This repository has been archived by the owner on Oct 26, 2018. It is now read-only.
forked from jitsi/jitsi-slack
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtoken.go
65 lines (56 loc) · 1.37 KB
/
token.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
package jitsi
import (
"crypto/x509"
"time"
jwt "github.com/dgrijalva/jwt-go"
"github.com/vincent-petithory/dataurl"
)
// TokenGenerator generates conference tokens for auth'ed users.
type TokenGenerator struct {
Lifetime time.Duration
PrivateKey string
Issuer string
Audience string
Kid string
}
// CreateJWT generates conference tokens for auth'ed users.
func (g TokenGenerator) CreateJWT(tenantID, tenantName, roomClaim, userID, userName, avatarURL string) (string, error) {
now := time.Now()
exp := now.Add(g.Lifetime)
claims := jwt.MapClaims{
"iss": g.Issuer,
"nbf": now.Unix(),
"exp": exp.Unix(),
"sub": tenantName,
"aud": g.Audience,
"room": roomClaim,
"context": contextClaim{
User: userClaim{
DisplayName: userName,
ID: userID,
AvatarURL: avatarURL,
},
Group: tenantName,
},
}
token := jwt.NewWithClaims(jwt.SigningMethodRS256, claims)
token.Header["kid"] = g.Kid
data, err := dataurl.DecodeString(g.PrivateKey)
if err != nil {
return "", err
}
privateKey, err := x509.ParsePKCS8PrivateKey(data.Data)
if err != nil {
return "", err
}
return token.SignedString(privateKey)
}
type userClaim struct {
ID string `json:"id"`
DisplayName string `json:"name"`
AvatarURL string `json:"avatar"`
}
type contextClaim struct {
User userClaim `json:"user"`
Group string `json:"group"`
}