MCPcopy
hub / github.com/smallstep/cli / Sign

Method Sign

token/token.go:71–104  ·  view source on GitHub ↗

Sign creates a JWT with the claims and signs it with the given key.

(alg jose.SignatureAlgorithm, key interface{})

Source from the content-addressed store, hash-verified

69
70// Sign creates a JWT with the claims and signs it with the given key.
71func (c *Claims) Sign(alg jose.SignatureAlgorithm, key interface{}) (string, error) {
72 kid, err := GenerateKeyID(key)
73 if err != nil {
74 return "", err
75 }
76
77 so := new(jose.SignerOptions)
78 so.WithType("JWT")
79 so.WithHeader("kid", kid)
80
81 // Used to override the kid too
82 for k, v := range c.ExtraHeaders {
83 so.WithHeader(jose.HeaderKey(k), v)
84 }
85
86 signer, err := jose.NewSigner(jose.SigningKey{
87 Algorithm: alg,
88 Key: key,
89 }, so)
90 if err != nil {
91 return "", errors.Wrapf(err, "error creating JWT signer")
92 }
93
94 // Force aud to be a string
95 if len(c.Audience) == 1 {
96 c.Set("aud", c.Audience[0])
97 }
98
99 raw, err := jose.Signed(signer).Claims(c.Claims).Claims(c.ExtraClaims).CompactSerialize()
100 if err != nil {
101 return "", errors.Wrapf(err, "error serializing JWT")
102 }
103 return raw, nil
104}
105
106// NewClaims returns the default claims with the given options added.
107func NewClaims(opts ...Options) (*Claims, error) {

Callers 3

generateRenewTokenFunction · 0.95
RenewWithTokenMethod · 0.95
TestClaims_SignFunction · 0.95

Calls 3

SetMethod · 0.95
GenerateKeyIDFunction · 0.85
CompactSerializeMethod · 0.80

Tested by 1

TestClaims_SignFunction · 0.76