Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // ErrTokenNotFound is returned if the JWT can't be extracted from the request. ErrTokenNotFound = errors.New("Required authorization token not found") // ErrInvalidToken is returned if the JWT can't be parsed. ErrInvalidToken = errors.New("Token could not be parsed") // ErrInvalidSigningMethod is returned if the JWT specifies a different // signing algorithm than the expected one. ErrInvalidSigningMethod = errors.New("Token specifies an invalid signing algorithm") // ErrInvalidClaims is returned if the JWT claims fail to validate (e.g., the // token has expired). ErrInvalidClaims = errors.New("Token claims are invalid") )
Functions ¶
func DefaultErrorHandler ¶
func DefaultErrorHandler(w http.ResponseWriter, r *http.Request, err error)
DefaultErrorHandler returns 401 Unauthorized with the reason in the body.
Types ¶
type ErrorHandler ¶
type ErrorHandler func(w http.ResponseWriter, r *http.Request, err error)
ErrorHandler takes any errors that are returned while validating a JWT and is expected to handle it accordingly.
type JWTMiddleware ¶
type JWTMiddleware struct {
Options Options
}
JWTMiddleware represents the middleware, extracting the token and validating it before passing control to the next handler.
func New ¶
func New(opts Options) *JWTMiddleware
New constructs a new JWTMiddleware instance with supplied options.
func (*JWTMiddleware) Handler ¶
func (m *JWTMiddleware) Handler(h http.Handler) http.HandlerFunc
Handler wraps the given HTTP handler with the JWT-validating middleware
func (*JWTMiddleware) HandlerFunc ¶
func (m *JWTMiddleware) HandlerFunc(f func(w http.ResponseWriter, r *http.Request)) http.HandlerFunc
HandlerFunc wraps the given HTTP handler function with the JWT-validating middleware
type Options ¶
type Options struct { // The function that will return the Key to validate the JWT. // It can be either a shared secret or a public key. // Default value: nil ValidationKeyGetter jwt.Keyfunc // The name of the property in the request where the user information // from the JWT will be stored. // Default value: "user" UserProperty string // The function that will be called when there's an error validating the token // Default value: DefaultErrorHandler (returns 401 Unauthorized) ErrorHandler ErrorHandler // A boolean indicating if the credentials are required or not // Default value: false CredentialsOptional bool // A function that extracts the token from the request // Default: DefaultTokenExtractor (extracts from Authorization header as bearer token) Extractor TokenExtractor // Debug flag turns on debugging output // Default: false Debug bool // When set, all requests with the OPTIONS method will use authentication // Default: false EnableAuthOnOptions bool // When set, the middelware verifies that tokens are signed with the specific signing algorithm // If the signing method is not constant the ValidationKeyGetter callback can be used to implement additional checks // Important to avoid security issues described here: https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/ // Default: nil SigningMethod jwt.SigningMethod }
Options is a struct for specifying configuration options for the middleware.
type TokenExtractor ¶
TokenExtractor is a function that takes a request as input and returns either a token or an error. An error should only be returned if an attempt to specify a token was found, but the information was somehow incorrectly formed. In the case where a token is simply not present, this should not be treated as an error. An empty string should be returned in that case.
func FromFirst ¶
func FromFirst(extractors ...TokenExtractor) TokenExtractor
FromFirst returns a function that runs multiple token extractors and takes the first token it finds
func FromHeader ¶
func FromHeader(header string) TokenExtractor
FromHeader returns a function that extracts the token from the specified HTTP header
func FromParameter ¶
func FromParameter(param string) TokenExtractor
FromParameter returns a function that extracts the token from the specified query string parameter