You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
JSON Web Token for Go RFC 7519, also see jwt.io for more.
The latest version is v5.
Rationale
There are many JWT libraries, but many of them are hard to use (unclear or fixed API), not optimal (unneeded allocations + strange API). This library addresses all these issues. It's simple to read, to use, memory and CPU conservative.
// create a Signer (HMAC in this example)key:= []byte(`secret`)
signer, err:=jwt.NewSignerHS(jwt.HS256, key)
checkErr(err)
// create claims (you can create your own, see: ExampleBuilder_withUserClaims)claims:=&jwt.RegisteredClaims{
Audience: []string{"admin"},
ID: "random-unique-string",
}
// create a Builderbuilder:=jwt.NewBuilder(signer)
// and build a Tokentoken, err:=builder.Build(claims)
checkErr(err)
// here is token as a stringvar_string=token.String()
Parse and verify token:
// create a Verifier (HMAC in this example)key:= []byte(`secret`)
verifier, err:=jwt.NewVerifierHS(jwt.HS256, key)
checkErr(err)
// parse and verify a tokentokenBytes:=token.Bytes()
newToken, err:=jwt.Parse(tokenBytes, verifier)
checkErr(err)
// or just verify it's signatureerr=verifier.Verify(newToken)
checkErr(err)
// get Registered claimsvarnewClaims jwt.RegisteredClaimserrClaims:=json.Unmarshal(newToken.Claims(), &newClaims)
checkErr(errClaims)
// or parse only claimserrParseClaims:=jwt.ParseClaims(tokenBytes, verifier, &newClaims)
checkErr(errParseClaims)
// verify claims as you wishvar_bool=newClaims.IsForAudience("admin")
var_bool=newClaims.IsValidAt(time.Now())
