auth

package
v0.0.0-...-2873e01 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 29, 2024 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	HttpTokenVerifier func(http.Handler) http.Handler
)
View Source
var (
	TokenIssuer *tokenIssuer
)

Functions

func Anonymous

func Anonymous() *identity

Anonymous constructs and returns new anonymous identity with system anonymous roles

func Authenticated

func Authenticated(id uint64, rr ...uint64) *identity

Authenticated constructs and returns new authenticated identity with assigned roles + system authenticated roles

func DefaultAccessTokenGenerator

func DefaultAccessTokenGenerator(ctx context.Context, req TokenRequest) (string, string, error)

DefaultAccessTokenGenerator uses token generator from oauth2 lib

func ExtractFromSubClaim

func ExtractFromSubClaim(sub string) (userID uint64, rr []uint64)

func HttpTokenValidator

func HttpTokenValidator(scope ...string) func(http.Handler) http.Handler

HttpTokenValidator checks if there is a token with identity and matching scope claim

Empty scope defaults to "api"!

func IdentityFromToken

func IdentityFromToken(token jwt.Token) *identity

IdentityFromToken decodes sub & roles claims into identity

func NewTokenIssuer

func NewTokenIssuer(opt ...IssuerOptFn) (issuer *tokenIssuer, err error)

NewTokenIssuer initializes and returns new instance of JWT manager

func SetIdentityToContext

func SetIdentityToContext(ctx context.Context, identity Identifiable) context.Context

func TokenVerifierMiddlewareWithSecretSigner

func TokenVerifierMiddlewareWithSecretSigner(secret string) (_ func(http.Handler) http.Handler, err error)

TokenVerifierMiddlewareWithSecretSigner returns HTTP handler with simple jwa.HS512 + secret verifier

This should be 1:1 with token issuer!

Types

type Identifiable

type Identifiable interface {
	Identity() uint64
	Roles() []uint64
	Valid() bool
	String() string
}

type IssueOptFn

type IssueOptFn func(*TokenRequest) error

IssueOptFn functions modify TokenRequest

func WithAccessToken

func WithAccessToken(access string) IssueOptFn

func WithAudience

func WithAudience(aud string) IssueOptFn

func WithClientID

func WithClientID(id uint64) IssueOptFn

func WithExpiration

func WithExpiration(e time.Duration) IssueOptFn

func WithIdentity

func WithIdentity(i Identifiable) IssueOptFn

func WithScope

func WithScope(ss ...string) IssueOptFn

type IssuerOptFn

type IssuerOptFn func(*tokenIssuer) error

IssuerOptFn modify toeknIssuer

func WithDefaultClientID

func WithDefaultClientID(ID uint64) IssuerOptFn

WithDefaultClientID configures ID of the default auth client

func WithDefaultExpiration

func WithDefaultExpiration(exp time.Duration) IssuerOptFn

WithDefaultExpiration configures default token expiration time

func WithDefaultIssuer

func WithDefaultIssuer(iss string) IssuerOptFn

WithDefaultIssuer configures default issuer claim

func WithGenerator

func WithGenerator(fn tokenIssuerGenerator) IssuerOptFn

WithGenerator configures generator function

func WithLookup

func WithLookup(fn tokenIssuerLookup) IssuerOptFn

WithLookup configures lookup function

func WithSecretSigner

func WithSecretSigner(secret string) IssuerOptFn

WithSecretSigner configures token issuer with

func WithSigner

func WithSigner(fn tokenIssuerSigner) IssuerOptFn

WithSigner configures signer function

func WithStore

func WithStore(fn tokenIssuerStore) IssuerOptFn

WithStore configures store function

type Signer

type Signer interface {
	Sign(userID uint64, pp ...interface{}) string
	Verify(signature string, userID uint64, pp ...interface{}) bool
}

type TokenRequest

type TokenRequest struct {
	AccessToken  string
	RefreshToken string
	Expiration   time.Duration
	Audience     string
	Issuer       string
	IssuedAt     time.Time
	ClientID     uint64
	UserID       uint64
	Roles        []uint64
	Scope        []string
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL