1// This file is auto-generated. DO NOT EDIT
2package jwt
3
4import (
5	"bytes"
6	"encoding/json"
7	"github.com/lestrrat-go/jwx/jwt/internal/types"
8	"github.com/pkg/errors"
9	"time"
10)
11
12// Key names for standard claims
13const (
14	AudienceKey   = "aud"
15	ExpirationKey = "exp"
16	IssuedAtKey   = "iat"
17	IssuerKey     = "iss"
18	JwtIDKey      = "jti"
19	NotBeforeKey  = "nbf"
20	SubjectKey    = "sub"
21)
22
23// Token represents a JWT token. The object has convenience accessors
24// to 7 standard claims including "aud", "exp", "iat", "iss", "jti", "nbf" and "sub"
25// which are type-aware (to an extent). Other claims may be accessed via the `Get`/`Set`
26// methods but their types are not taken into consideration at all. If you have non-standard
27// claims that you must frequently access, consider wrapping the token in a wrapper
28// by embedding the jwt.Token type in it
29type Token struct {
30	audience      StringList             `json:"aud,omitempty"` // https://tools.ietf.org/html/rfc7519#section-4.1.3
31	expiration    *types.NumericDate     `json:"exp,omitempty"` // https://tools.ietf.org/html/rfc7519#section-4.1.4
32	issuedAt      *types.NumericDate     `json:"iat,omitempty"` // https://tools.ietf.org/html/rfc7519#section-4.1.6
33	issuer        *string                `json:"iss,omitempty"` // https://tools.ietf.org/html/rfc7519#section-4.1.1
34	jwtID         *string                `json:"jti,omitempty"` // https://tools.ietf.org/html/rfc7519#section-4.1.7
35	notBefore     *types.NumericDate     `json:"nbf,omitempty"` // https://tools.ietf.org/html/rfc7519#section-4.1.5
36	subject       *string                `json:"sub,omitempty"` // https://tools.ietf.org/html/rfc7519#section-4.1.2
37	privateClaims map[string]interface{} `json:"-"`
38}
39
40func (t *Token) Get(s string) (interface{}, bool) {
41	switch s {
42	case AudienceKey:
43		if len(t.audience) == 0 {
44			return nil, false
45		}
46		return []string(t.audience), true
47	case ExpirationKey:
48		if t.expiration == nil {
49			return nil, false
50		} else {
51			return t.expiration.Get(), true
52		}
53	case IssuedAtKey:
54		if t.issuedAt == nil {
55			return nil, false
56		} else {
57			return t.issuedAt.Get(), true
58		}
59	case IssuerKey:
60		if t.issuer == nil {
61			return nil, false
62		} else {
63			return *(t.issuer), true
64		}
65	case JwtIDKey:
66		if t.jwtID == nil {
67			return nil, false
68		} else {
69			return *(t.jwtID), true
70		}
71	case NotBeforeKey:
72		if t.notBefore == nil {
73			return nil, false
74		} else {
75			return t.notBefore.Get(), true
76		}
77	case SubjectKey:
78		if t.subject == nil {
79			return nil, false
80		} else {
81			return *(t.subject), true
82		}
83	}
84	if v, ok := t.privateClaims[s]; ok {
85		return v, true
86	}
87	return nil, false
88}
89
90func (t *Token) Set(name string, v interface{}) error {
91	switch name {
92	case AudienceKey:
93		var x StringList
94		if err := x.Accept(v); err != nil {
95			return errors.Wrap(err, `invalid value for 'audience' key`)
96		}
97		t.audience = x
98	case ExpirationKey:
99		var x types.NumericDate
100		if err := x.Accept(v); err != nil {
101			return errors.Wrap(err, `invalid value for 'expiration' key`)
102		}
103		t.expiration = &x
104	case IssuedAtKey:
105		var x types.NumericDate
106		if err := x.Accept(v); err != nil {
107			return errors.Wrap(err, `invalid value for 'issuedAt' key`)
108		}
109		t.issuedAt = &x
110	case IssuerKey:
111		x, ok := v.(string)
112		if !ok {
113			return errors.Errorf(`invalid type for 'issuer' key: %T`, v)
114		}
115		t.issuer = &x
116	case JwtIDKey:
117		x, ok := v.(string)
118		if !ok {
119			return errors.Errorf(`invalid type for 'jwtID' key: %T`, v)
120		}
121		t.jwtID = &x
122	case NotBeforeKey:
123		var x types.NumericDate
124		if err := x.Accept(v); err != nil {
125			return errors.Wrap(err, `invalid value for 'notBefore' key`)
126		}
127		t.notBefore = &x
128	case SubjectKey:
129		x, ok := v.(string)
130		if !ok {
131			return errors.Errorf(`invalid type for 'subject' key: %T`, v)
132		}
133		t.subject = &x
134	default:
135		if t.privateClaims == nil {
136			t.privateClaims = make(map[string]interface{})
137		}
138		t.privateClaims[name] = v
139	}
140	return nil
141}
142
143func (t Token) Audience() StringList {
144	if v, ok := t.Get(AudienceKey); ok {
145		return v.([]string)
146	}
147	return nil
148}
149
150func (t Token) Expiration() time.Time {
151	if v, ok := t.Get(ExpirationKey); ok {
152		return v.(time.Time)
153	}
154	return time.Time{}
155}
156
157func (t Token) IssuedAt() time.Time {
158	if v, ok := t.Get(IssuedAtKey); ok {
159		return v.(time.Time)
160	}
161	return time.Time{}
162}
163
164// Issuer is a convenience function to retrieve the corresponding value store in the token
165// if there is a problem retrieving the value, the zero value is returned. If you need to differentiate between existing/non-existing values, use `Get` instead
166
167func (t Token) Issuer() string {
168	if v, ok := t.Get(IssuerKey); ok {
169		return v.(string)
170	}
171	return ""
172}
173
174// JwtID is a convenience function to retrieve the corresponding value store in the token
175// if there is a problem retrieving the value, the zero value is returned. If you need to differentiate between existing/non-existing values, use `Get` instead
176
177func (t Token) JwtID() string {
178	if v, ok := t.Get(JwtIDKey); ok {
179		return v.(string)
180	}
181	return ""
182}
183
184func (t Token) NotBefore() time.Time {
185	if v, ok := t.Get(NotBeforeKey); ok {
186		return v.(time.Time)
187	}
188	return time.Time{}
189}
190
191// Subject is a convenience function to retrieve the corresponding value store in the token
192// if there is a problem retrieving the value, the zero value is returned. If you need to differentiate between existing/non-existing values, use `Get` instead
193
194func (t Token) Subject() string {
195	if v, ok := t.Get(SubjectKey); ok {
196		return v.(string)
197	}
198	return ""
199}
200
201// this is almost identical to json.Encoder.Encode(), but we use Marshal
202// to avoid having to remove the trailing newline for each successive
203// call to Encode()
204func writeJSON(buf *bytes.Buffer, v interface{}, keyName string) error {
205	if enc, err := json.Marshal(v); err != nil {
206		return errors.Wrapf(err, `failed to encode '%s'`, keyName)
207	} else {
208		buf.Write(enc)
209	}
210	return nil
211}
212
213// MarshalJSON serializes the token in JSON format. This exists to
214// allow flattening of private claims.
215func (t Token) MarshalJSON() ([]byte, error) {
216	var buf bytes.Buffer
217	buf.WriteRune('{')
218	if len(t.audience) > 0 {
219		buf.WriteRune('"')
220		buf.WriteString(AudienceKey)
221		buf.WriteString(`":`)
222		if err := writeJSON(&buf, t.audience, AudienceKey); err != nil {
223			return nil, err
224		}
225	}
226	if t.expiration != nil {
227		if buf.Len() > 1 {
228			buf.WriteRune(',')
229		}
230		buf.WriteRune('"')
231		buf.WriteString(ExpirationKey)
232		buf.WriteString(`":`)
233		if err := writeJSON(&buf, t.expiration, ExpirationKey); err != nil {
234			return nil, err
235		}
236	}
237	if t.issuedAt != nil {
238		if buf.Len() > 1 {
239			buf.WriteRune(',')
240		}
241		buf.WriteRune('"')
242		buf.WriteString(IssuedAtKey)
243		buf.WriteString(`":`)
244		if err := writeJSON(&buf, t.issuedAt, IssuedAtKey); err != nil {
245			return nil, err
246		}
247	}
248	if t.issuer != nil {
249		if buf.Len() > 1 {
250			buf.WriteRune(',')
251		}
252		buf.WriteRune('"')
253		buf.WriteString(IssuerKey)
254		buf.WriteString(`":`)
255		if err := writeJSON(&buf, t.issuer, IssuerKey); err != nil {
256			return nil, err
257		}
258	}
259	if t.jwtID != nil {
260		if buf.Len() > 1 {
261			buf.WriteRune(',')
262		}
263		buf.WriteRune('"')
264		buf.WriteString(JwtIDKey)
265		buf.WriteString(`":`)
266		if err := writeJSON(&buf, t.jwtID, JwtIDKey); err != nil {
267			return nil, err
268		}
269	}
270	if t.notBefore != nil {
271		if buf.Len() > 1 {
272			buf.WriteRune(',')
273		}
274		buf.WriteRune('"')
275		buf.WriteString(NotBeforeKey)
276		buf.WriteString(`":`)
277		if err := writeJSON(&buf, t.notBefore, NotBeforeKey); err != nil {
278			return nil, err
279		}
280	}
281	if t.subject != nil {
282		if buf.Len() > 1 {
283			buf.WriteRune(',')
284		}
285		buf.WriteRune('"')
286		buf.WriteString(SubjectKey)
287		buf.WriteString(`":`)
288		if err := writeJSON(&buf, t.subject, SubjectKey); err != nil {
289			return nil, err
290		}
291	}
292	if len(t.privateClaims) == 0 {
293		buf.WriteRune('}')
294		return buf.Bytes(), nil
295	}
296	// If private claims exist, they need to flattened and included in the token
297	pcjson, err := json.Marshal(t.privateClaims)
298	if err != nil {
299		return nil, errors.Wrap(err, `failed to marshal private claims`)
300	}
301	// remove '{' from the private claims
302	pcjson = pcjson[1:]
303	if buf.Len() > 1 {
304		buf.WriteRune(',')
305	}
306	buf.Write(pcjson)
307	return buf.Bytes(), nil
308}
309
310// UnmarshalJSON deserializes data from a JSON data buffer into a Token
311func (t *Token) UnmarshalJSON(data []byte) error {
312	var m map[string]interface{}
313	if err := json.Unmarshal(data, &m); err != nil {
314		return errors.Wrap(err, `failed to unmarshal token`)
315	}
316	for name, value := range m {
317		if err := t.Set(name, value); err != nil {
318			return errors.Wrapf(err, `failed to set value for %s`, name)
319		}
320	}
321	return nil
322}
323