Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var HttpGet = http.Get
HttpGet maps is provided to override in tests for fetching the certificate This is useful to prevent going over the wire to fetch data from a dummy url
Functions ¶
func GetJWKSURI ¶
GetJWKSURI provides the url that the jwks for the issue is located at verifies issue is a valid url and appends the common path to it
Types ¶
type Auth0Auth ¶
type Auth0Auth struct {
// Required. Audience refers to the audience of the JWT token. We currently always* verify the audience here matches the audience
// encoded in the JWT.
// We actually only do this if the claims object used has a VerifyAudience(string, bool) bool method which
// the default Claims object does
Audience string
// Required. Issue refers to the issuer of the JWT token. We currently always* verify the issue here matches the issue
// encoded in the JWT.
// We actually only do this if the claims object used has a VerifyIssuer(string, bool) bool method which
// the default Claims object does
Issue string
// Required function takes the ID and returns a (ViewerContext, error) tuple. Called by AuthFromViewer method to return the ViewerContext
// to be used for the current request
VCFromID func(string) (viewer.ViewerContext, error)
// Required function to take the identifier and returns an (ID, error) tuple indicating
// if subject maps to something in the database
// The identifier passed here depends on PayloadKey below
IDFromIdentifier func(string) (string, error)
// By default, we grab the subject (auth0_uid) from the payload and pass it to IDFromIdentifier to get the logged in user
// PayloadKey indicates we should grab from another key in the payload instead. The key should be all lowercase
// Most common is email which we then pass to IDFromIdentifier to validate that the email address
// maps to a user in our application
// This can also be phone_number or other unique information that maps to the user id
PayloadKey string
// Used to return a new empty claims instance which is passed to jwt.ParseWithClaims
// instead of the default jwt.MapClaims
BaseClaimFunc func() entjwt.Claims
// What algorithm method should be used to sign this token. Default is jwt.SigningMethodRS256
// Only other supported algorthm is jwt.SigningMethodHS256
SigningMethod jwt.SigningMethod
// Used to sign the token used to auth the user
// only used when signing method is jwt.SigningMethodHS256
// Otherwise, public key is used to sign and retrieved from the certificate at Issue
SigningKey interface{}
}
Auth0Auth is an implementation of the auth.Auth interface that verifies that the auth0 token in the header is valid
func (*Auth0Auth) AuthViewer ¶
func (auth *Auth0Auth) AuthViewer(w http.ResponseWriter, r *http.Request) viewer.ViewerContext
AuthViewer takes the authorization token from the request and verifies if valid and then returns a ViewerContext which maps to user encoded in the token
type JSONWebKey ¶
type JSONWebKey struct {
Alg string `json:"alg"`
Kty string `json:"kty"`
Kid string `json:"kid"`
Use string `json:"use"`
N string `json:"n"`
E string `json:"e"`
X5c []string `json:"x5c"`
X5t string `json:"x5t"`
}
JSONWebKey represents a single JSONWebKey. Used to verify auth0 certificates
type Jwks ¶
type Jwks struct {
Keys []JSONWebKey `json:"keys"`
}
Jwks represents a set of JSON Web Keys
Source Files
Click to show internal directories.
Click to hide internal directories.