keypairs/keyserve/doc.go

42 lines
1.0 KiB
Go
Raw Normal View History

2019-03-07 03:12:37 +00:00
/*
Package keyserve provides middleware to serve Public Keys
via OIDC-style (https://example.com/.well-known/openid-configuration)
and Auth0-style (https://example.com/.well-known/jwks.json)
URLs. It uses the keypairs package to encode to JWK format.
2019-03-07 03:18:21 +00:00
Basic Usage
2019-03-07 03:12:37 +00:00
import (
"crypto/ecdsa"
"crypto/rand"
"time"
2020-05-10 18:34:01 +00:00
"git.rootprojects.org/root/keypairs/keyserve"
2019-03-07 03:12:37 +00:00
)
key, _ := ecdsa.GenerateKey(elliptic.P256, rand.Reader)
pub := key.Public()
handlers := &keyserve.Middleware{
2019-03-07 03:18:21 +00:00
2019-03-07 03:12:37 +00:00
// the self-reference used for building the openid-configuration url
BaseURL: "https://example.com/",
2019-03-07 03:18:21 +00:00
2019-03-07 03:12:37 +00:00
// public keys used to verify token signatures
Keys: []keypairs.PublicKey{ keypairs.NewPublicKey(pub) }
2019-03-07 03:18:21 +00:00
2019-03-07 03:12:37 +00:00
// how long clients should cache your public key
ExpiresIn: 72 * time.Hour
2019-03-07 03:18:21 +00:00
2019-03-07 03:12:37 +00:00
}
You can then use the handlers anywhere http.HandleFunc is allowed:
http.HandleFunc(keyserve.PEMPath, handlers.Auth0PEM)
http.HandleFunc(keyserve.JWKsPath, handlers.WellKnownJWKs)
http.HandleFunc(keyserve.OIDCPath, handlers.WellKnownOIDC)
*/
package keyserve