RSAKey returns the corresponding public key for the issuer of the token. It is called by jwt-go package when validating the signature in the token.
(token *jwt.Token)
| 420 | // RSAKey returns the corresponding public key for the issuer of the token. |
| 421 | // It is called by jwt-go package when validating the signature in the token. |
| 422 | func (k *Kite) RSAKey(token *jwt.Token) (interface{}, error) { |
| 423 | k.verifyOnce.Do(k.verifyInit) |
| 424 | |
| 425 | kontrolKey := k.KontrolKey() |
| 426 | |
| 427 | if kontrolKey == nil { |
| 428 | panic("kontrol key is not set in config") |
| 429 | } |
| 430 | |
| 431 | if _, ok := token.Method.(*jwt.SigningMethodRSA); !ok { |
| 432 | return nil, errors.New("invalid signing method") |
| 433 | } |
| 434 | |
| 435 | claims, ok := token.Claims.(*kitekey.KiteClaims) |
| 436 | if !ok { |
| 437 | return nil, errors.New("token does not have valid claims") |
| 438 | } |
| 439 | |
| 440 | if claims.Issuer != k.Config.KontrolUser { |
| 441 | return nil, fmt.Errorf("issuer is not trusted: %s", claims.Issuer) |
| 442 | } |
| 443 | |
| 444 | return kontrolKey, nil |
| 445 | } |
| 446 | |
| 447 | // ErrClose is returned by the Close function, when the argument passed |
| 448 | // to it was a slice of kites. |
nothing calls this directly
no test coverage detected