Skip to content

Commit b1ff48a

Browse files
hupe1980hupe1980
committed
Rename KMS types and update related functions for clarity and consistency
1 parent 2392256 commit b1ff48a

File tree

2 files changed

+13
-13
lines changed

2 files changed

+13
-13
lines changed

kms.go

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -30,24 +30,24 @@ type KMSClient interface {
3030
// It allows customization of the cache used for storing and retrieving public keys.
3131
// The default cache is a no-op cache, which means it does not store any keys.
3232
// You can provide a custom cache implementation that implements the Cache interface.
33-
type KMSOptions struct {
33+
type KMSSignerOptions struct {
3434
Cache Cache // Cache for storing and retrieving public keys
3535
RotatedKeyIDs []string // A list of key IDs that have been rotated out of active use but are still included in the JWKS
3636
}
3737

38-
// KMS represents a signer that uses AWS Key Management Service (KMS) to sign JWT tokens.
39-
type KMS struct {
38+
// KMSSigner represents a signer that uses AWS Key Management Service (KMS) to sign JWT tokens.
39+
type KMSSigner struct {
4040
kmsClient KMSClient // AWS KMS client
4141
keyID string // The ID of the KMS key used for signing
4242
alg types.SigningAlgorithmSpec // The signing algorithm to use
4343
cache Cache // Cache for storing and retrieving public keys
4444
rotatedKeyIDs []string // A list of key IDs that have been rotated out of active use but are still included in the JWKS
4545
}
4646

47-
// NewKMS creates a new instance of KMS with the given client, key ID, and signing algorithm.
47+
// NewKMSSigner creates a new instance of KMSSigner with the given client, key ID, and signing algorithm.
4848
// It also accepts optional configuration functions to customize the KMSOptions.
49-
func NewKMS(kmsClient KMSClient, keyID string, alg types.SigningAlgorithmSpec, optFns ...func(o *KMSOptions)) Signer {
50-
opts := KMSOptions{
49+
func NewKMSSigner(kmsClient KMSClient, keyID string, alg types.SigningAlgorithmSpec, optFns ...func(o *KMSSignerOptions)) Signer {
50+
opts := KMSSignerOptions{
5151
Cache: NewNoopCache(), // Default to a no-op cache
5252
RotatedKeyIDs: make([]string, 0),
5353
}
@@ -57,7 +57,7 @@ func NewKMS(kmsClient KMSClient, keyID string, alg types.SigningAlgorithmSpec, o
5757
fn(&opts)
5858
}
5959

60-
return &KMS{
60+
return &KMSSigner{
6161
kmsClient: kmsClient,
6262
keyID: keyID,
6363
alg: alg,
@@ -75,7 +75,7 @@ func NewKMS(kmsClient KMSClient, keyID string, alg types.SigningAlgorithmSpec, o
7575
// Returns:
7676
// - The signed JWT token as a string.
7777
// - An error if the signing process fails.
78-
func (s *KMS) SignToken(ctx context.Context, token *jwt.Token) (string, error) {
78+
func (s *KMSSigner) SignToken(ctx context.Context, token *jwt.Token) (string, error) {
7979
// Serialize the token into a string for signing
8080
tokenString, err := token.SigningString()
8181
if err != nil {
@@ -124,7 +124,7 @@ func (s *KMS) SignToken(ctx context.Context, token *jwt.Token) (string, error) {
124124
// Returns:
125125
// - A JWKS containing the public key(s) for verifying the token signature.
126126
// - An error if retrieving the public key or constructing the JWKS fails.
127-
func (s *KMS) GetJWKS(ctx context.Context) (*JWKS, error) {
127+
func (s *KMSSigner) GetJWKS(ctx context.Context) (*JWKS, error) {
128128
// Map the KMS signing algorithm to the corresponding JWT signing method.
129129
signingMethod := getSigningMethod(s.alg)
130130
if signingMethod == nil {
@@ -157,7 +157,7 @@ func (s *KMS) GetJWKS(ctx context.Context) (*JWKS, error) {
157157
}
158158

159159
// getPublicKeyJWK retrieves the public key for a given key ID and constructs a JWK.
160-
func (s *KMS) getPublicKeyJWK(ctx context.Context, keyID string, signingMethod jwt.SigningMethod) (JWK, error) {
160+
func (s *KMSSigner) getPublicKeyJWK(ctx context.Context, keyID string, signingMethod jwt.SigningMethod) (JWK, error) {
161161
// Check if the public key is already in the cache
162162
if cachedKey, found := s.cache.Get(ctx, keyID); found {
163163
// Construct the JWK from the cached key
@@ -187,12 +187,12 @@ func (s *KMS) getPublicKeyJWK(ctx context.Context, keyID string, signingMethod j
187187
}
188188

189189
// SigningMethod returns the JWT signing method corresponding to the KMS signing algorithm.
190-
func (s *KMS) SigningMethod() jwt.SigningMethod {
190+
func (s *KMSSigner) SigningMethod() jwt.SigningMethod {
191191
return getSigningMethod(s.alg)
192192
}
193193

194194
// KeyID returns the ID of the KMS key used for signing.
195-
func (s *KMS) KeyID() string {
195+
func (s *KMSSigner) KeyID() string {
196196
return s.keyID
197197
}
198198

kms_test.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,7 @@ func TestKMSSigner(t *testing.T) {
5050
mockClient := &mockKMSClient{}
5151
keyID := "kms-key-id"
5252
alg := types.SigningAlgorithmSpecRsassaPkcs1V15Sha256
53-
kmsSigner := NewKMS(mockClient, keyID, alg)
53+
kmsSigner := NewKMSSigner(mockClient, keyID, alg)
5454

5555
t.Run("SignToken", func(t *testing.T) {
5656
// Create a JWT token

0 commit comments

Comments
 (0)