The highest tagged major version is
Documentation
¶
Index ¶
- func BearerAuthFuncGRPC(auth authentication.Authentication) grpc_auth.AuthFunc
- func ExtractGRPCAuthEmail(ctx context.Context) (string, error)
- func ExtractGRPCAuthSubject(ctx context.Context) (string, error)
- func InjectGRPCAuthEmail(ctx context.Context, email string) context.Context
- func InjectGRPCAuthSubject(ctx context.Context, sub string) context.Context
- func LoggerGRPC(l *zap.Logger) grpc_logging.Logger
- type Extractor
- type Middleware
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func BearerAuthFuncGRPC ¶
func BearerAuthFuncGRPC(auth authentication.Authentication) grpc_auth.AuthFunc
BearerAuthFuncGRPC returns a new grpc_auth.AuthFunc to use with the gazebo-web authentication library.
The passed in context.Context will contain the gRPC metadata.MD object (for header-based authentication) and the peer.Peer information that can contain transport-based credentials (e.g. `credentials.AuthInfo`).
auth := authentication.New[...]() srv := grpc.NewServer( grpc.StreamInterceptor(grpc_auth.StreamServerInterceptor(BearerAuthFuncGRPC(auth))), grpc.UnaryInterceptor(grpc_auth.UnaryServerInterceptor(BearerAuthFuncGRPC(auth))), )
func ExtractGRPCAuthEmail ¶ added in v8.4.0
ExtractGRPCAuthEmail extracts the custom email (email) claim from the context metadata. This claim is usually injected in a middleware such as BearerToken or BearerAuthFuncGRPC, if present.
This claim is expected in those provider that inject an email address in their JWT. Not all providers do such thing.
This function only works with gRPC requests. It returns an error if the metadata couldn't be parsed or the email is not present.
func ExtractGRPCAuthSubject ¶
ExtractGRPCAuthSubject extracts the authentication subject (sub) claim from the context metadata. This claim is usually injected in a middleware such as BearerToken or BearerAuthFuncGRPC, if present.
From the RFC7519, section 4.1.2: https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.2
The "sub" (subject) claim identifies the principal that is the subject of the JWT. The claims in a JWT are normally statements about the subject. The subject value MUST either be scoped to be locally unique in the context of the issuer or be globally unique. The processing of this claim is generally application specific. The "sub" value is a case-sensitive string containing a StringOrURI value.
This function only works with gRPC requests. It returns an error if the metadata couldn't be parsed or the subject is not present.
func InjectGRPCAuthEmail ¶ added in v8.4.0
InjectGRPCAuthEmail injects the custom email (email) claim into the given context metadata. See ExtractGRPCAuthSubject for information on how to extract this value.
func InjectGRPCAuthSubject ¶
InjectGRPCAuthSubject injects the authentication subject (sub) claim into the given context metadata. See ExtractGRPCAuthSubject for information on how to extract this value.
func LoggerGRPC ¶ added in v8.3.0
func LoggerGRPC(l *zap.Logger) grpc_logging.Logger
LoggerGRPC adapts zap logger to interceptor logger. Code copied from:
https://github.com/grpc-ecosystem/go-grpc-middleware/blob/a18e1e2bacb23afca0f52b228f6b4efbb5f57822/interceptors/logging/examples/zap/example_test.go#L17
Types ¶
type Extractor ¶
Extractor extracts a string value from an HTTP request. It's usually used to extract a header from an HTTP request, but can also be used for extracting a user and password from the body.
There are a few implementations already provided by the request package, for example: Bearer tokens: request.BearerExtractor
type Middleware ¶
Middleware is used to modify or augment the behavior of an HTTP request handler.
func BearerToken ¶
func BearerToken(authentication authentication.Authentication) Middleware
BearerToken returns a Middleware for authenticating users using Bearer Tokens in JWT format.
Source Files