Add Action field to jwts and make them implement jwt.Claims

00988615 · Sietse Ringers · f634e01e · 00988615 · 00988615
Commit 00988615 authored Aug 29, 2018 by Sietse Ringers
Hide whitespace changes
Inline Side-by-side

Showing with 42 additions and 4 deletions

messages.go messages.go +4 -4

requests.go requests.go +38 -0

No files found.
--- a/messages.go
+++ b/messages.go
@@ -252,14 +252,14 @@ func JwtDecode(jwt string, body interface{}) error {
 	return json.Unmarshal(bodybytes, body)
 }

-func ParseRequestorJwt(action Action, jwt string) (RequestorJwt, error) {
+func ParseRequestorJwt(action string, jwt string) (RequestorJwt, error) {
 	var retval RequestorJwt
 	switch action {
-	case ActionDisclosing:
+	case "verification_request":
 		retval = &ServiceProviderJwt{}
-	case ActionSigning:
+	case "signature_request":
 		retval = &SignatureRequestorJwt{}
-	case ActionIssuing:
+	case "issue_request":
 		retval = &IdentityProviderJwt{}
 	default:
 		return nil, errors.New("Invalid session type")

--- a/requests.go
+++ b/requests.go
@@ -487,8 +487,10 @@ func NewIdentityProviderJwt(servername string, ir *IssuanceRequest) *IdentityPro

 // A RequestorJwt contains an IRMA session object.
 type RequestorJwt interface {
+	Action() Action
 	SessionRequest() SessionRequest
 	Requestor() string
+	Valid() error
 }

 func (jwt *ServerJwt) Requestor() string { return jwt.ServerName }
@@ -501,3 +503,39 @@ func (jwt *SignatureRequestorJwt) SessionRequest() SessionRequest { return jwt.R

 // SessionRequest returns an IRMA session object.
 func (jwt *IdentityProviderJwt) SessionRequest() SessionRequest { return jwt.Request.Request }
+
+func (jwt *ServiceProviderJwt) Valid() error {
+	if jwt.Type != "verification_request" {
+		return errors.New("Verification jwt has invalid subject")
+	}
+	if time.Time(jwt.IssuedAt).After(time.Now()) {
+		return errors.New("Verification jwt not yet valid")
+	}
+	return nil
+}
+
+func (jwt *SignatureRequestorJwt) Valid() error {
+	if jwt.Type != "signature_request" {
+		return errors.New("Signature jwt has invalid subject")
+	}
+	if time.Time(jwt.IssuedAt).After(time.Now()) {
+		return errors.New("Signature jwt not yet valid")
+	}
+	return nil
+}
+
+func (jwt *IdentityProviderJwt) Valid() error {
+	if jwt.Type != "issue_request" {
+		return errors.New("Issuance jwt has invalid subject")
+	}
+	if time.Time(jwt.IssuedAt).After(time.Now()) {
+		return errors.New("Issuance jwt not yet valid")
+	}
+	return nil
+}
+
+func (jwt *ServiceProviderJwt) Action() Action { return ActionDisclosing }
+
+func (jwt *SignatureRequestorJwt) Action() Action { return ActionSigning }
+
+func (jwt *IdentityProviderJwt) Action() Action { return ActionIssuing }