwiZW1haWwiOlsic3RyaW5nIiwiNCJdLCJuYW1lIjpbInN0cmluZyIsIjQiXSwicGhvbmUiOlsic3RyaW5nIiwiMyJdfX0sImlzcyI6InRva2VuR2VuZXJhdG9yIiwiZXhwIjoxNzA3NDgzNzg4fQ.H-m005YL06s5ZcMeyhda9EX20tjzZv1RSpC7W32EPA-MplKGT7bmU4n8Kwntfr-yGi9Xv8vhqqDjjBUjhuHiKs9kzeBwhsDhzsB2j-W5C1V6NWsrCEZFcw0_w35jGVv1EhTC02qcPoPbfthzM2_6rWmcJX1IDeQDQu4ZwdUOWdYU3i4nw6HwDJIfUbNSdr9bPQ0RX50HT4xWuKX2KaG7OAYcn_i2tawmaJ7gcMDsNZFiO8DuyzeuoPePafMumDQbArDNL0_PdwWCqZddQbFtUl8M0auQDUBnFJlIC75afC09aH3JdjhMWU-hIoz8m26v-2T57Zr0P705thEJWoh1IA

The content can be decoded using a JWT decoder, such as jwt.io.

In this case it looks like this: HEADER

{
  "alg": "RS256",
  "typ": "JWT"
}

PAYLOAD

{
  "policy": {
    "allowed": {},
    "generalized": {
      "city": [
        "string",
        "2"
      ],
      "credit_card_cvv": [
        "int",
        "3"
      ],
      "credit_card_expiration_year": [
        "int",
        "10"
      ],
      "credit_card_number": [
        "string",
        "5"
      ],
      "zip_code": [
        "int",
        "8"
      ]
    },
    "noised": {
      "age": [
        "int",
        "Laplace"
      ],
      "credit_card_expiration_month": [
        "int",
        "Laplace"
      ],
      "street_name": [
        "string",
        "Laplace"
      ],
      "street_number": [
        "int",
        "Laplace"
      ]
    },
    "reduced": {
      "country": [
        "string",
        "3"
      ],
      "email": [
        "string",
        "4"
      ],
      "name": [
        "string",
        "4"
      ],
      "phone": [
        "string",
        "3"
      ]
    }
  },
  "iss": "tokenGenerator",
  "exp": 1707483788
}

Furthermore, you can verify the signature by copying the public key from the public.pem file and the private key from the key.pem file and pasting them into the "Verify Signature" section of the jwt.io website.

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages