MCPcopy
hub / github.com/golang-jwt/jwt / ParseWithClaims

Method ParseWithClaims

parser.go:57–128  ·  view source on GitHub ↗

ParseWithClaims parses, validates, and verifies like Parse, but supplies a default object implementing the Claims interface. This provides default values which can be overridden and allows a caller to use their own type, rather than the default MapClaims implementation of Claims. Note: If you provi

(tokenString string, claims Claims, keyFunc Keyfunc)

Source from the content-addressed store, hash-verified

55// make sure that a) you either embed a non-pointer version of the claims or b) if you are using a pointer, allocate the
56// proper memory for it before passing in the overall claims, otherwise you might run into a panic.
57func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyfunc) (*Token, error) {
58 token, parts, err := p.ParseUnverified(tokenString, claims)
59 if err != nil {
60 return token, err
61 }
62
63 // Verify signing method is in the required set
64 if p.validMethods != nil {
65 var signingMethodValid = false
66 var alg = token.Method.Alg()
67 for _, m := range p.validMethods {
68 if m == alg {
69 signingMethodValid = true
70 break
71 }
72 }
73 if !signingMethodValid {
74 // signing method is not in the listed set
75 return token, newError(fmt.Sprintf("signing method %v is invalid", alg), ErrTokenSignatureInvalid)
76 }
77 }
78
79 // Lookup key(s)
80 if keyFunc == nil {
81 // keyFunc was not provided. short circuiting validation
82 return token, newError("no keyfunc was provided", ErrTokenUnverifiable)
83 }
84
85 got, err := keyFunc(token)
86 if err != nil {
87 return token, newError("error while executing keyfunc", ErrTokenUnverifiable, err)
88 }
89
90 // Join together header and claims in order to verify them with the signature
91 text := strings.Join(parts[0:2], ".")
92 switch have := got.(type) {
93 case VerificationKeySet:
94 if len(have.Keys) == 0 {
95 return token, newError("keyfunc returned empty verification key set", ErrTokenUnverifiable)
96 }
97
98 // Iterate through keys and verify signature, skipping the rest when a match is found.
99 // Return the last error if no match is found.
100 for _, key := range have.Keys {
101 if err = token.Method.Verify(text, token.Signature, key); err == nil {
102 break
103 }
104 }
105 default:
106 err = token.Method.Verify(text, token.Signature, have)
107 }
108 if err != nil {
109 return token, newError("", ErrTokenSignatureInvalid, err)
110 }
111
112 // Validate Claims
113 if !p.skipClaimsValidation {
114 // Make sure we have at least a default validator

Callers 9

TestSetPaddingFunction · 0.95
ParseMethod · 0.95
Example_getTokenViaHTTPFunction · 0.80
TestParser_ParseFunction · 0.80
ParseWithClaimsFunction · 0.80
ParseFromRequestFunction · 0.80

Calls 6

ParseUnverifiedMethod · 0.95
newErrorFunction · 0.85
NewValidatorFunction · 0.85
AlgMethod · 0.65
VerifyMethod · 0.65
ValidateMethod · 0.65