The highest tagged major version is
README
¶
gocloak-echo
Keycloak handler & middleware for echo
This project is still WiP and the interfaces might change pretty often
Supported authentication flows:
- Direct Grant Flow
Use this together with the keycloak client gocloak
Usage examples
- Install the package
go get "github.com/Nerzal/gocloak/v4"
// AuthenticationHandler is used to authenticate with the api
type AuthenticationHandler interface {
AuthenticateClient(Authenticate) (*gocloak.JWT, error)
AuthenticateUser(Authenticate) (*gocloak.JWT, error)
RefreshToken(Refresh) (*gocloak.JWT, error)
}
// AuthenticationMiddleWare is used to validate the JWT
type AuthenticationMiddleWare interface {
CheckToken(next echo.HandlerFunc) echo.HandlerFunc
CheckTokenCustomHeader(next echo.HandlerFunc) echo.HandlerFunc
CheckScope(next echo.HandlerFunc) echo.HandlerFunc
DecodeAndValidateToken(next echo.HandlerFunc) echo.HandlerFunc
}
Compatibility Matrix
This middleware uses echo and gocloak. Choose the right version for you
| Versions | Compatibility |
|---|---|
| gockloak-echo/v3 | gocloak/v3, echo/v3 |
| gockloak-echo/v4 | gocloak/v3, echo/v4 |
License
Documentation
¶
Index ¶
Constants ¶
const (
// KeyRealm is used as realm key constant
KeyRealm = "realm"
)
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Authenticate ¶
type Authenticate struct {
ClientID string `json:"clientID"`
ClientSecret string `json:"clientSecret"`
Realm string `json:"realm,omitempty"`
Scope string `json:"scope,omitempty"`
UserName *string `json:"username,omitempty"`
Password *string `json:"password,omitempty"`
}
Authenticate holds authentication information
type AuthenticationHandler ¶
type AuthenticationHandler interface {
AuthenticateClient(Authenticate) (*JWT, error)
AuthenticateUser(Authenticate) (*JWT, error)
RefreshToken(Refresh) (*JWT, error)
}
AuthenticationHandler is used to authenticate with the api
func NewAuthenticationHandler ¶
func NewAuthenticationHandler(gocloak gocloak.GoCloak, realm *string) AuthenticationHandler
NewAuthenticationHandler instantiates a new AuthenticationHandler Setting realm is optional noinspection GoUnusedExportedFunction
type AuthenticationMiddleWare ¶
type AuthenticationMiddleWare interface {
// Decodes the token and checks if it is valid
DecodeAndValidateToken(next echo.HandlerFunc) echo.HandlerFunc
CheckToken(next echo.HandlerFunc) echo.HandlerFunc
// The following 2 methods need higher permissions of the client in the realm
CheckTokenCustomHeader(next echo.HandlerFunc) echo.HandlerFunc
CheckScope(next echo.HandlerFunc) echo.HandlerFunc
}
AuthenticationMiddleWare is used to validate the JWT
func NewDirectGrantMiddleware ¶
func NewDirectGrantMiddleware(gocloak gocloak.GoCloak, realm, clientID, clientSecret, allowedScope string, customHeaderName *string) AuthenticationMiddleWare
NewDirectGrantMiddleware instantiates a new AuthenticationMiddleWare when using the Keycloak Direct Grant aka Resource Owner Password Credentials Flow
see https://www.keycloak.org/docs/latest/securing_apps/index.html#_resource_owner_password_credentials_flow and https://tools.ietf.org/html/rfc6749#section-4.3 for more information about this flow noinspection GoUnusedExportedFunction
type JWT ¶
type JWT struct {
AccessToken string `json:"accessToken"`
ExpiresIn int `json:"expiresIn"`
RefreshExpiresIn int `json:"refreshExpiresIn"`
RefreshToken string `json:"refreshToken"`
TokenType string `json:"tokenType"`
NotBeforePolicy int `json:"notBeforePolicy"`
SessionState string `json:"sessionState"`
Scope string `json:"scope"`
}
JWT is a JWT
Source Files