Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func FromAuthHeader ¶
FromAuthHeader is a "TokenExtractor" that takes a give request and extracts the JWT token from the Authorization header.
Types ¶
type JWTMiddleware ¶
type JWTMiddleware struct {
Options Options
}
func New ¶
func New(options ...Options) *JWTMiddleware
New constructs a new Secure instance with supplied options.
func (*JWTMiddleware) CheckJWT ¶
func (m *JWTMiddleware) CheckJWT(w http.ResponseWriter, r *http.Request) (*jwt.Token, error)
func (*JWTMiddleware) HandlerWithNext ¶
func (m *JWTMiddleware) HandlerWithNext(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)
Special implementation for Negroni, but could be used elsewhere.
type Options ¶
type Options struct { // The function that will return the Key to validate the JWT. // It can be either a shared secret or a public key. // Default value: nil ValidationKeyGetter jwt.Keyfunc // The name of the property in the request where the user information // from the JWT will be stored. // Default value: "user" UserProperty string // The function that will be called when there's an error validating the token // Default value: ErrorHandler errorHandler // A boolean indicating if the credentials are required or not // Default value: false CredentialsOptional bool // A function that extracts the token from the request // Default: FromAuthHeader (i.e., from Authorization header as bearer token) Extractor TokenExtractor // Debug flag turns on debugging output // Default: false Debug bool // When set, all requests with the OPTIONS method will use authentication // Default: false EnableAuthOnOptions bool // When set, the middelware verifies that tokens are signed with the specific signing algorithm // If the signing method is not constant the ValidationKeyGetter callback can be used to implement additional checks // Important to avoid security issues described here: https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/ // Default: nil SigningMethod jwt.SigningMethod }
Options is a struct for specifying configuration options for the middleware.
type TokenExtractor ¶
TokenExtractor is a function that takes a request as input and returns either a token or an error. An error should only be returned if an attempt to specify a token was found, but the information was somehow incorrectly formed. In the case where a token is simply not present, this should not be treated as an error. An empty string should be returned in that case.
func FromFirst ¶
func FromFirst(extractors ...TokenExtractor) TokenExtractor
FromFirst returns a function that runs multiple token extractors and takes the first token it finds
func FromParameter ¶
func FromParameter(param string) TokenExtractor
FromParameter returns a function that extracts the token from the specified query string parameter