github.com/mundipagg/boleto-api@v0.0.0-20230620145841-3f9ec742599f/stone/jwt.go (about) 1 package stone 2 3 import ( 4 "fmt" 5 "strings" 6 "time" 7 8 jwt "github.com/dgrijalva/jwt-go" 9 "github.com/google/uuid" 10 "github.com/mundipagg/boleto-api/certificate" 11 "github.com/mundipagg/boleto-api/config" 12 ) 13 14 const ( 15 StoneRealm = "stone" 16 ) 17 18 func generateJWT() (string, error) { 19 sk, err := certificate.GetCertificateFromStore(config.Get().AzureStorageOpenBankSkName) 20 if err != nil { 21 return "", err 22 } 23 24 signKey, err := jwt.ParseRSAPrivateKeyFromPEM(sk.([]byte)) 25 if err != nil { 26 return "", err 27 } 28 29 now := time.Now() 30 31 atClaims := jwt.MapClaims{} 32 atClaims["exp"] = now.Add(time.Duration(config.Get().StoneTokenDurationInMinutes) * time.Minute).Unix() 33 atClaims["nbf"] = now.Unix() 34 atClaims["aud"] = config.Get().StoneAudience 35 atClaims["realm"] = StoneRealm 36 atClaims["sub"] = config.Get().StoneClientID 37 atClaims["clientId"] = config.Get().StoneClientID 38 atClaims["iat"] = now.Unix() 39 atClaims["jti"] = generateJTIFromTime(now) 40 atClaims["iss"] = config.Get().StoneClientID 41 42 at := jwt.NewWithClaims(jwt.SigningMethodRS256, atClaims) 43 44 token, err := at.SignedString(signKey) 45 if err != nil { 46 return "", err 47 } 48 return token, nil 49 } 50 51 func generateJTIFromTime(t time.Time) string { 52 id, _ := uuid.NewUUID() 53 nowStr := t.Format("2006-01-02T15:04:05.000Z") 54 55 removable := []string{"-", "T", ":", "."} 56 for _, ch := range removable { 57 nowStr = strings.ReplaceAll(nowStr, ch, "") 58 } 59 60 return fmt.Sprintf("%s.%s", nowStr[:17], id.String()[:7]) 61 }