Home Explore Help
Register Sign In
zhouyuhuan
/
Cloudpods
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 4e53efd173
Branches Tags
Cloudpods
/
backend
/
vendor
/
github.com
/
lestrrat-go
/
jwx
/
format.go

format.go 2.5 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495 
  1. package jwx
    2. 

  2. 

  3. import (
    4. 

  4. 	"bytes"
    5. 

  5. 	"encoding/json"
    6. 

  6. )
    7. 

  7. 

  8. type FormatKind int
    9. 

  9. 

  10. const (
    11. 

  11. 	UnknownFormat FormatKind = iota
    12. 

  12. 	JWE
    13. 

  13. 	JWS
    14. 

  14. 	JWK
    15. 

  15. 	JWKS
    16. 

  16. 	JWT
    17. 

  17. )
    18. 

  18. 

  19. type formatHint struct {
    20. 

  20. 	Payload    json.RawMessage `json:"payload"`    // Only in JWS
    21. 

  21. 	Signatures json.RawMessage `json:"signatures"` // Only in JWS
    22. 

  22. 	Ciphertext json.RawMessage `json:"ciphertext"` // Only in JWE
    23. 

  23. 	KeyType    json.RawMessage `json:"kty"`        // Only in JWK
    24. 

  24. 	Keys       json.RawMessage `json:"keys"`       // Only in JWKS
    25. 

  25. 	Audience   json.RawMessage `json:"aud"`        // Only in JWT
    26. 

  26. }
    27. 

  27. 

  28. // GuessFormat is used to guess the format the given payload is in
    29. 

  29. // using heuristics. See the type FormatKind for a full list of
    30. 

  30. // possible types.
    31. 

  31. //
    32. 

  32. // This may be useful in determining your next action when you may
    33. 

  33. // encounter a payload that could either be a JWE, JWS, or a plain JWT.
    34. 

  34. //
    35. 

  35. // Because JWTs are almost always JWS signed, you may be thrown off
    36. 

  36. // if you pass what you think is a JWT payload to this function.
    37. 

  37. // If the function is in the "Compact" format, it means it's a JWS
    38. 

  38. // signed message, and its payload is the JWT. Therefore this function
    39. 

  39. // will reuturn JWS, not JWT.
    40. 

  40. //
    41. 

  41. // This function requires an extra parsing of the payload, and therefore
    42. 

  42. // may be inefficient if you call it every time before parsing.
    43. 

  43. func GuessFormat(payload []byte) FormatKind {
    44. 

  44. 	// The check against kty, keys, and aud are something this library
    45. 

  45. 	// made up. for the distinctions between JWE and JWS, we used
    46. 

  46. 	// https://datatracker.ietf.org/doc/html/rfc7516#section-9.
    47. 

  47. 	//
    48. 

  48. 	// The above RFC described several ways to distinguish between
    49. 

  49. 	// a JWE and JWS JSON, but we're only using one of them
    50. 

  50. 

  51. 	payload = bytes.TrimSpace(payload)
    52. 

  52. 	if len(payload) <= 0 {
    53. 

  53. 		return UnknownFormat
    54. 

  54. 	}
    55. 

  55. 

  56. 	if payload[0] != '{' {
    57. 

  57. 		// Compact format. It's probably a JWS or JWE
    58. 

  58. 		sep := []byte{'.'} // I want to const this :/
    59. 

  59. 

  60. 		// Note: this counts the number of occurrences of the
    61. 

  61. 		// separator, but the RFC talks about the number of segments.
    62. 

  62. 		// number of '.' == segments - 1, so that's why we have 2 and 4 here
    63. 

  63. 		switch count := bytes.Count(payload, sep); count {
    64. 

  64. 		case 2:
    65. 

  65. 			return JWS
    66. 

  66. 		case 4:
    67. 

  67. 			return JWE
    68. 

  68. 		default:
    69. 

  69. 			return UnknownFormat
    70. 

  70. 		}
    71. 

  71. 	}
    72. 

  72. 

  73. 	// If we got here, we probably have JSON.
    74. 

  74. 	var h formatHint
    75. 

  75. 	if err := json.Unmarshal(payload, &h); err != nil {
    76. 

  76. 		return UnknownFormat
    77. 

  77. 	}
    78. 

  78. 

  79. 	if h.Audience != nil {
    80. 

  80. 		return JWT
    81. 

  81. 	}
    82. 

  82. 	if h.KeyType != nil {
    83. 

  83. 		return JWK
    84. 

  84. 	}
    85. 

  85. 	if h.Keys != nil {
    86. 

  86. 		return JWKS
    87. 

  87. 	}
    88. 

  88. 	if h.Ciphertext != nil {
    89. 

  89. 		return JWE
    90. 

  90. 	}
    91. 

  91. 	if h.Signatures != nil && h.Payload != nil {
    92. 

  92. 		return JWS
    93. 

  93. 	}
    94. 

  94. 	return UnknownFormat
    95. 

  95. }
    96.