| package lightwave |
| |
| import ( |
| "encoding/base64" |
| "encoding/json" |
| "strings" |
| ) |
| |
| type JWTToken struct { |
| TokenId string `json:"jti"` |
| Algorithm string `json:"alg"` |
| Subject string `json:"sub"` |
| Audience []string `json:"aud"` |
| Groups []string `json:"groups"` |
| Issuer string `json:"iss"` |
| IssuedAt int64 `json:"iat"` |
| Expires int64 `json:"exp"` |
| Scope string `json:"scope"` |
| TokenType string `json:"token_type"` |
| TokenClass string `json:"token_class"` |
| Tenant string `json:"tenant"` |
| // It's possible to have more fields depending on how Lightwave defines the token. |
| // This covers all the fields we currently have. |
| } |
| |
| // A JSON web token is a set of Base64 encoded strings separated by a period (.) |
| // When decoded, it will either be JSON text or a signature |
| // Here we decode the strings into a single token structure. We do not parse the signature. |
| func ParseTokenDetails(token string) (jwtToken *JWTToken) { |
| jwtToken = &JWTToken{} |
| |
| chunks := strings.Split(token, ".") |
| for _, chunk := range chunks { |
| json_string, err := base64.RawURLEncoding.DecodeString(chunk) |
| if err == nil { |
| // Ignore errors. We expect that the signature is not JSON, |
| // so unmarshalling it will fail. That's fine. We'll extract |
| // all the data we can. |
| _ = json.Unmarshal(json_string, &jwtToken) |
| } |
| } |
| |
| return jwtToken |
| } |
| |
| // A JSON web token is a set of Base64 encoded strings separated by a period (.) |
| // When decoded, it will either be JSON text or a signature |
| // Here we parse the full JSON text. We do not parse the signature. |
| func ParseRawTokenDetails(token string) (jwtToken []string, err error) { |
| chunks := strings.Split(token, ".") |
| for _, chunk := range chunks { |
| jsonString, err := base64.RawURLEncoding.DecodeString(chunk) |
| if err == nil { |
| jwtToken = append(jwtToken, string(jsonString)) |
| } |
| } |
| |
| return jwtToken, err |
| } |