middleware

package

v0.0.0-...-5f71cfe Latest Latest Go to latest Published: Sep 28, 2022 License: BSD-3-Clause Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/isecwaypro/isecway

Documentation ¶

Index ¶

func FromAuthHeader(r *http.Request) (string, error)
func OnError(w http.ResponseWriter, r *http.Request, err string)
type AccessControll
- func NewAccessControll(audience string, isUserAdmin IsUserAdminFunc) *AccessControll
- func (a *AccessControll) Handler(h http.Handler) http.Handler
type IsUserAdminFunc
type JSONWebKeys
type JWTMiddleware
- func New(options ...Options) *JWTMiddleware
- func NewJwtMiddleware(issuer string, audience string, keysLocation string) (*JWTMiddleware, error)
type Jwks
type Options
type TokenExtractor
- func FromFirst(extractors ...TokenExtractor) TokenExtractor
- func FromParameter(param string) TokenExtractor

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func FromAuthHeader ¶

func FromAuthHeader(r *http.Request) (string, error)

FromAuthHeader is a "TokenExtractor" that takes a give request and extracts the JWT token from the Authorization header.

func OnError ¶

func OnError(w http.ResponseWriter, r *http.Request, err string)

Types ¶

type AccessControll ¶

type AccessControll struct {
	// contains filtered or unexported fields
}

AccessControll middleware to restrict to make POST/PUT/DELETE requests by admin only

func (*AccessControll) Handler ¶

func (a *AccessControll) Handler(h http.Handler) http.Handler

Handler method of the middleware which forbinneds all modify requests for non admin users

type IsUserAdminFunc ¶

type IsUserAdminFunc func(claims jwtclaims.AuthorizationClaims) (bool, error)

type JSONWebKeys ¶

type JSONWebKeys struct {
	Kty string   `json:"kty"`
	Kid string   `json:"kid"`
	Use string   `json:"use"`
	N   string   `json:"n"`
	E   string   `json:"e"`
	X5c []string `json:"x5c"`
}

JSONWebKeys is a representation of a Jason Web Key

type JWTMiddleware ¶

type JWTMiddleware struct {
	Options Options
}

func New ¶

func New(options ...Options) *JWTMiddleware

New constructs a new Secure instance with supplied options.

func NewJwtMiddleware ¶

func NewJwtMiddleware(issuer string, audience string, keysLocation string) (*JWTMiddleware, error)

NewJwtMiddleware creates new middleware to verify the JWT token sent via Authorization header

func (*JWTMiddleware) CheckJWTFromRequest ¶

func (m *JWTMiddleware) CheckJWTFromRequest(w http.ResponseWriter, r *http.Request) error

func (*JWTMiddleware) Handler ¶

func (m *JWTMiddleware) Handler(h http.Handler) http.Handler

func (*JWTMiddleware) HandlerWithNext ¶

func (m *JWTMiddleware) HandlerWithNext(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)

HandlerWithNext is a special implementation for Negroni, but could be used elsewhere.

func (*JWTMiddleware) ValidateAndParse ¶

func (m *JWTMiddleware) ValidateAndParse(token string) (*jwt.Token, error)

ValidateAndParse validates and parses a given access token against jwt standards and signing methods

type Jwks ¶

type Jwks struct {
	Keys []JSONWebKeys `json:"keys"`
}

Jwks is a collection of JSONWebKeys obtained from Config.HttpServerConfig.AuthKeysLocation

type Options ¶

type Options struct {
	// The function that will return the Key to validate the JWT.
	// It can be either a shared secret or a public key.
	// Default value: nil
	ValidationKeyGetter jwt.Keyfunc
	// The name of the property in the request where the user information
	// from the JWT will be stored.
	// Default value: "user"
	UserProperty string
	// The function that will be called when there's an error validating the token
	// Default value:
	ErrorHandler errorHandler
	// A boolean indicating if the credentials are required or not
	// Default value: false
	CredentialsOptional bool
	// A function that extracts the token from the request
	// Default: FromAuthHeader (i.e., from Authorization header as bearer token)
	Extractor TokenExtractor
	// Debug flag turns on debugging output
	// Default: false
	Debug bool
	// When set, all requests with the OPTIONS method will use authentication
	// Default: false
	EnableAuthOnOptions bool
	// When set, the middelware verifies that tokens are signed with the specific signing algorithm
	// If the signing method is not constant the ValidationKeyGetter callback can be used to implement additional checks
	// Important to avoid security issues described here: https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries/
	// Default: nil
	SigningMethod jwt.SigningMethod
}

Options is a struct for specifying configuration options for the middleware.

type TokenExtractor ¶

type TokenExtractor func(r *http.Request) (string, error)

TokenExtractor is a function that takes a request as input and returns either a token or an error. An error should only be returned if an attempt to specify a token was found, but the information was somehow incorrectly formed. In the case where a token is simply not present, this should not be treated as an error. An empty string should be returned in that case.

func FromFirst ¶

func FromFirst(extractors ...TokenExtractor) TokenExtractor

FromFirst returns a function that runs multiple token extractors and takes the first token it finds

func FromParameter ¶

func FromParameter(param string) TokenExtractor

FromParameter returns a function that extracts the token from the specified query string parameter

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL