### Install PASETO Library using Go Get Source: https://github.com/o1egl/paseto/blob/master/README.md Installs the PASETO library for Go projects. This command fetches the latest version of the library and makes it available for use in your Go modules. ```bash go get -u github.com/o1egl/paseto ``` -------------------------------- ### JWT Example (for comparison) Source: https://github.com/o1egl/paseto/blob/master/README.md An example JSON Web Token (JWT) for comparison with PASETO, showcasing its header, body, and signature components. This is often used for authentication and information exchange. ```plaintext eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ ``` -------------------------------- ### PASETO v2 Local Token Example (Golang) Source: https://github.com/o1egl/paseto/blob/master/README.md Demonstrates a PASETO v2 local token, used for shared-key authenticated encryption. It shows the token structure including version, purpose, encrypted payload, and footer. Requires a secret key for decryption. ```plaintext v2.local.QAxIpVe-ECVNI1z4xQbm_qQYomyT3h8FtV8bxkz8pBJWkT8f7HtlOpbroPDEZUKop_vaglyp76CzYy375cHmKCW8e1CCkV0Lflu4GTDyXMqQdpZMM1E6OaoQW27gaRSvWBrR3IgbFIa0AkuUFw.UGFyYWdvbiBJbml0aWF0aXZlIEVudGVycHJpc2Vz ``` -------------------------------- ### PASETO v2 Public Token Example (Golang) Source: https://github.com/o1egl/paseto/blob/master/README.md Illustrates a PASETO v2 public token, utilized for public-key digital signatures. It includes the version, purpose, signed payload, signature, and the public key used for verification. No shared secret is needed for verification. ```plaintext v2.public.eyJleHAiOiIyMDM5LTAxLTAxVDAwOjAwOjAwKzAwOjAwIiwiZGF0YSI6InRoaXMgaXMgYSBzaWduZWQgbWVzc2FnZSJ91gC7-jCWsN3mv4uJaZxZp0btLJgcyVwL-svJD7f4IHyGteKe3HTLjHYTGHI1MtCqJ-ESDLNoE7otkIzamFskCA ``` -------------------------------- ### Sign and Verify Tokens with Asymmetric Key (PASETO Public Mode) Source: https://github.com/o1egl/paseto/blob/master/README.md Illustrates signing and verifying tokens using an asymmetric key pair in PASETO's public mode. This mode is for public-key digital signatures. The `paseto.Sign` function uses a private key to sign a token, and `paseto.Verify` uses the corresponding public key to validate it. ```go b, _ := hex.DecodeString("b4cbfb43df4ce210727d953e4a713307fa19bb7d9f85041438d9e11b942a37741eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2") privateKey := ed25519.PrivateKey(b) b, _ = hex.DecodeString("1eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2") publicKey := ed25519.PublicKey(b) // or create a new keypair // publicKey, privateKey, err := ed25519.GenerateKey(nil) jsonToken := paseto.JSONToken{ Expiration: time.Now().Add(24 * time.Hour), } // Add custom claim to the token jsonToken.Set("data", "this is a signed message") footer := "some footer" // Sign data token, err := paseto.Sign(privateKey, jsonToken, footer) // token = "v2.public.eyJkYXRhIjoidGhpcyBpcyBhIHNpZ25lZCBtZXNzYWdlIiwiZXhwIjoiMjAxOC0wMy0xMlQxOTowODo1NCswMTowMCJ9Ojv0uXlUNXSFhR88KXb568LheLRdeGy2oILR3uyOM_-b7r7i_fX8aljFYUiF-MRr5IRHMBcWPtM0fmn9SOd6Aw.c29tZSBmb290ZXI" // Verify data var newJsonToken paseto.JSONToken var newFooter string err := paseto.Verify(token, publicKey, &newJsonToken, &newFooter) ``` -------------------------------- ### Encrypt and Decrypt Tokens with Symmetric Key (PASETO Local Mode) Source: https://github.com/o1egl/paseto/blob/master/README.md Demonstrates creating and validating tokens using a shared symmetric key in PASETO's local mode. This mode is suitable for symmetric-key encryption (AEAD). The `paseto.Encrypt` function takes a key, payload, and footer to produce a token, while `paseto.Decrypt` reverses the process. ```go symmetricKey := []byte("YELLOW SUBMARINE, BLACK WIZARDRY") // Must be 32 bytes now := time.Now() exp := now.Add(24 * time.Hour) nbt := now jsonToken := paseto.JSONToken{ Audience: "test", Issuer: "test_service", Jti: "123", Subject: "test_subject", IssuedAt: now, Expiration: exp, NotBefore: nbt, } // Add custom claim to the token jsonToken.Set("data", "this is a signed message") footer := "some footer" // Encrypt data token, err := paseto.Encrypt(symmetricKey, jsonToken, footer) // token = "v2.local.E42A2iMY9SaZVzt-WkCi45_aebky4vbSUJsfG45OcanamwXwieieMjSjUkgsyZzlbYt82miN1xD-X0zEIhLK_RhWUPLZc9nC0shmkkkHS5Exj2zTpdNWhrC5KJRyUrI0cupc5qrctuREFLAvdCgwZBjh1QSgBX74V631fzl1IErGBgnt2LV1aij5W3hw9cXv4gtm_jSwsfee9HZcCE0sgUgAvklJCDO__8v_fTY7i_Regp5ZPa7h0X0m3yf0n4OXY9PRplunUpD9uEsXJ_MTF5gSFR3qE29eCHbJtRt0FFl81x-GCsQ9H9701TzEjGehCC6Bhw.c29tZSBmb290ZXI" // Decrypt data var newJsonToken paseto.JSONToken var newFooter string err := paseto.Decrypt(token, symmetricKey, &newJsonToken, &newFooter) ``` -------------------------------- ### Parse PASETO Tokens with Multiple Versions in Go Source: https://github.com/o1egl/paseto/blob/master/README.md This Go code snippet demonstrates how to use the `paseto.Parse` function to parse PASETO tokens supporting both Version 1 and Version 2. It involves decoding public keys from PEM format and ED25519 keys, then passing them to the Parse function along with the token, payload, footer, and symmetric key. Note that Version 1 of the protocol is deprecated. ```go b, err := hex.DecodeString("2d2d2d2d2d424547494e205055424c4943204b45592d2d2d2d2d0d0a4d494942496a414e42676b71686b6947397730424151454641414f43415138414d49494243674b43415145417878636e47724e4f6136426c41523458707050640d0a746146576946386f7279746c4b534d6a66446831314c687956627a4335416967556b706a457274394d7649482f46384d444a72324f39486b36594b454b574b6f0d0a72333566364b6853303679357a714f722b7a4e34312b39626a52365633322b527345776d5a737a3038375258764e41334e687242633264593647736e57336c5a0d0a34356f5341564a755639553667335a334a574138355972362b6350776134793755632f56726f6d7a674679627355656e33476f724254626a783142384f514a440d0a73652f4b6b6855433655693358384264514f473974523455454775742f6c39703970732b3661474d4c57694357495a54615456784d4f75653133596b777038740d0a3148467635747a6872493055635948687638464a6b315a6435386759464158634e797975737834346e6a6152594b595948646e6b4f6a486e33416b534c4d306b0d0a6c774944415141420d0a2d2d2d2d2d454e44205055424c4943204b45592d2d2d2d2d") block, _ := pem.Decode(b) rsaPubInterface, err := x509.ParsePKIXPublicKey(block.Bytes) v1PublicKey := rsaPubInterface.(*rsa.PublicKey) b, _ = hex.DecodeString("1eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2") v2PublicKey := ed25519.PublicKey(b) var payload JSONToken var footer string version, err := paseto.Parse(token, &payload, &footer, symmetricKey, map[paseto.Version]crypto.PublicKey{paseto.V1: v1PublicKey, paseto.V2: v2PublicKey}) ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.