kjwtauth

package
v0.6.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 6, 2022 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	TokenCtxKey          = &contextKey{"Token"}
	ErrorCtxKey          = &contextKey{"Error"}
	ValidateOptionCtxKey = &contextKey{"ValidateOption"}
)
View Source
var (
	ErrUnauthorized = errors.New("token is unauthorized")
	ErrExpired      = errors.New("token is expired")
	ErrNBFInvalid   = errors.New("token nbf validation failed")
	ErrIATInvalid   = errors.New("token iat validation failed")
	ErrNoTokenFound = errors.New("no token found")
	ErrAlgoInvalid  = errors.New("algorithm mismatch")
)

Functions

func AuthenticatorChi

func AuthenticatorChi(next http.Handler) http.Handler

AuthenticatorChi is a default authentication middleware to enforce access from the Verifier middleware request context values. The Authenticator sends a 401 Unauthorized response for any unverified tokens and passes the good ones through. It's just fine until you decide to write something similar and customize your client response.

func AuthenticatorEcho

func AuthenticatorEcho(next echo.HandlerFunc) echo.HandlerFunc

func AuthenticatorGin

func AuthenticatorGin(c *gin.Context)

func EpochNow

func EpochNow() int64

EpochNow is a helper function that returns the NumericDate time value used by the spec

func ErrorReason

func ErrorReason(err error) error

ErrorReason will normalize the error message from the underlining jwt library

func ExpireIn

func ExpireIn(tm time.Duration) int64

ExpireIn is a helper function to return calculated time in the future for "exp" claim

func FromContext

func FromContext(ctx context.Context) (jwt.Token, map[string]interface{}, error)

func GetValidateOption

func GetValidateOption(ctx context.Context) jwt.ValidateOption

func NewContext

func NewContext(ctx context.Context, t jwt.Token, err error, validateOption jwt.ValidateOption) context.Context

func SetExpiry

func SetExpiry(claims map[string]interface{}, tm time.Time)

Set expiry ("exp") in the claims

func SetExpiryIn

func SetExpiryIn(claims map[string]interface{}, tm time.Duration)

Set expiry ("exp") in the claims to some duration from the present time

func SetIssuedAt

func SetIssuedAt(claims map[string]interface{}, tm time.Time)

Set issued at ("iat") to specified time in the claims

func SetIssuedNow

func SetIssuedNow(claims map[string]interface{})

Set issued at ("iat") to present time in the claims

func TokenFromCookie

func TokenFromCookie(r *http.Request) string

TokenFromCookie tries to retreive the token string from a cookie named "jwt".

func TokenFromHeader

func TokenFromHeader(r *http.Request) string

TokenFromHeader tries to retreive the token string from the "Authorization" reqeust header: "Authorization: BEARER T".

func TokenFromQuery

func TokenFromQuery(r *http.Request) string

TokenFromQuery tries to retreive the token string from the "jwt" URI query parameter.

To use it, build our own middleware handler, such as:

func Verifier(ja *JWTAuth) func(http.Handler) http.Handler {
	return func(next http.Handler) http.Handler {
		return Verify(ja, TokenFromQuery, TokenFromHeader, TokenFromCookie)(next)
	}
}

func UnixTime

func UnixTime(tm time.Time) int64

UnixTime returns the given time in UTC milliseconds

func VerifierChi

func VerifierChi(ja *JWTAuth) func(http.Handler) http.Handler

VerifierChi http middleware handler will verify a JWT string from a http request.

Verifier will search for a JWT token in a http request, in the order:

  1. 'jwt' URI query parameter
  2. 'Authorization: BEARER T' request header
  3. Cookie 'jwt' value

The first JWT string that is found as a query parameter, authorization header or cookie header is then decoded by the `jwt-go` library and a *jwt.Token object is set on the request context. In the case of a signature decoding error the Verifier will also set the error on the request context.

The Verifier always calls the next http handler in sequence, which can either be the generic `jwtauth.Authenticator` middleware or your own custom handler which checks the request context jwt token and error to prepare a custom http response.

func VerifierEcho

func VerifierEcho(ja *JWTAuth) func(echo.HandlerFunc) echo.HandlerFunc

func VerifierGin

func VerifierGin(ja *JWTAuth) gin.HandlerFunc

func VerifyChi

func VerifyChi(ja *JWTAuth, findTokenFns ...func(r *http.Request) string) func(http.Handler) http.Handler

func VerifyEcho

func VerifyEcho(ja *JWTAuth, findTokenFns ...func(r *http.Request) string) func(echo.HandlerFunc) echo.HandlerFunc

func VerifyGin

func VerifyGin(ja *JWTAuth, findTokenFns ...func(r *http.Request) string) gin.HandlerFunc

func VerifyRequest

func VerifyRequest(ja *JWTAuth, r *http.Request, validateOption jwt.ValidateOption, findTokenFns ...func(r *http.Request) string) (jwt.Token, error)

func VerifyToken

func VerifyToken(ja *JWTAuth, tokenString string, validateOption jwt.ValidateOption) (jwt.Token, error)

Types

type JWTAuth

type JWTAuth struct {
	// contains filtered or unexported fields
}

func New

func New(alg string, signKey interface{}, verifyKey interface{}, keploy *keploy.Keploy) *JWTAuth

func (*JWTAuth) Decode

func (ja *JWTAuth) Decode(tokenString string) (jwt.Token, error)

func (*JWTAuth) Encode

func (ja *JWTAuth) Encode(claims map[string]interface{}) (t jwt.Token, tokenString string, err error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL