jwtclaims

package
v0.21.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 20, 2023 License: BSD-3-Clause Imports: 17 Imported by: 16

Documentation

Index

Constants

View Source
const (
	// TokenUserProperty key for the user property in the request context
	TokenUserProperty = "user"
	// AccountIDSuffix suffix for the account id claim
	AccountIDSuffix = "wt_account_id"
	// DomainIDSuffix suffix for the domain id claim
	DomainIDSuffix = "wt_account_domain"
	// DomainCategorySuffix suffix for the domain category claim
	DomainCategorySuffix = "wt_account_domain_category"
	// UserIDClaim claim for the user id
	UserIDClaim = "sub"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AuthorizationClaims

type AuthorizationClaims struct {
	UserId         string
	AccountId      string
	Domain         string
	DomainCategory string
}

AuthorizationClaims stores authorization information from JWTs

type ClaimsExtractor

type ClaimsExtractor struct {
	FromRequestContext ExtractClaims
	// contains filtered or unexported fields
}

ClaimsExtractor struct that holds the extract function

func NewClaimsExtractor

func NewClaimsExtractor(options ...ClaimsExtractorOption) *ClaimsExtractor

NewClaimsExtractor returns an extractor, and if provided with a function with ExtractClaims signature, then it will use that logic. Uses ExtractClaimsFromRequestContext by default

func (*ClaimsExtractor) FromToken added in v0.13.0

func (c *ClaimsExtractor) FromToken(token *jwt.Token) AuthorizationClaims

FromToken extracts claims from the token (after auth)

type ClaimsExtractorOption added in v0.13.0

type ClaimsExtractorOption func(*ClaimsExtractor)

ClaimsExtractorOption is a function that configures the ClaimsExtractor

func WithAudience added in v0.13.0

func WithAudience(audience string) ClaimsExtractorOption

WithAudience sets the audience for the extractor

func WithFromRequestContext added in v0.13.0

func WithFromRequestContext(ec ExtractClaims) ClaimsExtractorOption

WithFromRequestContext sets the function that extracts claims from the request context

func WithUserIDClaim added in v0.13.0

func WithUserIDClaim(userIDClaim string) ClaimsExtractorOption

WithUserIDClaim sets the user id claim for the extractor

type ExtractClaims

type ExtractClaims func(r *http.Request) AuthorizationClaims

ExtractClaims Extract function type

type JSONWebKey added in v0.15.0

type JSONWebKey struct {
	Kty string   `json:"kty"`
	Kid string   `json:"kid"`
	Use string   `json:"use"`
	N   string   `json:"n"`
	E   string   `json:"e"`
	X5c []string `json:"x5c"`
}

JSONWebKey is a representation of a Jason Web Key

type JWTValidator added in v0.15.0

type JWTValidator struct {
	// contains filtered or unexported fields
}

JWTValidator struct to handle token validation and parsing

func NewJWTValidator added in v0.15.0

func NewJWTValidator(issuer string, audienceList []string, keysLocation string, idpSignkeyRefreshEnabled bool) (*JWTValidator, error)

NewJWTValidator constructor

func (*JWTValidator) ValidateAndParse added in v0.15.0

func (m *JWTValidator) ValidateAndParse(token string) (*jwt.Token, error)

ValidateAndParse validates the token and returns the parsed token

type Jwks added in v0.15.0

type Jwks struct {
	Keys []JSONWebKey `json:"keys"`
	// contains filtered or unexported fields
}

Jwks is a collection of JSONWebKey obtained from Config.HttpServerConfig.AuthKeysLocation

type Options added in v0.15.0

type Options struct {
	// The function that will return the Key to validate the JWT.
	// It can be either a shared secret or a public key.
	// Default value: nil
	ValidationKeyGetter jwt.Keyfunc
	// The name of the property in the request where the user information
	// from the JWT will be stored.
	// Default value: "user"
	UserProperty string
	// The function that will be called when there's an error validating the token
	// Default value:
	CredentialsOptional bool
	// A function that extracts the token from the request
	// Default: FromAuthHeader (i.e., from Authorization header as bearer token)
	Debug bool
	// When set, all requests with the OPTIONS method will use authentication
	// Default: false
	EnableAuthOnOptions bool
	// When set, the middelware verifies that tokens are signed with the specific signing algorithm
	// If the signing method is not constant the ValidationKeyGetter callback can be used to implement additional checks
	// Important to avoid security issues described here: https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries/
	// Default: nil
	SigningMethod jwt.SigningMethod
}

Options is a struct for specifying configuration options for the middleware.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL