claims

package
v0.0.0-...-15c3ca4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 19, 2019 License: GPL-3.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DecodeKey 

func DecodeKey(n string, e string) (rsaPublicKey *rsa.PublicKey, err error)

DecodeKey takes the base64 encoded values of n and e from the JWK and returns a PublicKey object.

func FetchKeys 

func FetchKeys(region, userPoolID string) (keys map[string]*rsa.PublicKey, err error)

FetchKeys gets the public keys for a cognito user pool via a http request and parses them.

func NewOneTimeKeyFetcher 

func NewOneTimeKeyFetcher(region, userPoolID string) func(kid string) (key *rsa.PublicKey, err error)

NewOneTimeKeyFetcher returns a function that will map cognito key IDs to their respective keys. The first time the returned function is called, it will fetch the keys from the public endpoint. Subsequent calls will used data cached from the initial call. No more than one http call will be made.

func NewTestKeyFetcher 

func NewTestKeyFetcher(jwks string) (fn func(kid string) (key *rsa.PublicKey, err error), err error)

NewTestKeyFetcher takes a jwks (such as is returned by cognito) as a string and returns a key fetcher funcrion that can be passed to an authorizer. This can be used for unit testing.

Types

type Auth 

type Auth struct {
	// contains filtered or unexported fields
}

Auth contains AWS public keys required for validating Cognito JWTs.

func New 

func New(keyGetter func(kid string) (*rsa.PublicKey, error)) (a *Auth)

New creates a new authorizer with the provided keys. keyGetter is a function that maps the "kid" key in the header of the JWT to a parsed Public Key.

func (*Auth) FromAuthorizationHeader 

func (a *Auth) FromAuthorizationHeader(r *http.Request) (claims Claims, found bool, err error)

FromAuthorizationHeader gets the Authorization header and parses the claims from the JWT.

func (*Auth) FromAuthorizationToken 

func (a *Auth) FromAuthorizationToken(token string) (claims Claims, found bool, err error)

FromAuthorizationToken retrieves the claim from the authorization token.

type Authorizer 

type Authorizer func(*http.Request) (Claims, bool, error)

Authorizer parses the claims for a request from the Authorization header.

type Claims 

type Claims struct {
	Groups   []string `json:"cognito:groups"`
	Username string   `json:"cognito:username"`
	Email    string   `json:"email"`
	UserID   string   `json:"sub"`
	jwt.StandardClaims
}

Claims represents the cognito user pool claims.

func (Claims) IsStaff 

func (c Claims) IsStaff() bool

IsStaff returns true when the user is a member of the staff.

type KeyFetchError 

type KeyFetchError struct {
	// contains filtered or unexported fields
}

KeyFetchError is an error returned by the NewOneTimeKeyFetcher caused by an unresolvable error fetching the keys.

func (KeyFetchError) Error 

func (e KeyFetchError) Error() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.