Documentation ¶
Index ¶
- func PermissionFromToken(token jwt.Token, subject names.Tag) (permission.Access, error)
- type Authenticator
- type JWTAuthenticator
- func (j *JWTAuthenticator) Authenticate(req *http.Request) (authentication.AuthInfo, error)
- func (j *JWTAuthenticator) AuthenticateLoginRequest(ctx context.Context, _, _ string, authParams authentication.AuthParams) (authentication.AuthInfo, error)
- func (j *JWTAuthenticator) Parse(ctx context.Context, tok string) (jwt.Token, authentication.Entity, error)
- func (j *JWTAuthenticator) RegisterJWKSCache(ctx context.Context) error
- type PermissionDelegator
- type TokenEntity
- type TokenParser
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func PermissionFromToken ¶
func PermissionFromToken(token jwt.Token, subject names.Tag) (permission.Access, error)
PermissionFromToken will extract the permission a jwt token has for the provided subject. If no permission is found permission.NoAccess will be returned.
Types ¶
type Authenticator ¶
type Authenticator interface { authentication.RequestAuthenticator TokenParser }
type JWTAuthenticator ¶
type JWTAuthenticator struct {
// contains filtered or unexported fields
}
JWTAuthenticator is an authenticator responsible for handling JWT tokens from a client.
func NewAuthenticator ¶
func NewAuthenticator(refreshURL string) *JWTAuthenticator
func NewAuthenticatorWithHTTPClient ¶
func NewAuthenticatorWithHTTPClient( client *http.Client, refreshURL string, ) *JWTAuthenticator
func (*JWTAuthenticator) Authenticate ¶
func (j *JWTAuthenticator) Authenticate(req *http.Request) (authentication.AuthInfo, error)
Authenticate implements EntityAuthenticator
func (*JWTAuthenticator) AuthenticateLoginRequest ¶
func (j *JWTAuthenticator) AuthenticateLoginRequest( ctx context.Context, _, _ string, authParams authentication.AuthParams, ) (authentication.AuthInfo, error)
AuthenticateLoginRequest implements LoginAuthenticator
func (*JWTAuthenticator) Parse ¶
func (j *JWTAuthenticator) Parse(ctx context.Context, tok string) (jwt.Token, authentication.Entity, error)
Parse parses the bytes into a jwt.
func (*JWTAuthenticator) RegisterJWKSCache ¶
func (j *JWTAuthenticator) RegisterJWKSCache(ctx context.Context) error
RegisterJWKSCache sets up the token key cache and refreshes the public key.
type PermissionDelegator ¶
type PermissionDelegator struct { // Token is the authenticated context to answer all authorization questions // from. Token jwt.Token }
PermissionDelegator is responsible for handling authorization questions within the context of the JWT it has. It implements authentication.PermissionDelegator interface.
func (*PermissionDelegator) PermissionError ¶
func (p *PermissionDelegator) PermissionError( subject names.Tag, perm permission.Access, ) error
PermissionsError implements PermissionDelegator
func (*PermissionDelegator) SubjectPermissions ¶
func (p *PermissionDelegator) SubjectPermissions( e authentication.Entity, subject names.Tag, ) (a permission.Access, err error)
SubjectPermissions implements PermissionDelegator
type TokenEntity ¶
type TokenEntity struct {
User names.UserTag
}
TokenEntity represents the entity found within a JWT token and conforms to state.Entity
type TokenParser ¶
type TokenParser interface { // Parse parses the supplied token string and returns both the constructed // jwt and the entity found within the token. Parse(ctx context.Context, tok string) (jwt.Token, authentication.Entity, error) }
TokenParser parses a jwt token returning the token and entity derived from the token subject.