jwthttp

package
v0.249.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 7, 2021 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DefaultUnauthHandler

func DefaultUnauthHandler(w http.ResponseWriter, r *http.Request, err error)

DefaultUnauthHandler is used when a middleware is created without a custom unauth handler

If error defines its own http status, use that, otherwise respond 403 forbidden

Does not attach a body to the response.

func HiddenEndpoint

func HiddenEndpoint(w http.ResponseWriter, r *http.Request, err error)

HiddenEndpoint is an unauth handler that hides the existence of the protected resource Does not send any error details.

Types

type Auth

type Auth struct {
	// Headers to search for a bearer token
	// Leaving empty will cause the authenticator to authenticate against an empty string
	// This is useful for use in local without jwts
	Headers []string

	// Authenticator is the authenticator used to verify jwts
	jwtauth.Authenticator

	// UnauthHandler handles the response in the case of a unauthenticated request
	// Leaving nil will default to a bare 401 response
	UnauthHandler func(http.ResponseWriter, *http.Request, error)

	// Authorisers store the authorisers that will get applied by this auth struct.
	Authorisers []jwtauth.Authoriser
}

Auth can authenticate and authorize requests.

func AuthFromConfig

func AuthFromConfig(ctx context.Context, c *Config, client func(string) *http.Client) (*Auth, error)

AuthFromConfig creates an auth middleware from config.

func (Auth) Auth

func (a Auth) Auth() func(http.Handler) http.Handler

Auth is a middleware function. It takes a handler and produces a new handler that authenticates and authorises requests before passing them to the given handler.

func (Auth) AuthAllowAnon

func (a Auth) AuthAllowAnon() func(http.Handler) http.Handler

AuthAllowAnon is a middleware function. It takes a handler and produces a new handler that authenticates and authorises requests before passing them to the given handler.

If an authorization header is present, the contained JWT is validated. Otherwise, middleware processing continues. AllowAnon is useful where claims (if present) are required by a middleware stack, but not all endpoints in a mux require a jwt to be present.

In this situation, authenticated endpoints each require an additional Auth middleware (which will reuse the authenticated claims).

func (*Auth) AuthenticateRequest

func (a *Auth) AuthenticateRequest(req *http.Request) (jwtauth.Claims, error)

AuthenticateRequest authenticates the request

Returns the claims contained in the jwt, or an error if unable to authenticate.

func (Auth) Authorise

func (a Auth) Authorise(claims jwtauth.Claims) error

Authorise implements jwtauth.Authoriser

Applies each stored outhoriser in order that it was added to the auth struct.

func (Auth) WithAuthorisers

func (a Auth) WithAuthorisers(authorisers ...jwtauth.Authoriser) *Auth

func (Auth) WithUnauthHandler

func (a Auth) WithUnauthHandler(handler func(http.ResponseWriter, *http.Request, error)) *Auth

WithUnauthHandler creates a new auth object with the unauth handler set

This allows defining custom response behaviour on a per-route basis.

type Config

type Config struct {
	jwtauth.Config `mapstructure:",squash"`
	Headers        []string `json:"headers" yaml:"headers" mapstructure:"headers"`
}

Config defines authentication config for an http middleware.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL