security

Documentation

Index

• Constants
• func Protect(config *config.Config, ...) func(w http.ResponseWriter, r *http.Request)
• type JwtToken
  • func GetTokenFromRawAuthHeader(config *config.Config, rawAuthHeaderToken string) (*JwtToken, error)

Constants

const Appliance = "Appliance"

Appliance ExternalID Type

const Session = "Session"

Session ExternalID Type

const User = "User"

User ExternalID Type

Functions

func Protect

func Protect(config *config.Config, handlerFunc func(w http.ResponseWriter, r *http.Request, token *JwtToken), allowedScopes []string, requireAdmin bool) func(w http.ResponseWriter, r *http.Request)

Protect authenticates and makes sure that caller is authorized to make the call before before invoking actual handler

Types

type JwtToken

type JwtToken struct {
	// UserID is id of user matchimg the token
	UserID         uuid.UUID   `json:"user,omitempty"`
	UserName       string      `json:"name,omitempty"`
	DisplayName    string      `json:"displayName,omitempty"`
	UserGroupIDs   []uuid.UUID `json:"usergroupIds,omitempty"`
	TenantID       uuid.UUID   `json:"tenant,omitempty"`
	TenantName     string      `json:"tenantName,omitempty"`
	ExternalID     string      `json:"externalId,omitempty"`
	ExternalIDType string      `json:"externalIdType,omitempty"`
	Scopes         []string    `json:"scope,omitempty"`
	Admin          bool        `json:"admin,omitempty"`
	Raw            string      `json:"-"`
	jwt.StandardClaims
}

JwtToken represents the parsed Token from Authentication Header

func GetTokenFromRawAuthHeader

func GetTokenFromRawAuthHeader(config *config.Config, rawAuthHeaderToken string) (*JwtToken, error)

GetTokenFromRawAuthHeader validates and gets JwtToken from given raw auth header token string rawAuthHeaderToken should be of format `Bearer {token-body}`