ssgo

package module
v0.0.0-...-fb671a9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 3, 2022 License: MIT Imports: 14 Imported by: 0

README

Safe&Secure Go Development

ci Go Report Card Documentation

Course source code written in Golang.

The course aims to provide best practices for developing secure server applications based on prevention of vulnerabilities from the OWASP 2021 Top Ten.

Prerequisites:

References:

Documentation

Index

Constants

View Source 
const (
	AuthorizationHeaderKey = "Authorization"

	DefaultJWTTimeToLive = time.Hour
)

Variables

View Source 
var (
	HackerLogger = log.New(os.Stderr, "[HACKER] ", log.Ldate|log.Ltime|log.Lmsgprefix)
	ServerLogger = log.New(os.Stderr, "[SERVER] ", log.Ldate|log.Ltime|log.Lmsgprefix)
)

Functions

func NewRegisteredClaims 

func NewRegisteredClaims(userID uuid.UUID, issuedAt time.Time, ttl time.Duration) jwt.RegisteredClaims

NewRegisteredClaims creates default jwt claims with predefined constraints

func NewSignedJWT 

func NewSignedJWT(secret []byte, userID uuid.UUID, permissions map[string][]Permission) (string, error)

NewSignedJWT returns raw jwt token signed

func RunTestServer 

func RunTestServer(t *testing.T, ctx context.Context, opts ...ServerOpt) (baseURL string, waitFunc func())

RunTestServer listens http on incrementing port for testing purposes

Types

type Claims 

type Claims struct {
	jwt.RegisteredClaims

	Permissions map[string][]Permission `json:"permissions"`
}

Claims to store permissions per entity

func ClaimsFromJWT 

func ClaimsFromJWT(rawToken string, secret []byte) (*Claims, error)

ClaimsFromJWT parses raw jwt token and returns Claims

func NewClaims 

func NewClaims(userID uuid.UUID, permissions map[string][]Permission) Claims

NewClaims constructor

type Hacker 

type Hacker interface {
	Attack() error
}

Hacker set of operations

type Permission 

type Permission string

Permission for entity 

const (
	PermissionWrite Permission = "write"
	PermissionRead  Permission = "read"
)

type Server 

type Server struct {
	// contains filtered or unexported fields
}

Server abstraction for an HTTP protocol

func NewServer 

func NewServer(port uint, opts ...ServerOpt) Server

NewServer constructor

func (Server) Handler 

func (s Server) Handler() http.Handler

Handler mounts multiple ServerRoute and handles HTTP requests

func (*Server) Run 

func (s *Server) Run() error

Run HTTP Server

func (*Server) Shutdown 

func (s *Server) Shutdown() error

Shutdown HTTP Server

type ServerOpt 

type ServerOpt func(*Server)

ServerOpt to enhance Server

func ServerWithRoute 

func ServerWithRoute(route ServerRoute) ServerOpt

ServerWithRoute mounts routes at a root Server.Handler

type ServerRoute 

type ServerRoute struct {
	Pattern string
	Handler http.Handler
}

ServerRoute that can be registered via ServerWithRoute

Source Files

View all Source files

Directories

Path Synopsis
pkg
slice

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.