Documentation ¶
Overview ¶
Package token wraps jwt-go library and provides higher level abstraction to work with JWT.
Index ¶
- Variables
- func HashID(h hash.Hash, val string) string
- func SetUserDataToCtx(ctx context.Context, user UserData) context.Context
- func SetUserInfo(r *http.Request, user User) *http.Request
- func SetUserToCtx(ctx context.Context, user User) context.Context
- type Audience
- type AudienceFunc
- type Claims
- type ClaimsUpdFunc
- type ClaimsUpdater
- type Collection
- type Collections
- type Handshake
- type Opts
- type Secret
- type SecretFunc
- type Service
- func (j *Service) Get(r *http.Request) (Claims, string, error)
- func (j *Service) IsExpired(claims Claims) bool
- func (j *Service) Parse(tokenString string) (Claims, error)
- func (j *Service) Reset(w http.ResponseWriter)
- func (j *Service) Set(w http.ResponseWriter, claims Claims) (Claims, error)
- func (j *Service) Token(claims Claims) (string, error)
- type User
- func (u *User) BoolAttr(key string) bool
- func (u *User) GetRole() string
- func (u *User) IsAdmin() bool
- func (u *User) IsPaidSub() bool
- func (u *User) SetAdmin(val bool)
- func (u *User) SetBoolAttr(key string, val bool)
- func (u *User) SetPaidSub(val bool)
- func (u *User) SetRole(role string)
- func (u *User) SetSliceAttr(key string, val []string)
- func (u *User) SetStrAttr(key, val string)
- func (u *User) SliceAttr(key string) []string
- func (u *User) StrAttr(key string) string
- type UserData
- type Validator
- type ValidatorFunc
Constants ¶
This section is empty.
Variables ¶
var NeedToRegenerateTokenError = fmt.Errorf(`need to regenerate token`)
Functions ¶
func SetUserInfo ¶
SetUserInfo sets user into request context
Types ¶
type AudienceFunc ¶
AudienceFunc type is an adapter to allow the use of ordinary functions as Audience.
type Claims ¶
type Claims struct { jwt.StandardClaims User *User `json:"user,omitempty"` // user info SessionOnly bool `json:"sess_only,omitempty"` Handshake *Handshake `json:"handshake,omitempty"` // used for oauth handshake NoAva bool `json:"no-ava,omitempty"` // disable avatar, always use identicon }
Claims stores user info for token and state & from from login
type ClaimsUpdFunc ¶
ClaimsUpdFunc type is an adapter to allow the use of ordinary functions as ClaimsUpdater. If f is a function with the appropriate signature, ClaimsUpdFunc(f) is a Handler that calls f.
func (ClaimsUpdFunc) Update ¶
func (f ClaimsUpdFunc) Update(claims Claims) Claims
Update calls f(id)
type ClaimsUpdater ¶
ClaimsUpdater defines interface adding extras to claims
type Collection ¶
func NewCollection ¶
func NewCollection(name string) *Collection
func (*Collection) Add ¶
func (c *Collection) Add(name string, val interface{})
type Collections ¶
type Collections map[string]*Collection
func NewCollections ¶ added in v1.21.0
func NewCollections() Collections
type Handshake ¶
type Handshake struct { State string `json:"state,omitempty"` From string `json:"from,omitempty"` ID string `json:"id,omitempty"` }
Handshake used for oauth handshake
type Opts ¶
type Opts struct { SecretReader Secret ClaimsUpd ClaimsUpdater SecureCookies bool TokenDuration time.Duration CookieDuration time.Duration DisableXSRF bool DisableIAT bool // disable IssuedAt claim // optional (custom) names for cookies and headers JWTCookieName string JWTCookieDomain string JWTHeaderKey string XSRFCookieName string XSRFHeaderKey string JWTQuery string AudienceReader Audience // allowed aud values Issuer string // optional value for iss claim, usually application name AudSecrets bool // uses different secret for differed auds. important: adds pre-parsing of unverified token SendJWTHeader bool // if enabled send JWT as a header instead of cookie SameSite http.SameSite // define a cookie attribute making it impossible for the browser to send this cookie cross-site }
Opts holds constructor params
type Secret ¶
type Secret interface {
Get(aud string) (string, error) // aud matching is optional. Implementation may decide if supported or ignored
}
Secret defines interface returning secret key for given id (aud)
type SecretFunc ¶
SecretFunc type is an adapter to allow the use of ordinary functions as Secret. If f is a function with the appropriate signature, SecretFunc(f) is a Handler that calls f.
type Service ¶
type Service struct {
Opts
}
Service wraps jwt operations supports both header and cookie tokens
func (*Service) Get ¶
Get token from url, header or cookie if cookie used, verify xsrf token to match
type User ¶
type User struct { // set by service Name string `json:"name"` ID string `json:"id"` Picture string `json:"picture"` Audience string `json:"aud,omitempty"` // set by client IP string `json:"ip,omitempty"` Email string `json:"email,omitempty"` Attributes map[string]interface{} `json:"attrs,omitempty"` Role string `json:"role,omitempty"` }
User is the basic part of oauth data provided by service
func GetUserInfo ¶
GetUserInfo returns user info from request context
func MustGetUserInfo ¶
MustGetUserInfo gets user info and panics if can't extract it from the request. should be called from authenticated controllers only
func (*User) SetBoolAttr ¶
SetBoolAttr sets boolean attribute
func (*User) SetPaidSub ¶
SetPaidSub is a shortcut to set "paidSubscriberAttr" attribute
func (*User) SetSliceAttr ¶
SetSliceAttr sets slice attribute for given key
func (*User) SetStrAttr ¶
SetStrAttr sets string attribute
type UserData ¶
type UserData struct { User User `json:"user"` Social string `json:"social"` Collections Collections `json:"collections"` Raw map[string]interface{} `json:"raw"` }
func (*UserData) AddCollection ¶
func (ud *UserData) AddCollection(collection Collection)
func (*UserData) CreateCollection ¶
func (ud *UserData) CreateCollection(name string) *Collection
func (*UserData) CreateEmailCollection ¶
func (ud *UserData) CreateEmailCollection() *Collection
func (*UserData) GetCollection ¶
func (ud *UserData) GetCollection(name string) *Collection
type Validator ¶
Validator defines interface to accept o reject claims with consumer defined logic It works with valid token and allows to reject some, based on token match or user's fields
type ValidatorFunc ¶
ValidatorFunc type is an adapter to allow the use of ordinary functions as Validator. If f is a function with the appropriate signature, ValidatorFunc(f) is a Validator that calls f.