Merge pull request #7 from qri-io/feat_tok_parse_sub_iss
feat(Token): parse Issuer & Subject into exported fields
This commit is contained in:
Brendan O'Brien
@@ -52,13 +52,16 @@ func Example() {
|
|||||||
fmt.Printf("cid of derived UCAN: %s\n", id.String())
|
fmt.Printf("cid of derived UCAN: %s\n", id.String())
|
||||||
|
|
||||||
p := exampleParser()
|
p := exampleParser()
|
||||||
_, err = p.ParseAndVerify(context.Background(), origin.Raw)
|
tok, err := p.ParseAndVerify(context.Background(), origin.Raw)
|
||||||
panicIfError(err)
|
panicIfError(err)
|
||||||
|
|
||||||
|
fmt.Printf("issuer DID key type: %s\n", tok.Issuer.Type().String())
|
||||||
|
|
||||||
// Output:
|
// Output:
|
||||||
// cid of root UCAN: bafkreih6guuxohv47s2e366l6jn6stlsukgoerkdvtsni3kxr4jjmkaf3y
|
// cid of root UCAN: bafkreih6guuxohv47s2e366l6jn6stlsukgoerkdvtsni3kxr4jjmkaf3y
|
||||||
// scope of ucan attenuations must be less than it's parent
|
// scope of ucan attenuations must be less than it's parent
|
||||||
// cid of derived UCAN: bafkreihpk5474uoolkqrge3yk5uy2s7rarhn5xwxfoiobcy6ye7vfxetgm
|
// cid of derived UCAN: bafkreihpk5474uoolkqrge3yk5uy2s7rarhn5xwxfoiobcy6ye7vfxetgm
|
||||||
|
// issuer DID key type: RSA
|
||||||
}
|
}
|
||||||
|
|
||||||
func panicIfError(err error) {
|
func panicIfError(err error) {
|
||||||
|
|||||||
30
token.go
30
token.go
@@ -46,7 +46,9 @@ const (
|
|||||||
// token a UCAN
|
// token a UCAN
|
||||||
type Token struct {
|
type Token struct {
|
||||||
// Entire UCAN as a signed JWT string
|
// Entire UCAN as a signed JWT string
|
||||||
Raw string
|
Raw string
|
||||||
|
Issuer didkey.ID
|
||||||
|
Subject didkey.ID
|
||||||
// the "inputs" to this token, a chain UCAN tokens with broader scopes &
|
// the "inputs" to this token, a chain UCAN tokens with broader scopes &
|
||||||
// deadlines than this token
|
// deadlines than this token
|
||||||
Proofs []Proof `json:"prf,omitempty"`
|
Proofs []Proof `json:"prf,omitempty"`
|
||||||
@@ -313,6 +315,30 @@ func (p *TokenParser) parseAndVerify(ctx context.Context, raw string, child *Tok
|
|||||||
return nil, fmt.Errorf("parser fail")
|
return nil, fmt.Errorf("parser fail")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var iss didkey.ID
|
||||||
|
// TODO(b5): we're double parsing here b/c the jwt lib we're using doesn't expose
|
||||||
|
// an API (that I know of) for storing parsed issuer / subjects
|
||||||
|
if issStr, ok := mc["iss"].(string); ok {
|
||||||
|
iss, err = didkey.Parse(issStr)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
return nil, fmt.Errorf(`"iss" key is not in claims`)
|
||||||
|
}
|
||||||
|
|
||||||
|
var sub didkey.ID
|
||||||
|
// TODO(b5): we're double parsing here b/c the jwt lib we're using doesn't expose
|
||||||
|
// an API (that I know of) for storing parsed issuer / subjects
|
||||||
|
if subStr, ok := mc["sub"].(string); ok {
|
||||||
|
sub, err = didkey.Parse(subStr)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
return nil, fmt.Errorf(`"sub" key is not in claims`)
|
||||||
|
}
|
||||||
|
|
||||||
var att Attenuations
|
var att Attenuations
|
||||||
if acci, ok := mc[AttKey].([]interface{}); ok {
|
if acci, ok := mc[AttKey].([]interface{}); ok {
|
||||||
for i, a := range acci {
|
for i, a := range acci {
|
||||||
@@ -345,6 +371,8 @@ func (p *TokenParser) parseAndVerify(ctx context.Context, raw string, child *Tok
|
|||||||
|
|
||||||
return &Token{
|
return &Token{
|
||||||
Raw: raw,
|
Raw: raw,
|
||||||
|
Issuer: iss,
|
||||||
|
Subject: sub,
|
||||||
Attenuations: att,
|
Attenuations: att,
|
||||||
Proofs: prf,
|
Proofs: prf,
|
||||||
}, nil
|
}, nil
|
||||||
|
|||||||
Reference in New Issue
Block a user