request

package
v5.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 12, 2024 License: MIT Imports: 4 Imported by: 37

Documentation

Overview

Utility package for extracting JWT tokens from HTTP requests.

The main function is ParseFromRequest and it's WithClaims variant. See examples for how to use the various Extractor implementations or roll your own.

Index

Examples

Constants

This section is empty.

Variables

View Source 
var AuthorizationHeaderExtractor = &PostExtractionFilter{
	HeaderExtractor{"Authorization"},
	stripBearerPrefixFromTokenString,
}

AuthorizationHeaderExtractor extracts a bearer token from Authorization header Uses PostExtractionFilter to strip "Bearer " prefix from header

View Source 
var (
	ErrNoTokenInRequest = errors.New("no token present in request")
)

Errors

View Source 
var OAuth2Extractor = &MultiExtractor{
	AuthorizationHeaderExtractor,
	ArgumentExtractor{"access_token"},
}

OAuth2Extractor is an Extractor for OAuth2 access tokens. Looks in 'Authorization' header then 'access_token' argument for a token.

Functions

func ParseFromRequest 

func ParseFromRequest(req *http.Request, extractor Extractor, keyFunc jwt.Keyfunc, options ...ParseFromRequestOption) (token *jwt.Token, err error)

ParseFromRequest extracts and parses a JWT token from an HTTP request. This behaves the same as Parse, but accepts a request and an extractor instead of a token string. The Extractor interface allows you to define the logic for extracting a token. Several useful implementations are provided.

You can provide options to modify parsing behavior

func ParseFromRequestWithClaims deprecated 

func ParseFromRequestWithClaims(req *http.Request, extractor Extractor, claims jwt.Claims, keyFunc jwt.Keyfunc) (token *jwt.Token, err error)

ParseFromRequestWithClaims is an alias for ParseFromRequest but with custom Claims type.

Deprecated: use ParseFromRequest and the WithClaims option

Types

type ArgumentExtractor 

type ArgumentExtractor []string

ArgumentExtractor extracts a token from request arguments. This includes a POSTed form or GET URL arguments. Argument names are tried in order until there's a match. This extractor calls `ParseMultipartForm` on the request

Example 
req := makeExampleRequest("GET", "/", nil, url.Values{"token": {extractorTestTokenA}})
tokenString, err := ArgumentExtractor{"token"}.ExtractToken(req)
if err == nil {
	fmt.Println(tokenString)
} else {
	fmt.Println(err)
}

Output:

A

func (ArgumentExtractor) ExtractToken 

func (e ArgumentExtractor) ExtractToken(req *http.Request) (string, error)

type BearerExtractor 

type BearerExtractor struct{}

BearerExtractor extracts a token from the Authorization header. The header is expected to match the format "Bearer XX", where "XX" is the JWT token.

func (BearerExtractor) ExtractToken 

func (e BearerExtractor) ExtractToken(req *http.Request) (string, error)

type Extractor 

type Extractor interface {
	ExtractToken(*http.Request) (string, error)
}

Extractor is an interface for extracting a token from an HTTP request. The ExtractToken method should return a token string or an error. If no token is present, you must return ErrNoTokenInRequest.

type HeaderExtractor 

type HeaderExtractor []string

HeaderExtractor is an extractor for finding a token in a header. Looks at each specified header in order until there's a match

Example 
req := makeExampleRequest("GET", "/", map[string]string{"Token": exampleTokenA}, nil)
tokenString, err := HeaderExtractor{"Token"}.ExtractToken(req)
if err == nil {
	fmt.Println(tokenString)
} else {
	fmt.Println(err)
}

Output:

A

func (HeaderExtractor) ExtractToken 

func (e HeaderExtractor) ExtractToken(req *http.Request) (string, error)

type MultiExtractor 

type MultiExtractor []Extractor

MultiExtractor tries Extractors in order until one returns a token string or an error occurs

func (MultiExtractor) ExtractToken 

func (e MultiExtractor) ExtractToken(req *http.Request) (string, error)

type ParseFromRequestOption 

type ParseFromRequestOption func(*fromRequestParser)

func WithClaims 

func WithClaims(claims jwt.Claims) ParseFromRequestOption

WithClaims parses with custom claims

func WithParser 

func WithParser(parser *jwt.Parser) ParseFromRequestOption

WithParser parses using a custom parser

type PostExtractionFilter 

type PostExtractionFilter struct {
	Extractor
	Filter func(string) (string, error)
}

PostExtractionFilter wraps an Extractor in this to post-process the value before it's handed off. See AuthorizationHeaderExtractor for an example

func (*PostExtractionFilter) ExtractToken 

func (e *PostExtractionFilter) ExtractToken(req *http.Request) (string, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.