Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ErrJWTError = goa.NewErrorClass("jwt_security_error", 401)
ErrJWTError is the error returned by this middleware when any sort of validation or assertion fails during processing.
Functions ¶
func ContextJWT ¶
ContextJWT retrieves the JWT token from a `context` that went through our security middleware.
func New ¶
func New(validationKeys interface{}, validationFunc goa.Middleware) goa.JWTSecurityConfigFunc
New returns a middleware to be used with the `JWTSecurity()` DSL definitions of `goa`. It supports the `scopes` claim in the JWT and ensures goa-defined `Security()` DSLs are properly validated.
The `exp` (expiration) and `nbf` (not before) date checks are validated by the JWT library.
validationKeys can be one of these:
- a single string
- a single []byte
- a list of string
- a list of []byte
- a single *rsa.PublicKey
- a list of *rsa.PublicKey
The type of the keys determine the algorithms that will be checked. The goal of having lists of keys is to allow for key rotation, still check the previous keys until rotation has been completed.
You can define an optional function to do additional validations on the token once the signature and the claims requirements are proven to be valid. Example:
validationHandler, _ := goa.NewMiddleware(func(ctx context.Context, w http.ResponseWriter, r *http.Request) error {
token := jwt.ContextJWT(ctx)
if val, ok := token.Claims["is_uncle"].(string); !ok || val != "ben" {
return jwt.ErrJWTError.Errorf("you are not uncle ben's")
}
})
app.MyJWTSecurity.Use(jwt.New("secret", validationHandler))
Types ¶
This section is empty.
Source Files