README
¶
Gin Cognito JWT Authentication Middleware
This is a JWT auth Gin middleware to validate JWT token issued by AWS Cognito identity manager. The implementation of this middleware is based on the AWS documentation on how to verify the JWT token
Here is an example of how can this be invoked. It should be attached to all endpoint you would want to authenticate against the user.
package main
import (
"github.com/gin-gonic/gin"
"github.com/akhettar/gin-jwt-cognito"
)
func main() {
// Creates a gin router with default middleware:
router := gin.Default()
// Create Cognito JWT auth middleware and set it in all authenticated endpoints
mw, err := jwt.AuthJWTMiddleware("<some_iss>", "<some_userpool_id>", "region")
if err != nil {
panic(err)
}
router.GET("/someGet", mw.MiddlewareFunc(), func(context *gin.Context) {
// some implementation
})
router.POST("/somePost", mw.MiddlewareFunc(), func(context *gin.Context) {
// some implementation
})
router.PUT("/somePut", mw.MiddlewareFunc(), func(context *gin.Context) {
// some implementation
})
// By default it serves on :8080 unless a
// PORT environment variable was defined.
router.Run()
}
License
Documentation
¶
Index ¶
Examples ¶
Constants ¶
View Source
const ( // AuthenticateHeader the Gin authenticate header AuthenticateHeader = "WWW-Authenticate" // AuthorizationHeader the auth header that gets passed to all services AuthorizationHeader = "Authentication" // Forward slash character ForwardSlash = "/" // HEADER used by the JWT middle ware HEADER = "header" // IssuerFieldName the issuer field name IssuerFieldName = "iss" )
Variables ¶
View Source
var ( // AuthHeaderEmptyError thrown when an empty Authorization header is received AuthHeaderEmptyError = errors.New("auth header empty") // InvalidAuthHeaderError thrown when an invalid Authorization header is received InvalidAuthHeaderError = errors.New("invalid auth header") )
Functions ¶
This section is empty.
Types ¶
type AuthMiddleware ¶
type AuthMiddleware struct {
Unauthorized func(*gin.Context, int, string)
Timeout time.Duration
// TokenLookup the header name of the token
TokenLookup string
// TimeFunc
TimeFunc func() time.Time
// Realm name to display to the user. Required.
Realm string
// to verify issuer
VerifyIssuer bool
// Region aws region
Region string
// UserPoolID the cognito user pool id
UserPoolID string
// The issuer
Iss string
// JWK public JSON Web Key (JWK) for your user pool
JWK map[string]JWKKey
}
AuthMiddleware middleware
Example ¶
package main
import (
jwt "github.com/akhettar/gin-jwt-cognito"
"github.com/gin-gonic/gin"
)
func main() {
// Creates a gin router with default middleware:
router := gin.Default()
// Create Cognito JWT auth middleware and set it in all authenticated endpoints
mw, err := jwt.AuthJWTMiddleware("<some_iss>", "<some_userpool_id>", "region")
if err != nil {
panic(err)
}
router.GET("/someGet", mw.MiddlewareFunc(), func(context *gin.Context) {
// some implementation
})
router.POST("/somePost", mw.MiddlewareFunc(), func(context *gin.Context) {
// some implementation
})
router.PUT("/somePut", mw.MiddlewareFunc(), func(context *gin.Context) {
// some implementation
})
// By default it serves on :8080 unless a
// PORT environment variable was defined.
router.Run()
}
Output:
func AuthJWTMiddleware ¶
func AuthJWTMiddleware(iss, userPoolID, region string) (*AuthMiddleware, error)
AuthJWTMiddleware create an instance of the middle ware function
func (*AuthMiddleware) MiddlewareFunc ¶
func (mw *AuthMiddleware) MiddlewareFunc() gin.HandlerFunc
MiddlewareFunc implements the Middleware interface.
func (*AuthMiddleware) MiddlewareInit ¶
func (mw *AuthMiddleware) MiddlewareInit()
MiddlewareInit initialize jwt configs.
Source Files
Click to show internal directories.
Click to hide internal directories.