oauth2support

package

v0.8.2 Latest Latest Go to latest Published: Dec 18, 2024 License: Apache-2.0 Imports: 15 Imported by: 2

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/hexa-org/policy-mapper

Documentation ¶

Index ¶

Constants
func JwtAuthenticationHandler(next http.HandlerFunc, s *ResourceJwtAuthorizer, scopes []string) http.HandlerFunc
type AccessToken
type HTTPClient
type JwtClientHandler
- func NewJwtClientHandler() JwtClientHandler
- func NewJwtClientHandlerWithConfig(config *clientcredentials.Config, httpClientOverride *http.Client) JwtClientHandler
type ResourceJwtAuthorizer
- func NewResourceJwtAuthorizer() (*ResourceJwtAuthorizer, error)
- func (s *ResourceJwtAuthorizer) ValidateAuthorization(w http.ResponseWriter, r *http.Request, scopes []string) *AccessToken

Constants ¶

View Source

const (
	EnvOAuthJwksUrl  string = "HEXA_TOKEN_JWKSURL"
	EnvTknPubKeyFile string = "HEXA_TKN_PUBKEYFILE"
	EnvJwtAuth       string = "HEXA_JWT_AUTH_ENABLE"
	EnvJwtRealm      string = "HEXA_JWT_REALM"
	EnvJwtAudience   string = "HEXA_JWT_AUDIENCE"
	EnvJwtScope      string = "HEXA_JWT_SCOPE"
	EnvJwtKid        string = "HEXA_JWT_KID"

	EnvOAuthClientId      string = "HEXA_OAUTH_CLIENT_ID"
	EnvOAuthClientSecret  string = "HEXA_OAUTH_CLIENT_SECRET"
	EnvOAuthClientScope   string = "HEXA_OAUTH_CLIENT_SCOPE"
	EnvOAuthTokenEndpoint string = "HEXA_OAUTH_TOKEN_ENDPOINT"

	Header_Email string = "X-JWT-EMAIL"
	Header_Subj  string = "X-JWT-SUBJECT"
)

Variables ¶

This section is empty.

Functions ¶

func JwtAuthenticationHandler ¶

func JwtAuthenticationHandler(next http.HandlerFunc, s *ResourceJwtAuthorizer, scopes []string) http.HandlerFunc

Types ¶

type AccessToken ¶ added in v0.6.12

type AccessToken struct {
	*jwt.RegisteredClaims
	Email string   `json:"email,omitempty"`
	Scope string   `json:"scope,omitempty"`
	Roles []string `json:"roles,omitempty"`
}

type HTTPClient ¶

type HTTPClient interface {
	Get(url string) (resp *http.Response, err error)
	Do(req *http.Request) (*http.Response, error)
}

type JwtClientHandler ¶

type JwtClientHandler interface {
	GetHttpClient() *http.Client
	GetToken() (*oauth2.Token, error)
}

func NewJwtClientHandler ¶

func NewJwtClientHandler() JwtClientHandler

NewJwtClientHandler opens a new JwtClientHandler which allows an OAuth Client to make calls to a JWT protected endpoint. Configuration parameters are pulled from environment variables.

func NewJwtClientHandlerWithConfig ¶

func NewJwtClientHandlerWithConfig(config *clientcredentials.Config, httpClientOverride *http.Client) JwtClientHandler

NewJwtClientHandlerWithConfig opens a new JwtClientHandler which allows an OAuth Client to make calls to a JWT protected endpoint. The `config` parameter specifies a client credential for the OAuth2 Client Credential Flow. `httpClientOverride` is used to override the normal HTTP client and will be inserted to the oauth2 http client.

type ResourceJwtAuthorizer ¶

type ResourceJwtAuthorizer struct {
	Key keyfunc.Keyfunc
	Aud string
	// contains filtered or unexported fields
}

func NewResourceJwtAuthorizer ¶

func NewResourceJwtAuthorizer() (*ResourceJwtAuthorizer, error)

func (*ResourceJwtAuthorizer) ValidateAuthorization ¶ added in v0.6.12

func (s *ResourceJwtAuthorizer) ValidateAuthorization(w http.ResponseWriter, r *http.Request, scopes []string) *AccessToken

Source Files ¶

View all Source files

jwt_token_support.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL