A simple and lightweight library for creating, formatting, manipulating, signing, and validating JSON Web Tokens in Go.

Overview

GoJWT - JSON Web Tokens in Go

GoReportCard GoDoc BuildStatus Code Coverage License

GoJWT is a simple and lightweight library for creating, formatting, manipulating, signing and validating Json Web Tokens in GoLang, used for token-based authentication. Specified in RFC 7519

Installation

go get -u github.com/tobyguelly/gojwt

Examples

Creating JWTs

  • You can create JWTs using the JWT struct
  • Then you can format them into a JWT using the String() method
jwt := gojwt.JWT {
	Header:  gojwt.DefaultHeader,
	Payload: gojwt.Payload {
		Issuer:  "1208202852",
		Subject: "1927027602",
	},
}
fmt.Println(jwt.String()) // eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiIxMjA4MjAyODUyIiwic3ViIjoiMTkyNzAyNzYwMiJ9.-BUwqkL2DFgHTSaAdVsnrppM9R2QkpAGlpZp3N2Wir4

Custom fields in the JWT payload

  • Custom fields can be applied to the JWT Payload by setting the Custom property to a map
jwt.Payload.Custom = map[string]interface{}{
	"Hello": "World",
}

Signing and Validating JWTs

  • JWTs can be signed and validated with a secret string
  • The error returned by the Validate() method indicates, whether the validation was successful or not
    • If the token is valid using the given secret, nil is returned
    • If the token has not been signed yet, the error ErrTokNotSig is returned
    • If an invalid secret was passed, the error ErrInvSecKey is returned
    • If the signature algorithm given in the JWT Header is not supported, the error ErrAlgNotImp is returned
err := jwt.Sign("mysecret")
if err == nil {
	fmt.Println("JWT successfully signed!")
}
err := jwt.Validate("mysecret")
if err == nil {
	fmt.Println("JWT successfully validated!")
}

Loading JWTs

  • Parsed JWTs can be loaded by using the NewJWT function
    • If the given string is not a valid JWT, an error is returned
jwt, err := gojwt.NewJWT("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiIxMjA4MjAyODUyIiwic3ViIjoiMTkyNzAyNzYwMiJ9.-BUwqkL2DFgHTSaAdVsnrppM9R2QkpAGlpZp3N2Wir4")
if err == nil {
	fmt.Println("JWT successfully loaded!")
}

Additional Encoding for Signature

  • You can additionally base64 encode/decode the Signature property of the JWT
jwt.EncodeSignature()
err := jwt.DecodeSignature()
if err == nil {
	fmt.Println("JWT signature decoded!")
}
Releases(v1.1.0)
Owner
Toby
💻Young Coder, Bug-fixer, and Student from Austria. 👀Discord: Toby#9857
Toby
Safe, simple and fast JSON Web Tokens for Go

jwt JSON Web Token for Go RFC 7519, also see jwt.io for more. The latest version is v3. Rationale There are many JWT libraries, but many of them are h

cristaltech 548 Jun 24, 2022
Microservice generates pair of access and refresh JSON web tokens signed by user identifier.

go-jwt-issuer Microservice generates pair access and refresh JSON web tokens signed by user identifier. ?? Deployed on Heroku Run tests: export SECRET

Oleksii Velychko 27 Apr 14, 2022
Golang implementation of JSON Web Tokens (JWT)

jwt-go A go (or 'golang' for search engine friendliness) implementation of JSON Web Tokens NEW VERSION COMING: There have been a lot of improvements s

Dave Grijalva 10.4k Jun 23, 2022
A go implementation of JSON Web Tokens

jwt-go A go (or 'golang' for search engine friendliness) implementation of JSON Web Tokens NEW VERSION COMING: There have been a lot of improvements s

null 2.8k Jun 29, 2022
JWT wrapper library which makes it simple to use ECDSA based JWT signing

JWT JWT wrapper library which makes it simple to user ECDSA based JWT signing. Usage package main import ( "context" "github.com/infiniteloopcloud

infinite loop 0 Feb 10, 2022
Jose - JavaScript Object Signing and Encryption (JOSE)

jose JavaScript Object Signing and Encryption JOSE implemented in Go. RFCs RFC75

Kent 'picat' Gruber 6 Feb 21, 2022
Prototype of signing container images in the index

Prototype for inline signing of images in the image index. When designing Notary v2 there was a strong consensus for having detached signatures. These

Justin Cormack 2 Jan 8, 2022
🔒 JWT with RS-signing methods, designed for Gin.

GinRS 套用在 gin-gonic/gin 基於 RS256 演算法的 JWT 簽署套件。 非對稱金鑰 透過 openssl 產生一個私鑰。 openssl genrsa -out private.key 2048 再透過這個私鑰產生一個公鑰,這個公鑰可以配發到其他伺服器或是第三方的手中用來驗證

TeaCat 1 Feb 23, 2022
Generate a generic library of 2FA tokens compatible with Google Authenticator

towfa Generate a generic library of 2FA tokens compatible with Google Authenticator go get -u github.com/golandscape/twofa $twofa "you secret" result:

golandscape 13 Mar 23, 2022
Herbert Fischer 197 Jun 10, 2022
Generate and verify JWT tokens with Trusted Platform Module (TPM)

golang-jwt for Trusted Platform Module (TPM) This is just an extension for go-jwt i wrote over thanksgiving that allows creating and verifying JWT tok

null 2 Mar 2, 2022
Go module with token package to request Azure Resource Manager and Azure Graph tokens.

azAUTH Go module with token package to request Azure Resource Manager and Azure Graph tokens. prerequisites Install azure cli: https://docs.microsoft.

Bart 1 Dec 1, 2021
Generate and verify JWT tokens with PKCS-11

golang-jwt for PKCS11 Another extension for go-jwt that allows creating and verifying JWT tokens where the private key is embedded inside Hardware lik

null 0 Dec 6, 2021
OauthMicroservice-cassandraCluster - Implement microservice of oauth using golang and cassandra to store user tokens

implement microservice of oauth using golang and cassandra to store user tokens

Mehdi 1 Jan 24, 2022
Authenticated and encrypted API tokens using modern crypto

Branca Token Authenticated and encrypted API tokens using modern crypto. What? Branca is a secure, easy to use token format which makes it hard to sho

Mika Tuupola 185 May 22, 2022
:key: Secure alternative to JWT. Authenticated Encrypted API Tokens for Go.

branca branca is a secure alternative to JWT, This implementation is written in pure Go (no cgo dependencies) and implements the branca token specific

Wesley Hill 165 Jun 21, 2022
Platform-Agnostic Security Tokens implementation in GO (Golang)

Golang implementation of PASETO: Platform-Agnostic Security Tokens This is a 100% compatible pure Go (Golang) implementation of PASETO tokens. PASETO

Oleg Lobanov 608 Jun 26, 2022
an stateless OpenID Connect authorization server that mints ID Tokens from Webauthn challenges

Webauthn-oidc Webauthn-oidc is a very minimal OIDC authorization server that only supports webauthn for authentication. This can be used to bootstrap

Arian van Putten 13 May 16, 2022
Minting OIDC tokens from GitHub Actions for use with OpenFaaS

minty Experiment for minting OIDC tokens from GitHub Actions for use with OpenFaaS Why would you want this? Enable third-parties to deploy to your ope

Alex Ellis 9 Oct 31, 2021