auth

package
v3.5.0+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 29, 2018 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// TokenValidPeriod is the default amount of minutes a token is valid
	TokenValidPeriod = 60
)

Variables

View Source 
var (
	// ErrTokenMalformed is the message to return for a malformed token.
	ErrTokenMalformed = errors.New("token malformed")

	// ErrTokenExpired is the message to return for an expired token.
	ErrTokenExpired = errors.New("token expired or not yet valid")

	// ErrTokenInvalid is the message to return for an invalid token.
	ErrTokenInvalid = errors.New("invalid token")
)

Functions

func ContextWithConsumer 

func ContextWithConsumer(parent context.Context, consumer Consumer) context.Context

ContextWithConsumer takes a context and a service consumer and returns a new context with the consumer embedded.

func EnsureRequestID 

func EnsureRequestID(next http.Handler) http.Handler

EnsureRequestID will create a Request ID header if one is not found. It will then place the request ID into the request's context.

func HandlerGrants 

func HandlerGrants(grants []string, next http.HandlerFunc) http.HandlerFunc

HandlerGrants is an HTTP handler to check that the consumer in the request context has the required grants.

func HandlerValidateJWT 

func HandlerValidateJWT(pk *rsa.PublicKey, next http.HandlerFunc) http.HandlerFunc

HandlerValidateJWT takes a JWT from the request headers, attempts validation and returns a http handler.

func NewContextWithRequestID 

func NewContextWithRequestID(c context.Context, r *http.Request) context.Context

NewContextWithRequestID takes a context and an *http.Request and returns a new context with the RequestID.

func ParseJWT 

func ParseJWT(pk *rsa.PublicKey, raw string) (*jwt.Token, error)

ParseJWT parses a JWT string and checks its signature validity DEPRECATED: This should no longer be used in favour of creating a tokeniser

func RequestIDFromContext 

func RequestIDFromContext(c context.Context) string

RequestIDFromContext extracts the RequestID from the supplied context.

func RespondToJWT 

func RespondToJWT(pk *rsa.PublicKey, raw string, responder JWTResponder)

RespondToJWT takes the raw JWT and the public RSA key

Types

type Claims 

type Claims struct {
	Consumer Consumer `json:"consumer"`
	jwt.StandardClaims
}

Claims hold the JWT claims to user for a token

type Consumer 

type Consumer struct {
	ID        int64    `json:"id"`
	FirstName string   `json:"first_name"`
	LastName  string   `json:"last_name"`
	Language  string   `json:"language"`
	Grants    []string `json:"grants"`
}

Consumer represents an API user

func ConsumerFor 

func ConsumerFor(token *jwt.Token) (*Consumer, error)

ConsumerFor derives the Consumer from the JWT claims DEPRECATED: This should no longer be used in favour of creating a tokeniser

func ConsumerFromContext 

func ConsumerFromContext(c context.Context) Consumer

ConsumerFromContext extracts the consumer from the supplied context.

func (*Consumer) HasAnyGrant 

func (c *Consumer) HasAnyGrant(grants ...string) bool

HasAnyGrant checks if a consumer possess any of a given set of grants

func (*Consumer) IsUser 

func (c *Consumer) IsUser(userID int64) bool

IsUser checks if a consumer has the same ID as a user

type ErrAssertClaims 

type ErrAssertClaims struct {
	// contains filtered or unexported fields
}

ErrAssertClaims is thrown when asserting the type of claims

func (*ErrAssertClaims) Error 

func (e *ErrAssertClaims) Error() string

type ErrUnexpectedSigningMethod 

type ErrUnexpectedSigningMethod struct {
	// contains filtered or unexported fields
}

ErrUnexpectedSigningMethod is thrown when parsing a JWT encounters an unexpected signature method.

func (*ErrUnexpectedSigningMethod) Error 

func (e *ErrUnexpectedSigningMethod) Error() string

type JWTResponder 

type JWTResponder interface {
	OnUnauthorizedErr(err error)
	OnComplete(token *jwt.Token)
}

JWTResponder defines the behaviour of validating a JWT

type Tokeniser 

type Tokeniser struct {
	// contains filtered or unexported fields
}

Tokeniser is the auth tokeniser for JSON Web Tokens

func NewMockTokeniser 

func NewMockTokeniser() (*Tokeniser, error)

NewMockTokeniser creates a new tokeniser with a random key pair

func NewTokeniser 

func NewTokeniser(privateKey *rsa.PrivateKey, publicKey *rsa.PublicKey, issuer string) *Tokeniser

NewTokeniser returns a new JWT instance

func NewTokeniserFromKeyPair 

func NewTokeniserFromKeyPair(privateKeyB, publicKeyB []byte, issuer string) (*Tokeniser, error)

NewTokeniserFromKeyPair parses a public key to

func NewTokeniserFromPublicKey 

func NewTokeniserFromPublicKey(pkb []byte) (*Tokeniser, error)

NewTokeniserFromPublicKey parses a public key to

func (*Tokeniser) GenerateToken 

func (t *Tokeniser) GenerateToken(consumer *Consumer) (string, error)

GenerateToken generates and returns an authentication token.

func (*Tokeniser) GetTokenConsumer 

func (t *Tokeniser) GetTokenConsumer(raw string) *Consumer

GetTokenConsumer returns the consumer details for a given auth token.

func (*Tokeniser) GetTokenExpiry 

func (t *Tokeniser) GetTokenExpiry(raw string) time.Time

GetTokenExpiry returns the expiry date for a given auth token.

func (*Tokeniser) ParseToken 

func (t *Tokeniser) ParseToken(raw string) (*jwt.Token, error)

ParseToken takes a string and returns a valid jwt token

func (*Tokeniser) ValidateToken 

func (t *Tokeniser) ValidateToken(raw string) (bool, error)

ValidateToken validates an authentication token and returns true/false based upon the result.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.