Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrTokenExpired = errors.New("token expired") ErrInvalidToken = errors.New("invalid token") )
Functions ¶
This section is empty.
Types ¶
type BoolValue ¶
type BoolValue struct {
Value bool `json:"value,omitempty"`
}
BoolValue allows override boolean option.
type ConnectToken ¶
type ConnectToken struct { // UserID tells an ID of connecting user. UserID string // ExpireAt allows setting time in future when connection must be validated. // Validation can be server-side using On().Refresh callback or client-side // if On().Refresh not set. ExpireAt int64 // Info contains additional information about connection. It will be // included into Join/Leave messages, into Alive information, also // info becomes a part of published message if it was published from // client directly. In some cases having additional info can be an // overhead – but you are simply free to not use it. Info []byte // Meta is custom data to append to a connection. Can be retrieved later // for connection inspection. Never sent in a client protocol and accessible // from a backend-side only. Meta json.RawMessage // Subs is a map of channels to subscribe server-side with options. Subs map[string]centrifuge.SubscribeOptions }
type ConnectTokenClaims ¶
type ConnectTokenClaims struct { ExpireAt *int64 `json:"expire_at,omitempty"` Info json.RawMessage `json:"info,omitempty"` Base64Info string `json:"b64info,omitempty"` Channels []string `json:"channels,omitempty"` Subs map[string]SubscribeOptions `json:"subs,omitempty"` Meta json.RawMessage `json:"meta,omitempty"` // Channel must never be set in connection tokens. We check this on verifying. Channel string `json:"channel,omitempty"` jwt.RegisteredClaims }
type Decoder ¶
type Decoder struct{}
func (*Decoder) DecodeConnectClaims ¶
func (d *Decoder) DecodeConnectClaims(data []byte) (*ConnectTokenClaims, error)
func (*Decoder) DecodeSubscribeClaims ¶
func (d *Decoder) DecodeSubscribeClaims(data []byte) (*SubscribeTokenClaims, error)
type SubscribeOptionOverride ¶
type SubscribeOptionOverride struct { // Presence turns on participating in channel presence. Presence *BoolValue `json:"presence,omitempty"` // JoinLeave enables sending Join and Leave messages for this client in channel. JoinLeave *BoolValue `json:"join_leave,omitempty"` // ForcePushJoinLeave forces sending join/leave for this client. ForcePushJoinLeave *BoolValue `json:"force_push_join_leave,omitempty"` // ForcePositioning on says that client will additionally sync its position inside // a stream to prevent message loss. Make sure you are enabling ForcePositioning in channels // that maintain Publication history stream. When ForcePositioning is on Centrifuge will // include StreamPosition information to subscribe response - for a client to be able // to manually track its position inside a stream. ForcePositioning *BoolValue `json:"force_positioning,omitempty"` // ForceRecovery turns on recovery option for a channel. In this case client will try to // recover missed messages automatically upon resubscribe to a channel after reconnect // to a server. This option also enables client position tracking inside a stream // (like ForcePositioning option) to prevent occasional message loss. Make sure you are using // ForceRecovery in channels that maintain Publication history stream. ForceRecovery *BoolValue `json:"force_recovery,omitempty"` }
SubscribeOptionOverride to override configured behaviour of subscriptions.
type SubscribeOptions ¶
type SubscribeOptions struct { // Info defines custom channel information, zero value means no channel information. Info json.RawMessage `json:"info,omitempty"` // Base64Info is like Info but for binary. Base64Info string `json:"b64info,omitempty"` // Data to send to a client with Subscribe Push. Data json.RawMessage `json:"data,omitempty"` // Base64Data is like Data but for binary data. Base64Data string `json:"b64data,omitempty"` // Override channel options can contain channel options overrides. Override *SubscribeOptionOverride `json:"override,omitempty"` }
SubscribeOptions define per-subscription options.
type SubscribeToken ¶
type SubscribeToken struct { // UserID tells an ID of subscribing user. UserID string // Channel client wants to subscribe. Will be compared with channel in // subscribe command. Channel string // Client is a deprecated claim for compatibility with Centrifugo v3. Client string // Options for subscription. Options centrifuge.SubscribeOptions }
type SubscribeTokenClaims ¶
type SubscribeTokenClaims struct { jwt.RegisteredClaims SubscribeOptions Channel string `json:"channel,omitempty"` Client string `json:"client,omitempty"` ExpireAt *int64 `json:"expire_at,omitempty"` }
type Verifier ¶
type Verifier interface { VerifyConnectToken(token string) (ConnectToken, error) VerifySubscribeToken(token string) (SubscribeToken, error) }
type VerifierConfig ¶
type VerifierConfig struct { // HMACSecretKey is a secret key used to validate connection and subscription // tokens generated using HMAC. Zero value means that HMAC tokens won't be allowed. HMACSecretKey string // RSAPublicKey is a public key used to validate connection and subscription // tokens generated using RSA. Zero value means that RSA tokens won't be allowed. RSAPublicKey *rsa.PublicKey // ECDSAPublicKey is a public key used to validate connection and subscription // tokens generated using ECDSA. Zero value means that ECDSA tokens won't be allowed. ECDSAPublicKey *ecdsa.PublicKey // JWKSPublicEndpoint is a public url used to validate connection and subscription // tokens generated using rotating RSA public keys. Zero value means that JSON Web Key Sets // extension won't be used. JWKSPublicEndpoint string // Audience when set will enable audience token check. See // https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.3. Audience string // AudienceRegex allows setting Audience in form of Go language regex pattern. Regex groups // may be then used in constructing JWKSPublicEndpoint. AudienceRegex string // Issuer when set will enable a check that token issuer matches configured string. // See https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.1. Issuer string // IssuerRegex allows setting Issuer in form of Go language regex pattern. Regex groups // may be then used in constructing JWKSPublicEndpoint. IssuerRegex string }
func (VerifierConfig) Validate ¶
func (c VerifierConfig) Validate() error
type VerifierJWT ¶
type VerifierJWT struct {
// contains filtered or unexported fields
}
func NewTokenVerifierJWT ¶
func NewTokenVerifierJWT(config VerifierConfig, ruleContainer *rule.Container) (*VerifierJWT, error)
func (*VerifierJWT) Reload ¶
func (verifier *VerifierJWT) Reload(config VerifierConfig) error
func (*VerifierJWT) VerifyConnectToken ¶
func (verifier *VerifierJWT) VerifyConnectToken(t string) (ConnectToken, error)
func (*VerifierJWT) VerifySubscribeToken ¶
func (verifier *VerifierJWT) VerifySubscribeToken(t string) (SubscribeToken, error)
Click to show internal directories.
Click to hide internal directories.