middleware

package
v0.0.0-...-5f71cfe Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 28, 2022 License: BSD-3-Clause Imports: 9 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func FromAuthHeader

func FromAuthHeader(r *http.Request) (string, error)

FromAuthHeader is a "TokenExtractor" that takes a give request and extracts the JWT token from the Authorization header.

func OnError

func OnError(w http.ResponseWriter, r *http.Request, err string)

Types

type AccessControll

type AccessControll struct {
	// contains filtered or unexported fields
}

AccessControll middleware to restrict to make POST/PUT/DELETE requests by admin only

func NewAccessControll

func NewAccessControll(audience string, isUserAdmin IsUserAdminFunc) *AccessControll

NewAccessControll instance constructor

func (*AccessControll) Handler

func (a *AccessControll) Handler(h http.Handler) http.Handler

Handler method of the middleware which forbinneds all modify requests for non admin users

type IsUserAdminFunc

type IsUserAdminFunc func(claims jwtclaims.AuthorizationClaims) (bool, error)

type JSONWebKeys

type JSONWebKeys struct {
	Kty string   `json:"kty"`
	Kid string   `json:"kid"`
	Use string   `json:"use"`
	N   string   `json:"n"`
	E   string   `json:"e"`
	X5c []string `json:"x5c"`
}

JSONWebKeys is a representation of a Jason Web Key

type JWTMiddleware

type JWTMiddleware struct {
	Options Options
}

func New

func New(options ...Options) *JWTMiddleware

New constructs a new Secure instance with supplied options.

func NewJwtMiddleware

func NewJwtMiddleware(issuer string, audience string, keysLocation string) (*JWTMiddleware, error)

NewJwtMiddleware creates new middleware to verify the JWT token sent via Authorization header

func (*JWTMiddleware) CheckJWTFromRequest

func (m *JWTMiddleware) CheckJWTFromRequest(w http.ResponseWriter, r *http.Request) error

func (*JWTMiddleware) Handler

func (m *JWTMiddleware) Handler(h http.Handler) http.Handler

func (*JWTMiddleware) HandlerWithNext

func (m *JWTMiddleware) HandlerWithNext(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)

HandlerWithNext is a special implementation for Negroni, but could be used elsewhere.

func (*JWTMiddleware) ValidateAndParse

func (m *JWTMiddleware) ValidateAndParse(token string) (*jwt.Token, error)

ValidateAndParse validates and parses a given access token against jwt standards and signing methods

type Jwks

type Jwks struct {
	Keys []JSONWebKeys `json:"keys"`
}

Jwks is a collection of JSONWebKeys obtained from Config.HttpServerConfig.AuthKeysLocation

type Options

type Options struct {
	// The function that will return the Key to validate the JWT.
	// It can be either a shared secret or a public key.
	// Default value: nil
	ValidationKeyGetter jwt.Keyfunc
	// The name of the property in the request where the user information
	// from the JWT will be stored.
	// Default value: "user"
	UserProperty string
	// The function that will be called when there's an error validating the token
	// Default value:
	ErrorHandler errorHandler
	// A boolean indicating if the credentials are required or not
	// Default value: false
	CredentialsOptional bool
	// A function that extracts the token from the request
	// Default: FromAuthHeader (i.e., from Authorization header as bearer token)
	Extractor TokenExtractor
	// Debug flag turns on debugging output
	// Default: false
	Debug bool
	// When set, all requests with the OPTIONS method will use authentication
	// Default: false
	EnableAuthOnOptions bool
	// When set, the middelware verifies that tokens are signed with the specific signing algorithm
	// If the signing method is not constant the ValidationKeyGetter callback can be used to implement additional checks
	// Important to avoid security issues described here: https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries/
	// Default: nil
	SigningMethod jwt.SigningMethod
}

Options is a struct for specifying configuration options for the middleware.

type TokenExtractor

type TokenExtractor func(r *http.Request) (string, error)

TokenExtractor is a function that takes a request as input and returns either a token or an error. An error should only be returned if an attempt to specify a token was found, but the information was somehow incorrectly formed. In the case where a token is simply not present, this should not be treated as an error. An empty string should be returned in that case.

func FromFirst

func FromFirst(extractors ...TokenExtractor) TokenExtractor

FromFirst returns a function that runs multiple token extractors and takes the first token it finds

func FromParameter

func FromParameter(param string) TokenExtractor

FromParameter returns a function that extracts the token from the specified query string parameter

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL