Documentation
¶
Index ¶
- Constants
- type JWKS
- type PublicKey
- type SecretStore
- type SiriusClaims
- type Store
- func (db *Store) Authorize(inner http.Handler) http.Handler
- func (db *Store) GenerateToken(token Token, kid string) (string, error)
- func (db *Store) GetPublicKeys() (JWKS, error)
- func (db *Store) ParseHTTPToken(header *http.Header) (token Token, err error)
- func (db *Store) ParseHTTPTokenWithoutValidation(s string) (Token, error)
- func (db *Store) ParseTokenAndValidate(tokenString string) (Token, error)
- func (db *Store) SetTokenLifetime(lifetime time.Duration) error
- func (db *Store) ValidateSignature(tokenString string) (Token, error)
- type Token
- type Validator
Constants ¶
View Source
const ( // ScopeAnonymous is a token with a scope of anonymous ScopeAnonymous = "anonymous" // ScopeTenant is a token with a scope of tenant ScopeTenant = "tenant" // ScopeMerchant is a token with a scope of merchant ScopeMerchant = "merchant" // XJWT is the JWT that was sent by the caller of the request XJWT = "Authorization" // XIP is the ip of the caller XIP = "X-IP" // XScope is authorization scopes of the token XScope = "X-Scope" // XRole is the role of the token. One of anonymous, buyer, tenant or merchant XRole = "X-Role" // XTenantID is the uuid of the tenant XTenantID = "X-Tenant-ID" // XMerchantID is the uuid of the merchant XMerchantID = "X-Merchant-ID" // XUserID is the uuid of the user of API XUserID = "X-User-ID" // APIKey is the Sirius API key that is given to tenants and merchants APIKey = "X-Sirius-API-Key" // AppID is an application's app-id AppID = "X-Sirius-App-ID" // XTimeOffset is the header key that carries an optional time offset for testing XTimeOffset = "X-Time-Offset" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type SecretStore ¶
type SecretStore interface {
GetKeyIDs() []string
GetPublicKeyWithID(kid string) string
GetPrivateKeyWithID(kid string) string
}
SecretStore store containing secrets
type SiriusClaims ¶
type SiriusClaims struct {
jwt.RegisteredClaims
TenantID string `json:"tenantID"`
MerchantID string `json:"merchantID,omitempty"`
UserID string `json:"userID,omitempty"` // UserID is the original user of the token that requested a token exchange
Scope []string `json:"scp"`
Role string `json:"role"`
}
func GetClaims ¶
func GetClaims(token *jwt.Token) SiriusClaims
type Store ¶
type Store struct {
SecretStore
// contains filtered or unexported fields
}
Store is the database for secrets
func (*Store) GenerateToken ¶
func (*Store) GetPublicKeys ¶
func (*Store) ParseHTTPToken ¶
func (*Store) ParseHTTPTokenWithoutValidation ¶
func (*Store) ParseTokenAndValidate ¶
type Token ¶
type Token struct {
jwt.Token
SiriusClaims
}
Token is Bread's Token which includes all standard fields and Bread's custom claims
type Validator ¶
type Validator interface {
GenerateToken(token Token, kid string) (string, error)
ParseHTTPToken(header *http.Header) (token Token, err error)
ParseHTTPTokenWithoutValidation(token string) (Token, error)
Authorize(inner http.Handler) http.Handler
ParseTokenAndValidate(tokenString string) (Token, error)
SetTokenLifetime(lifetime time.Duration) error
ValidateSignature(token string) (Token, error)
GetPublicKeys() (JWKS, error)
}
Validator is the interface to token validation of the jwt
func NewValidator ¶
func NewValidator(store SecretStore) Validator
Source Files
Click to show internal directories.
Click to hide internal directories.