Validator is the core of the new Validation API. It is automatically used by a [Parser] during parsing and can be modified with various parser options. The [NewValidator] function should be used to create an instance of this struct.
| 34 | // The [NewValidator] function should be used to create an instance of this |
| 35 | // struct. |
| 36 | type Validator struct { |
| 37 | // leeway is an optional leeway that can be provided to account for clock skew. |
| 38 | leeway time.Duration |
| 39 | |
| 40 | // timeFunc is used to supply the current time that is needed for |
| 41 | // validation. If unspecified, this defaults to time.Now. |
| 42 | timeFunc func() time.Time |
| 43 | |
| 44 | // requireExp specifies whether the exp claim is required |
| 45 | requireExp bool |
| 46 | |
| 47 | // requireNbf specifies whether the nbf claim is required |
| 48 | requireNbf bool |
| 49 | |
| 50 | // verifyIat specifies whether the iat (Issued At) claim will be verified. |
| 51 | // According to https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6 this |
| 52 | // only specifies the age of the token, but no validation check is |
| 53 | // necessary. However, if wanted, it can be checked if the iat is |
| 54 | // unrealistic, i.e., in the future. |
| 55 | verifyIat bool |
| 56 | |
| 57 | // expectedAud contains the audience this token expects. Supplying an empty |
| 58 | // slice will disable aud checking. |
| 59 | expectedAud []string |
| 60 | |
| 61 | // expectAllAud specifies whether all expected audiences must be present in |
| 62 | // the token. If false, only one of the expected audiences must be present. |
| 63 | expectAllAud bool |
| 64 | |
| 65 | // expectedIss contains the issuer this token expects. Supplying an empty |
| 66 | // string will disable iss checking. |
| 67 | expectedIss string |
| 68 | |
| 69 | // expectedSub contains the subject this token expects. Supplying an empty |
| 70 | // string will disable sub checking. |
| 71 | expectedSub string |
| 72 | } |
| 73 | |
| 74 | // NewValidator can be used to create a stand-alone validator with the supplied |
| 75 | // options. This validator can then be used to validate already parsed claims. |
nothing calls this directly
no outgoing calls
no test coverage detected