MCPcopy
hub / github.com/golang-jwt/jwt / splitToken

Function splitToken

parser.go:207–229  ·  parser.go::splitToken

splitToken splits a token string into three parts: header, claims, and signature. It will only return true if the token contains exactly two delimiters and three parts. In all other cases, it will return nil parts and false.

(token string)

Source from the content-addressed store, hash-verified

205// return true if the token contains exactly two delimiters and three parts. In all other cases, it
206// will return nil parts and false.
207func splitToken(token string) ([]string, bool) {
208 parts := make([]string, 3)
209 header, remain, ok := strings.Cut(token, tokenDelimiter)
210 if !ok {
211 return nil, false
212 }
213 parts[0] = header
214 claims, remain, ok := strings.Cut(remain, tokenDelimiter)
215 if !ok {
216 return nil, false
217 }
218 parts[1] = claims
219 // One more cut to ensure the signature is the last part of the token and there are no more
220 // delimiters. This avoids an issue where malicious input could contain additional delimiters
221 // causing unnecessary overhead parsing tokens.
222 signature, _, unexpected := strings.Cut(remain, tokenDelimiter)
223 if unexpected {
224 return nil, false
225 }
226 parts[2] = signature
227
228 return parts, true
229}
230
231// DecodeSegment decodes a JWT specific base64url encoding. This function will
232// take into account whether the [Parser] is configured with additional options,

Callers 2

ParseUnverifiedMethod · 0.85
TestSplitTokenFunction · 0.85

Calls

no outgoing calls

Tested by 1

TestSplitTokenFunction · 0.68