Documentation ¶
Index ¶
- Variables
- func Authenticator(next http.Handler) http.Handler
- func EpochNow() int64
- func ErrorReason(err error) error
- func ExpireIn(tm time.Duration) int64
- func FromContext(ctx context.Context) (jwt.Token, map[string]interface{}, error)
- func NewContext(ctx context.Context, t jwt.Token, err error) context.Context
- func SetExpiry(claims map[string]interface{}, tm time.Time)
- func SetExpiryIn(claims map[string]interface{}, tm time.Duration)
- func SetIssuedAt(claims map[string]interface{}, tm time.Time)
- func SetIssuedNow(claims map[string]interface{})
- func TokenFromCookie(r *http.Request) string
- func TokenFromHeader(r *http.Request) string
- func TokenFromQuery(r *http.Request) string
- func UnixTime(tm time.Time) int64
- func Verifier(ja *JWTAuth) func(http.Handler) http.Handler
- func Verify(ja *JWTAuth, findTokenFns ...func(r *http.Request) string) func(http.Handler) http.Handler
- func VerifyRequest(ja *JWTAuth, r *http.Request, findTokenFns ...func(r *http.Request) string) (jwt.Token, error)
- func VerifyToken(ja *JWTAuth, tokenString string) (jwt.Token, error)
- type JWTAuth
Constants ¶
This section is empty.
Variables ¶
var ( TokenCtxKey = &contextKey{"Token"} ErrorCtxKey = &contextKey{"Error"} )
Functions ¶
func Authenticator ¶
Authenticator is a default authentication middleware to enforce access from the Verifier middleware request context values. The Authenticator sends a 401 Unauthorized response for any unverified tokens and passes the good ones through. It's just fine until you decide to write something similar and customize your client response.
func EpochNow ¶
func EpochNow() int64
EpochNow is a helper function that returns the NumericDate time value used by the spec
func ErrorReason ¶
ErrorReason will normalize the error message from the underlining jwt library
func ExpireIn ¶
ExpireIn is a helper function to return calculated time in the future for "exp" claim
func SetExpiryIn ¶
Set expiry ("exp") in the claims to some duration from the present time
func SetIssuedAt ¶
Set issued at ("iat") to specified time in the claims
func SetIssuedNow ¶
func SetIssuedNow(claims map[string]interface{})
Set issued at ("iat") to present time in the claims
func TokenFromCookie ¶
TokenFromCookie tries to retreive the token string from a cookie named "jwt".
func TokenFromHeader ¶
TokenFromHeader tries to retreive the token string from the "Authorization" reqeust header: "Authorization: BEARER T".
func TokenFromQuery ¶
TokenFromQuery tries to retreive the token string from the "jwt" URI query parameter.
To use it, build our own middleware handler, such as:
func Verifier(ja *JWTAuth) func(http.Handler) http.Handler { return func(next http.Handler) http.Handler { return Verify(ja, TokenFromQuery, TokenFromHeader, TokenFromCookie)(next) } }
func Verifier ¶
Verifier http middleware handler will verify a JWT string from a http request.
Verifier will search for a JWT token in a http request, in the order:
- 'Authorization: BEARER T' request header
- Cookie 'jwt' value
The first JWT string that is found as a query parameter, authorization header or cookie header is then decoded by the `jwt-go` library and a *jwt.Token object is set on the request context. In the case of a signature decoding error the Verifier will also set the error on the request context.
The Verifier always calls the next http handler in sequence, which can either be the generic `jwtauth.Authenticator` middleware or your own custom handler which checks the request context jwt token and error to prepare a custom http response.
func VerifyRequest ¶
Types ¶
type JWTAuth ¶
type JWTAuth struct {
// contains filtered or unexported fields
}
func GetTokenAuth ¶
func GetTokenAuth() *JWTAuth