1 files changed, 82 insertions, 0 deletions

diff --git a/kube2msb/src/kube2msb/vendor/github.com/coreos/go-oidc/jose/jwt.go b/kube2msb/src/kube2msb/vendor/github.com/coreos/go-oidc/jose/jwt.go
new file mode 100644
index 0000000..3b3e963
--- /dev/null
+++ b/kube2msb/src/kube2msb/vendor/github.com/coreos/go-oidc/jose/jwt.go
@@ -0,0 +1,82 @@
+package jose
+
+import "strings"
+
+type JWT JWS
+
+func ParseJWT(token string) (jwt JWT, err error) {
+	jws, err := ParseJWS(token)
+	if err != nil {
+		return
+	}
+
+	return JWT(jws), nil
+}
+
+func NewJWT(header JOSEHeader, claims Claims) (jwt JWT, err error) {
+	jwt = JWT{}
+
+	jwt.Header = header
+	jwt.Header[HeaderMediaType] = "JWT"
+
+	claimBytes, err := marshalClaims(claims)
+	if err != nil {
+		return
+	}
+	jwt.Payload = claimBytes
+
+	eh, err := encodeHeader(header)
+	if err != nil {
+		return
+	}
+	jwt.RawHeader = eh
+
+	ec, err := encodeClaims(claims)
+	if err != nil {
+		return
+	}
+	jwt.RawPayload = ec
+
+	return
+}
+
+func (j *JWT) KeyID() (string, bool) {
+	kID, ok := j.Header[HeaderKeyID]
+	return kID, ok
+}
+
+func (j *JWT) Claims() (Claims, error) {
+	return decodeClaims(j.Payload)
+}
+
+// Encoded data part of the token which may be signed.
+func (j *JWT) Data() string {
+	return strings.Join([]string{j.RawHeader, j.RawPayload}, ".")
+}
+
+// Full encoded JWT token string in format: header.claims.signature
+func (j *JWT) Encode() string {
+	d := j.Data()
+	s := encodeSegment(j.Signature)
+	return strings.Join([]string{d, s}, ".")
+}
+
+func NewSignedJWT(claims Claims, s Signer) (*JWT, error) {
+	header := JOSEHeader{
+		HeaderKeyAlgorithm: s.Alg(),
+		HeaderKeyID:        s.ID(),
+	}
+
+	jwt, err := NewJWT(header, claims)
+	if err != nil {
+		return nil, err
+	}
+
+	sig, err := s.Sign([]byte(jwt.Data()))
+	if err != nil {
+		return nil, err
+	}
+	jwt.Signature = sig
+
+	return &jwt, nil
+}