oauth2support

package

v0.7.2 Latest Latest Go to latest Published: Sep 26, 2024 License: Apache-2.0 Imports: 15 Imported by: 2

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/hexa-org/policy-mapper

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func JwtAuthenticationHandler(next http.HandlerFunc, s *ResourceJwtAuthorizer, scopes []string) http.HandlerFunc
type AccessToken
type HTTPClient
type JwtClientHandler
- func NewJwtClientHandler() JwtClientHandler
- func NewJwtClientHandlerWithConfig(config *clientcredentials.Config, httpClientOverride *http.Client) JwtClientHandler
type ResourceJwtAuthorizer
- func NewResourceJwtAuthorizer() (*ResourceJwtAuthorizer, error)
- func (s *ResourceJwtAuthorizer) ValidateAuthorization(w http.ResponseWriter, r *http.Request, scopes []string) *AccessToken

Constants ¶

View Source

const (
	EnvOAuthJwksUrl  string = "HEXA_TOKEN_JWKSURL"
	EnvTknPubKeyFile string = "HEXA_TKN_PUBKEYFILE"
	EnvJwtAuth       string = "HEXA_JWT_AUTH_ENABLE"
	EnvJwtRealm      string = "HEXA_JWT_REALM"
	EnvJwtAudience   string = "HEXA_JWT_AUDIENCE"
	EnvJwtScope      string = "HEXA_JWT_SCOPE"
	EnvJwtKid        string = "HEXA_JWT_KID"

	EnvOAuthClientId      string = "HEXA_OAUTH_CLIENT_ID"
	EnvOAuthClientSecret  string = "HEXA_OAUTH_CLIENT_SECRET"
	EnvOAuthClientScope   string = "HEXA_OAUTH_CLIENT_SCOPE"
	EnvOAuthTokenEndpoint string = "HEXA_OAUTH_TOKEN_ENDPOINT"

	Header_Email string = "X-JWT-EMAIL"
	Header_Subj  string = "X-JWT-SUBJECT"
)

Variables ¶

This section is empty.

Functions ¶

func JwtAuthenticationHandler ¶

func JwtAuthenticationHandler(next http.HandlerFunc, s *ResourceJwtAuthorizer, scopes []string) http.HandlerFunc

Types ¶

type AccessToken ¶ added in v0.6.12

type AccessToken struct {
	*jwt.RegisteredClaims
	Email string   `json:"email,omitempty"`
	Scope string   `json:"scope,omitempty"`
	Roles []string `json:"roles,omitempty"`
}

type HTTPClient ¶

type HTTPClient interface {
	Get(url string) (resp *http.Response, err error)
	Do(req *http.Request) (*http.Response, error)
}

type JwtClientHandler ¶

type JwtClientHandler interface {
	GetHttpClient() *http.Client
	GetToken() (*oauth2.Token, error)
}

func NewJwtClientHandler ¶

func NewJwtClientHandler() JwtClientHandler

NewJwtClientHandler opens a new JwtClientHandler which allows an OAuth Client to make calls to a JWT protected endpoint. Configuration parameters are pulled from environment variables.

func NewJwtClientHandlerWithConfig ¶

func NewJwtClientHandlerWithConfig(config *clientcredentials.Config, httpClientOverride *http.Client) JwtClientHandler

NewJwtClientHandlerWithConfig opens a new JwtClientHandler which allows an OAuth Client to make calls to a JWT protected endpoint. The `config` parameter specifies a client credential for the OAuth2 Client Credential Flow. `httpClientOverride` is used to override the normal HTTP client and will be inserted to the oauth2 http client.

type ResourceJwtAuthorizer ¶

type ResourceJwtAuthorizer struct {
	Key keyfunc.Keyfunc
	Aud string
	// contains filtered or unexported fields
}

func NewResourceJwtAuthorizer ¶

func NewResourceJwtAuthorizer() (*ResourceJwtAuthorizer, error)

func (*ResourceJwtAuthorizer) ValidateAuthorization ¶ added in v0.6.12

func (s *ResourceJwtAuthorizer) ValidateAuthorization(w http.ResponseWriter, r *http.Request, scopes []string) *AccessToken

Source Files ¶

View all Source files

jwt_token_support.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL