csrf

package

v0.9.0 Latest Latest Go to latest Published: Apr 23, 2023 License: Apache-2.0 Imports: 4 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/oxisto/oauth2go

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func GenerateToken() string
func Mask(sessionToken string) string
func Unmask(token string) (string, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var DoubleEncodedTokenSize = 32

View Source

var EncodedTokenSize = 24

View Source

var ErrInvalidLength = errors.New("invalid length")

View Source

var TokenSize = 18

Functions ¶

func GenerateToken ¶

func GenerateToken() string

GenerateToken generates a new random token that can be used as a CSRF token. Ideally, a unique token for each session should be generated. On can use the masking technique to generate a unique token for each request, that can still be verified against a session-unique token.

func Mask ¶

func Mask(sessionToken string) string

Mask can be used to mask a session-wide token into a unique CSRF token for each request.

func Unmask ¶

func Unmask(token string) (string, error)

Unmask extracts a potential session-wide token from a masked CSRF token. It returns an error if the token is not of the correct length or if it contains illegal base64 characters.

Types ¶

This section is empty.

Source Files ¶

View all Source files

csrf.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL