aea52c7fb5
The exported StringSet type is not necessary for the current use case of validating issues and audiences. The exported fields on VerifyOptions have been changed to require string slices. The collections package has been removed and the StringSet has been moved to the token package, where it is used. Signed-off-by: Stephen J Day <stephen.day@docker.com>
59 lines
1.5 KiB
Go
59 lines
1.5 KiB
Go
package token
|
|
|
|
import (
|
|
"encoding/base64"
|
|
"errors"
|
|
"strings"
|
|
)
|
|
|
|
// joseBase64UrlEncode encodes the given data using the standard base64 url
|
|
// encoding format but with all trailing '=' characters ommitted in accordance
|
|
// with the jose specification.
|
|
// http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-31#section-2
|
|
func joseBase64UrlEncode(b []byte) string {
|
|
return strings.TrimRight(base64.URLEncoding.EncodeToString(b), "=")
|
|
}
|
|
|
|
// joseBase64UrlDecode decodes the given string using the standard base64 url
|
|
// decoder but first adds the appropriate number of trailing '=' characters in
|
|
// accordance with the jose specification.
|
|
// http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-31#section-2
|
|
func joseBase64UrlDecode(s string) ([]byte, error) {
|
|
switch len(s) % 4 {
|
|
case 0:
|
|
case 2:
|
|
s += "=="
|
|
case 3:
|
|
s += "="
|
|
default:
|
|
return nil, errors.New("illegal base64url string")
|
|
}
|
|
return base64.URLEncoding.DecodeString(s)
|
|
}
|
|
|
|
// actionSet is a special type of stringSet.
|
|
type actionSet struct {
|
|
stringSet
|
|
}
|
|
|
|
func newActionSet(actions ...string) actionSet {
|
|
return actionSet{newStringSet(actions...)}
|
|
}
|
|
|
|
// Contains calls StringSet.Contains() for
|
|
// either "*" or the given action string.
|
|
func (s actionSet) contains(action string) bool {
|
|
return s.stringSet.contains("*") || s.stringSet.contains(action)
|
|
}
|
|
|
|
// contains returns true if q is found in ss.
|
|
func contains(ss []string, q string) bool {
|
|
for _, s := range ss {
|
|
if s == q {
|
|
return true
|
|
}
|
|
}
|
|
|
|
return false
|
|
}
|