github.com/lestrrat-go/jwx/v2@v2.0.21/jwt/options.yaml (about) 1 package_name: jwt 2 output: jwt/options_gen.go 3 interfaces: 4 - name: GlobalOption 5 comment: | 6 GlobalOption describes an Option that can be passed to `Settings()`. 7 - name: EncryptOption 8 comment: | 9 EncryptOption describes an Option that can be passed to (jwt.Serializer).Encrypt 10 - name: ParseOption 11 methods: 12 - parseOption 13 - readFileOption 14 comment: | 15 ParseOption describes an Option that can be passed to `jwt.Parse()`. 16 ParseOption also implements ReadFileOption, therefore it may be 17 safely pass them to `jwt.ReadFile()` 18 - name: SignOption 19 comment: | 20 SignOption describes an Option that can be passed to `jwt.Sign()` or 21 (jwt.Serializer).Sign 22 - name: SignEncryptParseOption 23 methods: 24 - parseOption 25 - encryptOption 26 - readFileOption 27 - signOption 28 comment: | 29 SignEncryptParseOption describes an Option that can be passed to both `jwt.Sign()` or 30 `jwt.Parse()` 31 - name: ValidateOption 32 methods: 33 - parseOption 34 - readFileOption 35 - validateOption 36 comment: | 37 ValidateOption describes an Option that can be passed to Validate(). 38 ValidateOption also implements ParseOption, therefore it may be 39 safely passed to `Parse()` (and thus `jwt.ReadFile()`) 40 - name: ReadFileOption 41 comment: | 42 ReadFileOption is a type of `Option` that can be passed to `jws.ReadFile` 43 options: 44 - ident: AcceptableSkew 45 interface: ValidateOption 46 argument_type: time.Duration 47 comment: | 48 WithAcceptableSkew specifies the duration in which exp and nbf 49 claims may differ by. This value should be positive 50 - ident: Truncation 51 interface: ValidateOption 52 argument_type: time.Duration 53 comment: | 54 WithTruncation speficies the amount that should be used when 55 truncating time values used during time-based validation routines. 56 By default time values are truncated down to second accuracy. 57 If you want to use sub-second accuracy, you will need to set 58 this value to 0. 59 - ident: Clock 60 interface: ValidateOption 61 argument_type: Clock 62 comment: | 63 WithClock specifies the `Clock` to be used when verifying 64 exp and nbf claims. 65 - ident: Context 66 interface: ValidateOption 67 argument_type: context.Context 68 comment: | 69 WithContext allows you to specify a context.Context object to be used 70 with `jwt.Validate()` option. 71 72 Please be aware that in the next major release of this library, 73 `jwt.Validate()`'s signature will change to include an explicit 74 `context.Context` object. 75 - ident: FlattenAudience 76 interface: GlobalOption 77 argument_type: bool 78 comment: | 79 WithFlattenAudience specifies the the `jwt.FlattenAudience` option on 80 every token defaults to enabled. You can still disable this on a per-object 81 basis using the `jwt.Options().Disable(jwt.FlattenAudience)` method call. 82 83 See the documentation for `jwt.TokenOptionSet`, `(jwt.Token).Options`, and 84 `jwt.FlattenAudience` for more details 85 - ident: CompactOnly 86 interface: GlobalOption 87 argument_type: bool 88 comment: | 89 WithCompactOnly option controls whether jwt.Parse should accept only tokens 90 that are in compact serialization format. RFC7519 specifies that JWTs 91 should be serialized in JWS compact form only, but historically this library 92 allowed for deserialization of JWTs in JWS's JSON serialization format. 93 Specifying this option will disable this behavior, and will report 94 errots if the token is not in compact serialization format. 95 - ident: FormKey 96 interface: ParseOption 97 argument_type: string 98 comment: | 99 WithFormKey is used to specify header keys to search for tokens. 100 101 While the type system allows this option to be passed to jwt.Parse() directly, 102 doing so will have no effect. Only use it for HTTP request parsing functions 103 - ident: HeaderKey 104 interface: ParseOption 105 argument_type: string 106 comment: | 107 WithHeaderKey is used to specify header keys to search for tokens. 108 109 While the type system allows this option to be passed to `jwt.Parse()` directly, 110 doing so will have no effect. Only use it for HTTP request parsing functions 111 - ident: Token 112 interface: ParseOption 113 argument_type: Token 114 comment: | 115 WithToken specifies the token instance where the result JWT is stored 116 when parsing JWT tokensthat is used when parsing 117 - ident: Validate 118 interface: ParseOption 119 argument_type: bool 120 comment: | 121 WithValidate is passed to `Parse()` method to denote that the 122 validation of the JWT token should be performed (or not) after 123 a successful parsing of the incoming payload. 124 125 This option is enabled by default. 126 127 If you would like disable validation, 128 you must use `jwt.WithValidate(false)` or use `jwt.ParseInsecure()` 129 - ident: Verify 130 interface: ParseOption 131 argument_type: bool 132 comment: | 133 WithVerify is passed to `Parse()` method to denote that the 134 signature verification should be performed after a successful 135 deserialization of the incoming payload. 136 137 This option is enabled by default. 138 139 If you do not provide any verification key sources, `jwt.Parse()` 140 would return an error. 141 142 If you would like to only parse the JWT payload and not verify it, 143 you must use `jwt.WithVerify(false)` or use `jwt.ParseInsecure()` 144 - ident: KeyProvider 145 interface: ParseOption 146 argument_type: jws.KeyProvider 147 comment: | 148 WithKeyProvider allows users to specify an object to provide keys to 149 sign/verify tokens using arbitrary code. Please read the documentation 150 for `jws.KeyProvider` in the `jws` package for details on how this works. 151 - ident: Pedantic 152 interface: ParseOption 153 argument_type: bool 154 comment: | 155 WithPedantic enables pedantic mode for parsing JWTs. Currently this only 156 applies to checking for the correct `typ` and/or `cty` when necessary. 157 - ident: EncryptOption 158 interface: EncryptOption 159 argument_type: jwe.EncryptOption 160 comment: | 161 WithEncryptOption provides an escape hatch for cases where extra options to 162 `(jws.Serializer).Encrypt()` must be specified when usng `jwt.Sign()`. Normally you do not 163 need to use this. 164 - ident: SignOption 165 interface: SignOption 166 argument_type: jws.SignOption 167 comment: | 168 WithSignOption provides an escape hatch for cases where extra options to 169 `jws.Sign()` must be specified when usng `jwt.Sign()`. Normally you do not 170 need to use this. 171 - ident: Validator 172 interface: ValidateOption 173 argument_type: Validator 174 comment: | 175 WithValidator validates the token with the given Validator. 176 177 For example, in order to validate tokens that are only valid during August, you would write 178 179 validator := jwt.ValidatorFunc(func(_ context.Context, t jwt.Token) error { 180 if time.Now().Month() != 8 { 181 return fmt.Errorf(`tokens are only valid during August!`) 182 } 183 return nil 184 }) 185 err := jwt.Validate(token, jwt.WithValidator(validator)) 186 - ident: FS 187 interface: ReadFileOption 188 argument_type: fs.FS 189 comment: | 190 WithFS specifies the source `fs.FS` object to read the file from. 191 - ident: NumericDateParsePrecision 192 interface: GlobalOption 193 argument_type: int 194 comment: | 195 WithNumericDateParsePrecision sets the precision up to which the 196 library uses to parse fractional dates found in the numeric date 197 fields. Default is 0 (second, no fractionals), max is 9 (nanosecond) 198 - ident: NumericDateFormatPrecision 199 interface: GlobalOption 200 argument_type: int 201 comment: | 202 WithNumericDateFormatPrecision sets the precision up to which the 203 library uses to format fractional dates found in the numeric date 204 fields. Default is 0 (second, no fractionals), max is 9 (nanosecond) 205 - ident: NumericDateParsePedantic 206 interface: GlobalOption 207 argument_type: bool 208 comment: | 209 WithNumericDateParsePedantic specifies if the parser should behave 210 in a pedantic manner when parsing numeric dates. Normally this library 211 attempts to interpret timestamps as a numeric value representing 212 number of seconds (with an optional fractional part), but if that fails 213 it tries to parse using a RFC3339 parser. This allows us to parse 214 payloads from non-comforming servers. 215 216 However, when you set WithNumericDateParePedantic to `true`, the 217 RFC3339 parser is not tried, and we expect a numeric value strictly