Documentation
¶
Index ¶
- Variables
- func AttachToken(ctx context.Context, token string) context.Context
- func AuthzStreamServerInterceptor(verifier Verifier, exclude ...string) grpc.StreamServerInterceptor
- func AuthzUnaryServerInterceptor(verifier Verifier, exclude ...string) grpc.UnaryServerInterceptor
- func AuthzWithExcludeFuncUnaryServerInterceptor(verifier Verifier, exclude Exclude) grpc.UnaryServerInterceptor
- func GetToken(ctx context.Context) string
- func ParseRSAPrivateKeyFromPEM(key []byte) (*rsa.PrivateKey, error)
- func ParseRSAPublicKeyFromPEM(key []byte) (*rsa.PublicKey, error)
- type Exclude
- type Generator
- type SignerConfig
- type User
- type UserClaims
- type Verifier
- type VerifierConfig
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrTokenInvalidAudience = errors.New("token has invalid audience") ErrTokenExpired = errors.New("token is expired") ErrTokenUsedBeforeIssued = errors.New("token used before issued") ErrTokenNotValidYet = errors.New("token is not valid yet") )
View Source
var ( ErrKeyMustBePEMEncoded = errors.New("invalid key: Key must be a PEM encoded PKCS1 or PKCS8 key") ErrNotRSAPrivateKey = errors.New("key is not a valid RSA private key") ErrNotRSAPublicKey = errors.New("key is not a valid RSA public key") )
View Source
var ( ErrNoPrivKeyFile = errors.New("private key file unreadable") ErrInvalidPrivKey = errors.New("RSA private key invalid") )
View Source
var ( // ErrInvalidSigningAlgorithm indicates signing algorithm is invalid, needs to be RS256, RS384 or RS512 ErrInvalidSigningAlgorithm = errors.New("invalid signing algorithm") ErrTokenInvalidClaims = errors.New("token has invalid claims") ErrNoPubKeyFile = errors.New("public key file unreadable") ErrInvalidPubKey = errors.New("RSA public key invalid") )
Functions ¶
func AuthzStreamServerInterceptor ¶
func AuthzStreamServerInterceptor(verifier Verifier, exclude ...string) grpc.StreamServerInterceptor
func AuthzUnaryServerInterceptor ¶
func AuthzUnaryServerInterceptor(verifier Verifier, exclude ...string) grpc.UnaryServerInterceptor
func AuthzWithExcludeFuncUnaryServerInterceptor ¶
func AuthzWithExcludeFuncUnaryServerInterceptor(verifier Verifier, exclude Exclude) grpc.UnaryServerInterceptor
func ParseRSAPrivateKeyFromPEM ¶
func ParseRSAPrivateKeyFromPEM(key []byte) (*rsa.PrivateKey, error)
ParseRSAPrivateKeyFromPEM parses a PEM encoded PKCS1 or PKCS8 private key
Types ¶
type SignerConfig ¶
type SignerConfig struct {
PrivateKey string `yaml:"private_key" env:"PRIVATE_KEY" env-required:"true"`
Audience []string `yaml:"audience" env:"AUDIENCE" env-required:"true"`
Algorithm jwt.Algorithm `yaml:"algorithm" env:"ALGORITHM" env-default:"RS256"`
TTL time.Duration `yaml:"ttl" env:"TTL" env-default:"5m"`
}
func (*SignerConfig) Generator ¶
func (cfg *SignerConfig) Generator() (*generator, error)
type User ¶
type UserClaims ¶
type UserClaims struct {
jwt.RegisteredClaims
Name string `json:"name,omitempty"`
Email string `json:"email,omitempty"`
Roles []string `json:"roles,omitempty"`
}
func Unmarshal ¶
func Unmarshal(claims json.RawMessage) (UserClaims, error)
func (UserClaims) User ¶
func (uc UserClaims) User() User
func (UserClaims) Validate ¶
func (uc UserClaims) Validate(audience string) error
type VerifierConfig ¶
type VerifierConfig struct {
PublicKey string `yaml:"public_key" env:"PUBLIC_KEY" env-required:"true"`
Audience string `yaml:"audience" env:"AUDIENCE" env-required:"true"`
Algorithm jwt.Algorithm `yaml:"algorithm" env:"ALGORITHM" env-default:"RS256"`
}
func (*VerifierConfig) Verifier ¶
func (cfg *VerifierConfig) Verifier() (*verifier, error)
Source Files
Click to show internal directories.
Click to hide internal directories.