Skip to content
/ pasty Public

Pasty is a wrapper which makes working with Paseto tokens as simple as possible.

License

MIT license
4 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

tsawler/pasty

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
.github/workflows
.github/workflows
 
 
.gitignore
.gitignore
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
license.md
license.md
 
 
pasty.go
pasty.go
 
 
pasty_test.go
pasty_test.go
 
 
readme.md
readme.md
 
 

Repository files navigation

Version Built with GoLang License Go Report Card Tests Go Coverage

Pasty

Pasty is a wrapper which makes working with PASETO tokens as simple as possible. PASETO (Platform-Agnostic SEcurity TOkens) is a specification for secure stateless tokens.

Unlike JSON Web Tokens (JWT), which gives developers more than enough rope with which to hang themselves, PASETO only allows secure operations. JWT gives you "algorithm agility", while PASETO gives you "versioned protocols." It's unlikely that you'll be able to use PASETO insecurely.

This module uses go-paseto to generate and validate tokens.

PASETOs are NOT reusable tokens

PASETOs are not designed to be reusable tokens.

PASETOs should only be used once since they have no built-in mechanism for preventing replay attacks. If an attacker is able to get a hold of a valid PASETO and can use it to make valid requests multiple times then you aren’t using PASETOs correctly.

Installation

Install it in the usual way:

go get -u github.com/tsawler/pasty

Usage

To use this module, import it, and then generate a new Pasty type by calling the New function with the four required parameters:

// The four parameters are token type (public or local), issuer, audience, and identifier.
p, err := pasty.New("public", "issuer.com", "audience.com", "some-id")
if err != nil {
    log.Println(err)
    os.Exit(0)
}

When the above code runs, you have a variable named p of type *pasty.Pasty. With that variable, you can then generate and validate tokens:

// Add some additional claims to the token we're generating.
claims := make(map[string]any)
claims["user-id"] = 1
claims["subject"] = "10"

// Generate the token, and add footer data if you want to.
t, err := p.GenerateToken(time.Now().Add(1*time.Hour), claims, "some footer data")
if err != nil {
    log.Println(err)
    os.Exit(0)
}

// Validate the token:
valid, err := p.ValidatePublicToken(t)
if err != nil {
    log.Println(err)
}

// This will output: "token is valid: true"
fmt.Println("token is valid:", valid)

The full program:

package main

import (
	"fmt"
	"github.com/tsawler/pasty"
	"log"
	"os"
	"time"
)

func main() {
	// The four parameters are token type (public or local), issuer, audience, and identifier.
	p, err := pasty.New("public", "issuer.com", "audience.com", "some-id")
	if err != nil {
		log.Println(err)
		os.Exit(0)
	}

	// Add some additional claims to the token we're generating.
	claims := make(map[string]any)
	claims["user-id"] = 1
	claims["subject"] = "10"

	// Generate the token, and add footer data if you want to.
	t, err := p.GenerateToken(time.Now().Add(1*time.Hour), claims, "some footer data")
	if err != nil {
		log.Println(err)
		os.Exit(0)
	}

	// Validate the token:
	valid, err := p.ValidatePublicToken(t)
	if err != nil {
		log.Println(err)
	}

	// This will output: "token is valid: true"
	fmt.Println("token is valid:", valid)
}

About

Pasty is a wrapper which makes working with Paseto tokens as simple as possible.

Topics

go golang paseto

Resources

Readme

License

MIT license
Activity

Stars

4 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 2

v1.0.1 Latest
Apr 6, 2024
+ 1 release

Packages

No packages published

Languages