github.com/blend/go-sdk@v1.20220411.3/oauth/jwt.go

github.com/blend/go-sdk@v1.20220411.3/oauth/jwt.go (about)

     1  /*
     2  
     3  Copyright (c) 2022 - Present. Blend Labs, Inc. All rights reserved
     4  Use of this source code is governed by a MIT license that can be found in the LICENSE file.
     5  
     6  */
     7  
     8  package oauth
     9  
    10  import (
    11  	"golang.org/x/oauth2"
    12  
    13  	"github.com/golang-jwt/jwt"
    14  
    15  	"github.com/blend/go-sdk/ex"
    16  )
    17  
    18  // ParseTokenJWT parses a jwt from a given oauth2 token.
    19  func ParseTokenJWT(tok *oauth2.Token, keyfunc jwt.Keyfunc) (*GoogleClaims, error) {
    20  	jwtRaw, ok := tok.Extra("id_token").(string)
    21  	if !ok || jwtRaw == "" {
    22  		return nil, ex.New("invalid oauth token; `id_token` jwt missing")
    23  	}
    24  	var claims GoogleClaims
    25  	_, err := jwt.ParseWithClaims(jwtRaw, &claims, keyfunc)
    26  	if err != nil {
    27  		return nil, err
    28  	}
    29  	return &claims, nil
    30  }
    31  
    32  // GoogleClaims are extensions to the jwt standard claims for google oauth.
    33  //
    34  // See additional documentation here: https://developers.google.com/identity/sign-in/web/backend-auth
    35  type GoogleClaims struct {
    36  	jwt.StandardClaims
    37  
    38  	Email         string `json:"email"`
    39  	EmailVerified string `json:"email-verified"`
    40  	HD            string `json:"hd"`
    41  	Nonce         string `json:"nonce"`
    42  
    43  	FamilyName string `json:"family_name"`
    44  	GivenName  string `json:"given_name"`
    45  	Locale     string `json:"locale"`
    46  	Picture    string `json:"picture"`
    47  	Profile    string `json:"profile"`
    48  }