okta-jwt-verifier-golang

Okta 的 Golang JWT 验证程序。(Okta JWT Verifier for Golang)

  • 所有者: okta/okta-jwt-verifier-golang
  • 平台: Linux, Mac, Windows
  • 許可證: Apache License 2.0
  • 分類:
  • 主題:
  • 喜歡:
    0
      比較:

Github星跟蹤圖

Okta JWT Verifier for Golang

This library helps you verify tokens that have been issued by Okta. To learn more about verification cases and Okta's tokens please read Working With OAuth 2.0 Tokens

:warning: :construction: Beta Preview :construction: :warning:

This library is under development and is currently in 0.x version series. Breaking changes may be introduced at minor versions in the 0.x range. Please lock your dependency to a specific version until this library reaches 1.x.

Need help? Okta Developer Forum.

Installation

go get -u github.com/okta/okta-jwt-verifier-golang

Usage

This library was built to keep configuration to a minimum. To get it running at its most basic form, all you need to provide is the the following information:

  • Issuer - This is the URL of the authorization server that will perform authentication. All Developer Accounts have a "default" authorization server. The issuer is a combination of your Org URL (found in the upper right of the console home page) and /oauth2/default. For example, https://dev-1234.oktapreview.com/oauth2/default.
  • Client ID- These can be found on the "General" tab of the Web application that you created earlier in the Okta Developer Console.

Access Token Validation

import github.com/okta/okta-jwt-verifier-golang

toValidate := map[string]string{}
toValidate["aud"] = "api://default"
toValidate["cid"] = "{CLIENT_ID}"

jwtVerifierSetup := jwtverifier.JwtVerifier{
        Issuer: "{ISSUER}",
        ClaimsToValidate: toValidate
}

verifier := jwtVerifierSetup.New()

token, err := verifier.VerifyAccessToken("{JWT}")

Id Token Validation

import github.com/okta/okta-jwt-verifier-golang

toValidate := map[string]string{}
toValidate["nonce"] = "{NONCE}"
toValidate["aud"] = "{CLIENT_ID}"


jwtVerifierSetup := jwtverifier.JwtVerifier{
        Issuer: "{ISSUER}",
        ClaimsToValidate: toValidate
}

verifier := jwtVerifierSetup.New()

token, err := verifier.VerifyIdToken("{JWT}")

This will either provide you with the token which gives you access to all the claims, or an error. The token struct contains a Claims property that will give you a map[string]interface{} of all the claims in the token.

// Getting the sub from the token
sub := token.Claims["sub"]

Dealing with clock skew

We default to a PT2M clock skew adjustment in our validation. If you need to change this, you can use the SetLeeway method:

jwtVerifierSetup := JwtVerifier{
        Issuer: "{ISSUER}",
}

verifier := jwtVerifierSetup.New()
verifier.SetLeeway(60) // seconds

主要指標

概覽
名稱與所有者okta/okta-jwt-verifier-golang
主編程語言Go
編程語言Go (語言數: 2)
平台Linux, Mac, Windows
許可證Apache License 2.0
所有者活动
創建於2018-03-02 19:57:40
推送於2025-07-01 05:45:32
最后一次提交2025-06-27 18:13:01
發布數17
最新版本名稱v2.1.1 (發布於 )
第一版名稱v0.1.0 (發布於 )
用户参与
星數107
關注者數79
派生數52
提交數137
已啟用問題?
問題數56
打開的問題數4
拉請求數55
打開的拉請求數1
關閉的拉請求數18
项目设置
已啟用Wiki?
已存檔?
是復刻?
已鎖定?
是鏡像?
是私有?