(ex jwt.Expected)
| 63 | } |
| 64 | |
| 65 | func (e EncryptedAPIKeyPayload) Validate(ex jwt.Expected) error { |
| 66 | if e.NotBefore == nil { |
| 67 | return xerrors.Errorf("not before is required") |
| 68 | } |
| 69 | |
| 70 | ex.Issuer = "coderd" |
| 71 | ex.AnyAudience = jwt.Audience{"wsproxy"} |
| 72 | |
| 73 | return e.RegisteredClaims.Validate(ex) |
| 74 | } |
| 75 | |
| 76 | // FromRequest returns the signed token from the request, if it exists and is |
| 77 | // valid. The caller must check that the token matches the request. |