session

package
v0.7.12 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 30, 2024 License: MIT Imports: 21 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	CtxTokenHeaderKey     = "token_header"
	CtxTokenHeaderDelKey  = "token_header_delete"
	CtxDisableRedirectKey = "disable_redirect"
	CtxCookieNameKey      = "cookie_name"
)

Variables

View Source 
var (
	ErrKIDNotFound  = keyfunc.ErrKIDNotFound
	ErrTokenInvalid = fmt.Errorf("token is invalid")
)
View Source 
var (
	TokenKey    = "token"
	ProviderKey = "provider"
)
View Source 
var DefaultExpireDuration = time.Second * 10

DefaultExpireDuration is the default duration to check if the access token is about to expire.

View Source 
var GlobalRegistry = &Registry{
	Store: make(map[string]*Session),
}

Functions

func GetOptionJWK 

func GetOptionJWK(opts ...OptionJWK) optionsJWK

func IsRefreshNeed added in v0.7.11 

func IsRefreshNeed(accessToken string) (bool, error)

IsRefreshNeed checks if the access token is about to expire.

func MapOptionKeyfunc 

func MapOptionKeyfunc(opt optionsJWK) keyfunc.Options

Types

type Action 

type Action struct {
	Active string `cfg:"active"`
	Token  *Token `cfg:"token"`
}

type AuthHeaderStyle 

type AuthHeaderStyle int

AuthHeaderStyle is a type to set Authorization header style. 

const (
	AuthHeaderStyleBasic AuthHeaderStyle = iota
	AuthHeaderStyleBearerSecret
	AuthHeaderStyleParams
)

type HostCookieName 

type HostCookieName struct {
	// Host as "localhost:8082"
	Host  string `cfg:"host"`
	Regex string `cfg:"regex"`

	CookieName string `cfg:"cookie_name"`
	// contains filtered or unexported fields
}

type InfKeyFunc 

type InfKeyFunc interface {
	Keyfunc(token *jwt.Token) (interface{}, error)
}

type InfKeyFuncParser 

type InfKeyFuncParser interface {
	InfKeyFunc
	ParseWithClaims(tokenString string, claims jwt.Claims) (*jwt.Token, error)
}

type InfProviderCert 

type InfProviderCert interface {
	GetCertURL() string
	GetName() string
}

type JwkKeyFuncParse 

type JwkKeyFuncParse struct {
	KeyFunc func(token *jwt.Token) (interface{}, error)
}

func MultiJWTKeyFunc 

func MultiJWTKeyFunc(providers []InfProviderCert, opts ...OptionJWK) (*JwkKeyFuncParse, error)

MultiJWTKeyFunc returns a jwt.Keyfunc with multiple keyfunc.

Doesn't support introspect and noops, it will ignore them.

func (*JwkKeyFuncParse) Keyfunc 

func (j *JwkKeyFuncParse) Keyfunc(token *jwt.Token) (interface{}, error)

func (*JwkKeyFuncParse) ParseWithClaims 

func (j *JwkKeyFuncParse) ParseWithClaims(tokenString string, claims jwt.Claims) (*jwt.Token, error)

type KeyFound 

type KeyFound struct {
	Key  interface{}
	Name string
}

func KeySelectorFirst 

func KeySelectorFirst(multiJWKS *MultipleJWKS, token *jwt.Token) (*KeyFound, error)

KeySelectorFirst returns the first key found in the multiple JWK Sets.

type KeyFuncMulti 

type KeyFuncMulti struct {
	// contains filtered or unexported fields
}

func (*KeyFuncMulti) KeySelectorFirst 

func (k *KeyFuncMulti) KeySelectorFirst(multiJWKS *MultipleJWKS, token *jwt.Token) (interface{}, error)

func (*KeyFuncMulti) Keyfunc 

func (k *KeyFuncMulti) Keyfunc(token *jwt.Token) (interface{}, error)

type MetaData 

type MetaData struct {
	Error string `json:"error"`
}

type MultipleJWKS 

type MultipleJWKS struct {
	// contains filtered or unexported fields
}

MultipleJWKS manages multiple JWKS and has a field for jwt.Keyfunc.

func GetMultiple 

func GetMultiple(multiple map[MultipleJWKSKey]keyfunc.Options, options MultipleOptions) (multiJWKS *MultipleJWKS, err error)

GetMultiple creates a new MultipleJWKS. A map of length one or more JWKS URLs to Options is required.

Be careful when choosing Options for each JWKS in the map. If RefreshUnknownKID is set to true for all JWKS in the map then many refresh requests would take place each time a JWT is processed, this should be rate limited by RefreshRateLimit.

func (*MultipleJWKS) Keyfunc 

func (m *MultipleJWKS) Keyfunc(token *jwt.Token) (interface{}, error)

Keyfunc matches the signature of github.com/golang-jwt/jwt/v5's jwt.Keyfunc function.

type MultipleJWKSKey 

type MultipleJWKSKey struct {
	URL  string
	Name string
}

type MultipleOptions 

type MultipleOptions struct {
	KeySelector func(multiJWKS *MultipleJWKS, token *jwt.Token) (key interface{}, err error)
}

type Oauth2 

type Oauth2 struct {
	// ClientID is the application's ID.
	ClientID string `cfg:"client_id"`
	// ClientSecret is the application's secret.
	ClientSecret string `cfg:"client_secret" log:"false"`
	// Scope specifies optional requested permissions.
	Scopes []string `cfg:"scopes"`
	// CertURL is the resource server's public key URL.
	CertURL string `cfg:"cert_url"`
	// IntrospectURL is the check the active or not with request.
	IntrospectURL string `cfg:"introspect_url"`
	// AuthURL is the resource server's authorization endpoint
	// use for redirection to login page.
	AuthURL string `cfg:"auth_url"`
	// TokenURL is the resource server's token endpoint URL.
	TokenURL  string `cfg:"token_url"`
	LogoutURL string `cfg:"logout_url"`
	// AuthHeaderStyle is optional. If not set, AuthHeaderStyleBasic will be used.
	AuthHeaderStyle AuthHeaderStyle
}

type OptionJWK 

type OptionJWK func(options *optionsJWK)

func WithClient 

func WithClient(client *http.Client) OptionJWK

WithClient is used to set the http.Client used to fetch the JWKs.

func WithContext 

func WithContext(ctx context.Context) OptionJWK

WithContext is used to set the context used to fetch the JWKs.

func WithIntrospect 

func WithIntrospect(v bool) OptionJWK

func WithKeyFunc 

func WithKeyFunc(keyFunc InfKeyFunc) OptionJWK

WithGivenKeys is used to set the given keys used to verify the token.

Return ErrKIDNotFound if the kid is not found.

Example: 

// Create the JWKS from the given keys.
givenKeys := map[string]keyfunc.GivenKey{
	"my-key-id": keyfunc.NewGivenHMAC(...),
}
jwks := keyfunc.NewGiven(givenKeys)

func WithRefreshErrorHandler 

func WithRefreshErrorHandler(fn func(err error)) OptionJWK

WithRefreshErrorHandler sets the refresh error handler for the jwt.Key.

func WithRefreshInterval 

func WithRefreshInterval(d time.Duration) OptionJWK

WithRefreshInterval sets the refresh interval for the jwt.Keyfunc default is 5 minutes.

type Options 

type Options struct {
	Path     string `cfg:"path"`
	MaxAge   int    `cfg:"max_age"`
	Domain   string `cfg:"domain"`
	Secure   bool   `cfg:"secure"`
	HttpOnly bool   `cfg:"http_only"`
	// SameSite for Lax 2, Strict 3, None 4.
	SameSite http.SameSite `cfg:"same_site"`
}

type Provider 

type Provider struct {
	Name   string  `cfg:"name"`
	Oauth2 *Oauth2 `cfg:"oauth2"`
	// XUser header set from token claims. Default is email and preferred_username.
	// It set first found value.
	XUser            []string `cfg:"x_user"`
	EmailVerifyCheck bool     `cfg:"email_verify_check"`
	// PasswordFlow is use password flow to get token.
	PasswordFlow bool `cfg:"password_flow"`
	// Priority is use to sort provider.
	Priority int `cfg:"priority"`
}

type ProviderWrapper 

type ProviderWrapper struct {
	Name    string
	Generic *providers.Generic
}

func (*ProviderWrapper) GetCertURL 

func (p *ProviderWrapper) GetCertURL() string

func (*ProviderWrapper) GetName 

func (p *ProviderWrapper) GetName() string

type Registry 

type Registry struct {
	Store map[string]*Session
	// contains filtered or unexported fields
}

func (*Registry) Get 

func (r *Registry) Get(name string) *Session

func (*Registry) Set 

func (r *Registry) Set(name string, store *Session)

type Session 

type Session struct {
	Store Store `cfg:"store"`
	// Options for main cookie.
	Options Options `cfg:"options"`

	// CookieName for default cookie name.
	// Overwrite this value with 'cookie_name' ctx value.
	CookieName string `cfg:"cookie_name"`
	// CookieNameHosts for cookie name by host with regexp.
	CookieNameHosts []HostCookieName `cfg:"cookie_name_hosts"`

	Action   Action              `cfg:"action"`
	Provider map[string]Provider `cfg:"provider"`
	// contains filtered or unexported fields
}

func (*Session) DelToken 

func (m *Session) DelToken(c echo.Context) error

func (*Session) Do 

func (m *Session) Do(next echo.HandlerFunc, c echo.Context) error

func (*Session) GetCookieName 

func (m *Session) GetCookieName(c echo.Context) string

func (*Session) GetStore 

func (m *Session) GetStore() StoreInf

func (*Session) GetToken 

func (m *Session) GetToken(c echo.Context) (*TokenData, *Oauth2, error)

func (*Session) Init 

func (m *Session) Init(ctx context.Context, name string) error

func (*Session) IsLogged 

func (m *Session) IsLogged(c echo.Context) (bool, error)

IsLogged check token is exist and valid.

func (*Session) Middleware 

func (m *Session) Middleware(ctx context.Context, name string) (echo.MiddlewareFunc, error)

func (*Session) RedirectToLogin 

func (m *Session) RedirectToLogin(c echo.Context, store StoreInf, addRedirectPath bool, removeSession bool) error

func (*Session) RedirectToMain 

func (m *Session) RedirectToMain(c echo.Context) error

func (*Session) SetAction 

func (m *Session) SetAction() error

func (*Session) SetStore 

func (m *Session) SetStore(ctx context.Context) error

func (*Session) SetToken 

func (m *Session) SetToken(c echo.Context, token []byte, providerName string) error

type Store 

type Store struct {
	Active string       `cfg:"active"`
	Redis  *store.Redis `cfg:"redis"`
	File   *store.File  `cfg:"file"`
}

type StoreInf 

type StoreInf interface {
	Get(r *http.Request, name string) (*sessions.Session, error)
}

type Token 

type Token struct {
	LoginPath          string `cfg:"login_path"`
	DisableRefresh     bool   `cfg:"disable_refresh"`
	InsecureSkipVerify bool   `cfg:"insecure_skip_verify"`
	// contains filtered or unexported fields
}

func (*Token) GetKeyFunc 

func (t *Token) GetKeyFunc() InfKeyFuncParser

type TokenData 

type TokenData struct {
	AccessToken      string `json:"access_token"`
	ExpiresIn        int    `json:"expires_in"`
	RefreshExpiresIn int    `json:"refresh_expires_in"`
	RefreshToken     string `json:"refresh_token"`
	TokenType        string `json:"token_type"`
	NotBeforePolicy  int    `json:"not-before-policy"`
	SessionState     string `json:"session_state"`
	Scope            string `json:"scope"`
	IDToken          string `json:"id_token"`
}

func ParseToken 

func ParseToken(v []byte) (*TokenData, error)

func ParseToken64 

func ParseToken64(v string) (*TokenData, error)

Parse64 parse the cookie

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.