Documentation ¶
Index ¶
Constants ¶
const ( // TokenUserProperty key for the user property in the request context TokenUserProperty = "user" // AccountIDSuffix suffix for the account id claim AccountIDSuffix = "wt_account_id" // DomainIDSuffix suffix for the domain id claim DomainIDSuffix = "wt_account_domain" // DomainCategorySuffix suffix for the domain category claim DomainCategorySuffix = "wt_account_domain_category" // UserIDClaim claim for the user id UserIDClaim = "sub" // LastLoginSuffix claim for the last login LastLoginSuffix = "nb_last_login" // Invited claim indicates that an incoming JWT is from a user that just accepted an invitation Invited = "nb_invited" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthorizationClaims ¶
type AuthorizationClaims struct { UserId string AccountId string Domain string DomainCategory string LastLogin time.Time Invited bool Raw jwt.MapClaims }
AuthorizationClaims stores authorization information from JWTs
type ClaimsExtractor ¶
type ClaimsExtractor struct { FromRequestContext ExtractClaims // contains filtered or unexported fields }
ClaimsExtractor struct that holds the extract function
func NewClaimsExtractor ¶
func NewClaimsExtractor(options ...ClaimsExtractorOption) *ClaimsExtractor
NewClaimsExtractor returns an extractor, and if provided with a function with ExtractClaims signature, then it will use that logic. Uses ExtractClaimsFromRequestContext by default
func (*ClaimsExtractor) FromToken ¶ added in v0.13.0
func (c *ClaimsExtractor) FromToken(token *jwt.Token) AuthorizationClaims
FromToken extracts claims from the token (after auth)
type ClaimsExtractorOption ¶ added in v0.13.0
type ClaimsExtractorOption func(*ClaimsExtractor)
ClaimsExtractorOption is a function that configures the ClaimsExtractor
func WithAudience ¶ added in v0.13.0
func WithAudience(audience string) ClaimsExtractorOption
WithAudience sets the audience for the extractor
func WithFromRequestContext ¶ added in v0.13.0
func WithFromRequestContext(ec ExtractClaims) ClaimsExtractorOption
WithFromRequestContext sets the function that extracts claims from the request context
func WithUserIDClaim ¶ added in v0.13.0
func WithUserIDClaim(userIDClaim string) ClaimsExtractorOption
WithUserIDClaim sets the user id claim for the extractor
type ExtractClaims ¶
type ExtractClaims func(r *http.Request) AuthorizationClaims
ExtractClaims Extract function type
type JSONWebKey ¶ added in v0.15.0
type JSONWebKey struct { Kty string `json:"kty"` Kid string `json:"kid"` Use string `json:"use"` N string `json:"n"` E string `json:"e"` Crv string `json:"crv"` X string `json:"x"` Y string `json:"y"` X5c []string `json:"x5c"` }
JSONWebKey is a representation of a Jason Web Key
type JWTValidator ¶ added in v0.15.0
type JWTValidator struct {
// contains filtered or unexported fields
}
JWTValidator struct to handle token validation and parsing
func NewJWTValidator ¶ added in v0.15.0
func NewJWTValidator(ctx context.Context, issuer string, audienceList []string, keysLocation string, idpSignkeyRefreshEnabled bool) (*JWTValidator, error)
NewJWTValidator constructor
func (*JWTValidator) ValidateAndParse ¶ added in v0.15.0
ValidateAndParse validates the token and returns the parsed token
type Jwks ¶ added in v0.15.0
type Jwks struct { Keys []JSONWebKey `json:"keys"` // contains filtered or unexported fields }
Jwks is a collection of JSONWebKey obtained from Config.HttpServerConfig.AuthKeysLocation
type Options ¶ added in v0.15.0
type Options struct { // The function that will return the Key to validate the JWT. // It can be either a shared secret or a public key. // Default value: nil ValidationKeyGetter jwt.Keyfunc // The name of the property in the request where the user information // from the JWT will be stored. // Default value: "user" UserProperty string // The function that will be called when there's an error validating the token // Default value: CredentialsOptional bool // A function that extracts the token from the request // Default: FromAuthHeader (i.e., from Authorization header as bearer token) Debug bool // When set, all requests with the OPTIONS method will use authentication // Default: false EnableAuthOnOptions bool }
Options is a struct for specifying configuration options for the middleware.