auth

package

v0.0.6-alpha Latest Latest Go to latest Published: Aug 1, 2019 License: MIT Imports: 11 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/jennyservices/jenny

Documentation ¶

Overview ¶

Package auth defines how authorization works between middlewares by default.

Index ¶

Constants
Variables
func BasicAuth(ctx context.Context) (username, password string, ok bool)
func ContextJWT(ctx context.Context) (*stdjwt.Token, error)
func JWTToContext(keyFunc stdjwt.Keyfunc, method stdjwt.SigningMethod, ...) endpoint.Middleware
func RequireScopes(scopes []string) endpoint.Middleware
func ScopesToContext(claimsScopes JWTScopesExtrator) endpoint.Middleware
func UserToContext(claimsUser JWTUserExtractor) endpoint.Middleware
type ExtendedUser
type JWTScopesExtrator
type JWTUserExtractor
type User
- func ContextUser(ctx context.Context) (User, error)

Constants ¶

View Source

const (
	// JWTContextKey is the context key for JWT
	JWTContextKey contextKey = iota

	// UserContextKey is the context key for a user, this requires
	// a middleware with the userfunc to be present
	UserContextKey

	// BasicContextKey is the context key for basic auth, it returns a username and password
	BasicContextKey

	// ScopesContextKey is the context key for scopes present in a context
	ScopesContextKey
)

Variables ¶

View Source

var (
	// ErrUserNotFoundInContext is returned when a user is not found in the
	//context under the AuthUser key
	ErrUserNotFoundInContext = jennyerrors.NewHTTPError(errors.New("user not found in context"), http.StatusUnauthorized)

	// ErrJWTNotFoundInContext is the error returned when a JWT is not present in
	// the context under the JWTContextKey key
	ErrJWTNotFoundInContext = jennyerrors.NewHTTPError(errors.New("jwt not found in context"), http.StatusUnauthorized)

	// ErrScopesNotFoundInContext is the error returned when scopes are not present
	// in the context under the ScopesContextKey
	ErrScopesNotFoundInContext = jennyerrors.NewHTTPError(errors.New("scopes not found in context"), http.StatusForbidden)

	// ErrAuthNotAuthorized is the error returned when the request doesn't have enough permissions
	ErrAuthNotAuthorized = jennyerrors.NewHTTPError(errors.New("request does not have sufficent permissions to continue"), http.StatusForbidden)
)

Functions ¶

func BasicAuth ¶

func BasicAuth(ctx context.Context) (username, password string, ok bool)

BasicAuth returns the username and password provided in the request's Authorization header, if the request uses HTTP Basic Authentication. See RFC 2617, Section 2.

func ContextJWT ¶

func ContextJWT(ctx context.Context) (*stdjwt.Token, error)

ContextJWT returns the jwt if one exists in context

func JWTToContext ¶

func JWTToContext(keyFunc stdjwt.Keyfunc, method stdjwt.SigningMethod, newClaims kitjwt.ClaimsFactory) endpoint.Middleware

JWTToContext takes a JWTUserExtractor function and injects the User as

func RequireScopes ¶

func RequireScopes(scopes []string) endpoint.Middleware

RequireScopes protects an endpoint that requires scopes to be present

func ScopesToContext ¶

func ScopesToContext(claimsScopes JWTScopesExtrator) endpoint.Middleware

ScopesToContext takes claims and extracts scopes from it to inject it to the context. this middleware assumes that the gokit jwt.Middlewares are used and the JWTClaimscontextKey is present

func UserToContext ¶

func UserToContext(claimsUser JWTUserExtractor) endpoint.Middleware

UserToContext takes a JWTUserExtractor function and injects the User as

Types ¶

type ExtendedUser ¶

type ExtendedUser interface {
	User
	Email() string                // Email returns an email for communicating with the User
	DisplayName() (string, error) // DisplayName is used when you need to address the user, this is here for convinience
	Details() map[string]string   // Returns details for the user that aren't documented like id and email
}

ExtendedUser encapsulates more information that User, while the User inferface has actual practical use, ExtendedUser is purely for convinience

type JWTScopesExtrator ¶

type JWTScopesExtrator func(stdjwt.MapClaims) ([]string, error)

JWTScopesExtrator takes jwt.MapClaims and extracts the requests scopes from it

type JWTUserExtractor ¶

type JWTUserExtractor func(stdjwt.Claims) (User, error)

JWTUserExtractor extracts the user from jwt.MapClaims

type User ¶

type User interface {
	UniqueID() []byte
}

User represents the minimum a user object should implement The UniqueID function should return a slice of bytes that are unique.

In the case that the underlying object has a numerical ID the implementor should convert the numerical value to a byte slice like so;

func (u *User) UniqueID() []byte {
	buf := make([]byte, binary.MaxVarintLen64)
	n := binary.PutUvarint(buf, u.ID)
	return buf
}

In the case of the ID being a string the implementor should make sure the capitalization of the string is consistent. Jenny will threat 0xDEADBEEF != 0xdeadbeef as different IDs.

func ContextUser ¶

func ContextUser(ctx context.Context) (User, error)

ContextUser returns an object that implements the user interface

Source Files ¶

View all Source files

auth.go

Directories ¶

Path	Synopsis
authtest
ssh-agent

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL