package token import ( "encoding/base64" "errors" "strings" ) // joseBase64UrlEncode encodes the given data using the standard base64 url // encoding format but with all trailing '=' characters omitted in accordance // with the jose specification. // http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-31#section-2 func joseBase64UrlEncode(b []byte) string { return strings.TrimRight(base64.URLEncoding.EncodeToString(b), "=") } // joseBase64UrlDecode decodes the given string using the standard base64 url // decoder but first adds the appropriate number of trailing '=' characters in // accordance with the jose specification. // http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-31#section-2 func joseBase64UrlDecode(s string) ([]byte, error) { switch len(s) % 4 { case 0: case 2: s += "==" case 3: s += "=" default: return nil, errors.New("illegal base64url string") } return base64.URLEncoding.DecodeString(s) } // actionSet is a special type of stringSet. type actionSet struct { stringSet } func newActionSet(actions ...string) actionSet { return actionSet{newStringSet(actions...)} } // Contains calls StringSet.Contains() for // either "*" or the given action string. func (s actionSet) contains(action string) bool { return s.stringSet.contains("*") || s.stringSet.contains(action) } // contains returns true if q is found in ss. func contains(ss []string, q string) bool { for _, s := range ss { if s == q { return true } } return false } // containsAny returns true if any of q is found in ss. func containsAny(ss []string, q []string) bool { for _, s := range ss { if contains(q, s) { return true } } return false }