github.com/nats-io/jwt/v2@v2.5.6/v1compat/cluster_claims.go

github.com/nats-io/jwt/v2@v2.5.6/v1compat/cluster_claims.go (about)

     1  /*
     2   * Copyright 2018-2020 The NATS Authors
     3   * Licensed under the Apache License, Version 2.0 (the "License");
     4   * you may not use this file except in compliance with the License.
     5   * You may obtain a copy of the License at
     6   *
     7   * http://www.apache.org/licenses/LICENSE-2.0
     8   *
     9   * Unless required by applicable law or agreed to in writing, software
    10   * distributed under the License is distributed on an "AS IS" BASIS,
    11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12   * See the License for the specific language governing permissions and
    13   * limitations under the License.
    14   */
    15  
    16  package jwt
    17  
    18  import (
    19  	"errors"
    20  
    21  	"github.com/nats-io/nkeys"
    22  )
    23  
    24  // Cluster stores the cluster specific elements of a cluster JWT
    25  // Deprecated: ClusterClaims are not supported
    26  type Cluster struct {
    27  	Trust       []string `json:"identity,omitempty"`
    28  	Accounts    []string `json:"accts,omitempty"`
    29  	AccountURL  string   `json:"accturl,omitempty"`
    30  	OperatorURL string   `json:"opurl,omitempty"`
    31  }
    32  
    33  // Validate checks the cluster and permissions for a cluster JWT
    34  func (c *Cluster) Validate(vr *ValidationResults) {
    35  	// fixme validate cluster data
    36  }
    37  
    38  // ClusterClaims defines the data in a cluster JWT
    39  // Deprecated: ClusterClaims are not supported
    40  type ClusterClaims struct {
    41  	ClaimsData
    42  	Cluster `json:"nats,omitempty"`
    43  }
    44  
    45  // NewClusterClaims creates a new cluster JWT with the specified subject/public key
    46  // Deprecated: ClusterClaims are not supported
    47  func NewClusterClaims(subject string) *ClusterClaims {
    48  	if subject == "" {
    49  		return nil
    50  	}
    51  	c := &ClusterClaims{}
    52  	c.Subject = subject
    53  	return c
    54  }
    55  
    56  // Encode tries to turn the cluster claims into a JWT string
    57  func (c *ClusterClaims) Encode(pair nkeys.KeyPair) (string, error) {
    58  	if !nkeys.IsValidPublicClusterKey(c.Subject) {
    59  		return "", errors.New("expected subject to be a cluster public key")
    60  	}
    61  	c.ClaimsData.Type = ClusterClaim
    62  	return c.ClaimsData.Encode(pair, c)
    63  }
    64  
    65  // DecodeClusterClaims tries to parse cluster claims from a JWT string
    66  // Deprecated: ClusterClaims are not supported
    67  func DecodeClusterClaims(token string) (*ClusterClaims, error) {
    68  	v := ClusterClaims{}
    69  	if err := Decode(token, &v); err != nil {
    70  		return nil, err
    71  	}
    72  	return &v, nil
    73  }
    74  
    75  func (c *ClusterClaims) String() string {
    76  	return c.ClaimsData.String(c)
    77  }
    78  
    79  // Payload returns the cluster specific data
    80  func (c *ClusterClaims) Payload() interface{} {
    81  	return &c.Cluster
    82  }
    83  
    84  // Validate checks the generic and cluster data in the cluster claims
    85  func (c *ClusterClaims) Validate(vr *ValidationResults) {
    86  	c.ClaimsData.Validate(vr)
    87  	c.Cluster.Validate(vr)
    88  }
    89  
    90  // ExpectedPrefixes defines the types that can encode a cluster JWT, operator or cluster
    91  func (c *ClusterClaims) ExpectedPrefixes() []nkeys.PrefixByte {
    92  	return []nkeys.PrefixByte{nkeys.PrefixByteOperator, nkeys.PrefixByteCluster}
    93  }
    94  
    95  // Claims returns the generic data
    96  func (c *ClusterClaims) Claims() *ClaimsData {
    97  	return &c.ClaimsData
    98  }