1package jwx_test 2 3import ( 4 "crypto/rand" 5 "crypto/rsa" 6 "encoding/json" 7 "fmt" 8 "log" 9 "time" 10 11 "github.com/lestrrat-go/jwx/jwa" 12 "github.com/lestrrat-go/jwx/jwe" 13 "github.com/lestrrat-go/jwx/jwk" 14 "github.com/lestrrat-go/jwx/jws" 15 "github.com/lestrrat-go/jwx/jwt" 16) 17 18func ExampleJWT() { 19 const aLongLongTimeAgo = 233431200 20 21 t := jwt.New() 22 t.Set(jwt.SubjectKey, `https://github.com/lestrrat-go/jwx/jwt`) 23 t.Set(jwt.AudienceKey, `Golang Users`) 24 t.Set(jwt.IssuedAtKey, time.Unix(aLongLongTimeAgo, 0)) 25 t.Set(`privateClaimKey`, `Hello, World!`) 26 27 buf, err := json.MarshalIndent(t, "", " ") 28 if err != nil { 29 fmt.Printf("failed to generate JSON: %s\n", err) 30 return 31 } 32 33 fmt.Printf("%s\n", buf) 34 fmt.Printf("aud -> '%s'\n", t.Audience()) 35 fmt.Printf("iat -> '%s'\n", t.IssuedAt().Format(time.RFC3339)) 36 if v, ok := t.Get(`privateClaimKey`); ok { 37 fmt.Printf("privateClaimKey -> '%s'\n", v) 38 } 39 fmt.Printf("sub -> '%s'\n", t.Subject()) 40} 41 42func ExampleJWK() { 43 set, err := jwk.FetchHTTP("https://foobar.domain/jwk.json") 44 if err != nil { 45 log.Printf("failed to parse JWK: %s", err) 46 return 47 } 48 49 // If you KNOW you have exactly one key, you can just 50 // use set.Keys[0] 51 keys := set.LookupKeyID("mykey") 52 if len(keys) == 0 { 53 log.Printf("failed to lookup key: %s", err) 54 return 55 } 56 57 key, err := keys[0].Materialize() 58 if err != nil { 59 log.Printf("failed to create public key: %s", err) 60 return 61 } 62 63 // Use key for jws.Verify() or whatever 64 _ = key 65} 66 67func ExampleJWS() { 68 privkey, err := rsa.GenerateKey(rand.Reader, 2048) 69 if err != nil { 70 log.Printf("failed to generate private key: %s", err) 71 return 72 } 73 74 buf, err := jws.Sign([]byte("Lorem ipsum"), jwa.RS256, privkey) 75 if err != nil { 76 log.Printf("failed to created JWS message: %s", err) 77 return 78 } 79 80 // When you received a JWS message, you can verify the signature 81 // and grab the payload sent in the message in one go: 82 verified, err := jws.Verify(buf, jwa.RS256, &privkey.PublicKey) 83 if err != nil { 84 log.Printf("failed to verify message: %s", err) 85 return 86 } 87 88 log.Printf("signed message verified! -> %s", verified) 89} 90 91func ExampleJWE() { 92 privkey, err := rsa.GenerateKey(rand.Reader, 2048) 93 if err != nil { 94 log.Printf("failed to generate private key: %s", err) 95 return 96 } 97 98 payload := []byte("Lorem Ipsum") 99 100 encrypted, err := jwe.Encrypt(payload, jwa.RSA1_5, &privkey.PublicKey, jwa.A128CBC_HS256, jwa.NoCompress) 101 if err != nil { 102 log.Printf("failed to encrypt payload: %s", err) 103 return 104 } 105 106 decrypted, err := jwe.Decrypt(encrypted, jwa.RSA1_5, privkey) 107 if err != nil { 108 log.Printf("failed to decrypt: %s", err) 109 return 110 } 111 112 if string(decrypted) != "Lorem Ipsum" { 113 log.Printf("WHAT?!") 114 return 115 } 116} 117