auth

package
v0.0.0-...-0efd02e Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 18, 2023 License: MIT Imports: 7 Imported by: 0

Documentation

Index

Constants

View Source
const (
	RoleAdmin = "ADMIN"
	RoleUser  = "USER"
)

RoleAdmin represents admin role RoleUser represents user role

Variables

This section is empty.

Functions

This section is empty.

Types

type Authenticator

type Authenticator struct {
	JWTConfig echojwt.Config
	// contains filtered or unexported fields
}

Authenticator is used to authenticate clients. It can generate a token for a set of user claims and recreate the claims by parsing the token.

func NewAuthenticator

func NewAuthenticator(privateKey *rsa.PrivateKey, activeKID, algorithm string, publicKeyLookupFunc KeyLookupFunc) (*Authenticator, error)

NewAuthenticator creates an *Authenticator for use. It will error if: - The private key is nil. - The public key func is nil. - The key ID is blank. - The specified algorithm is unsupported.

func (*Authenticator) GenerateToken

func (a *Authenticator) GenerateToken(claims *Claims) (string, error)

GenerateToken generates a signed JWT token string representing the user Claims.

type Claims

type Claims struct {
	Roles []string `json:"roles"`
	jwt.RegisteredClaims
}

Claims represents the authorization claims transmitted via a JWT

func NewClaims

func NewClaims(subject string, roles []string, now time.Time, expires time.Duration) *Claims

NewClaims constructs a Claims value for the identified user

func (*Claims) HasRole

func (c *Claims) HasRole(roles ...string) bool

HasRole returns true if the claims has at least one of the provided roles.

type KeyLookupFunc

type KeyLookupFunc func(kid string) (*rsa.PublicKey, error)

KeyLookupFunc is used to map a JWT key id (kid) to the corresponding public key. It is a requirement for creating an Authenticator.

* Private keys should be rotated. During the transition period, tokens signed with the old and new keys can coexist by looking up the correct public key by key id (kid).

* Key-id-to-public-key resolution is usually accomplished via a public JWKS endpoint. See https://auth0.com/docs/jwks for more details.

func NewSimpleKeyLookupFunc

func NewSimpleKeyLookupFunc(activeKID string, publicKey *rsa.PublicKey) KeyLookupFunc

NewSimpleKeyLookupFunc is a simple implementation of KeyFunc that only ever supports one key. This is easy for development but in production should be replaced with a caching layer that calls a JWKS endpoint.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL