session

package
v0.12.8 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 10, 2023 License: Apache-2.0 Imports: 24 Imported by: 73

Documentation

Index

Constants

View Source
const (
	RefreshAPIPath = "/session/refresh"
	SignoutAPIPath = "/signout"

	AntiCSRF_VIA_TOKEN         = "VIA_TOKEN"
	AntiCSRF_VIA_CUSTOM_HEADER = "VIA_CUSTOM_HEADER"
	AntiCSRF_NONE              = "NONE"

	CookieSameSite_NONE   = "none"
	CookieSameSite_LAX    = "lax"
	CookieSameSite_STRICT = "strict"
)
View Source
const RECIPE_ID = "session"

Variables

View Source
var HEADERS = []string{
	"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsInZlcnNpb24iOiIxIn0=",
	"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsInZlcnNpb24iOiIyIn0=",
}
View Source
var JWKCacheMaxAgeInMs int64 = 60000
View Source
var JWKRefreshRateLimit = 500

Functions

func AfterEach added in v0.5.2

func AfterEach()

func BeforeEach added in v0.5.2

func BeforeEach()

func BuildFrontToken added in v0.12.0

func BuildFrontToken(userId string, atExpiry uint64, jwtPayload interface{}) string

func ClearSession added in v0.12.0

func ClearSession(config sessmodels.TypeNormalisedInput, res http.ResponseWriter, transferMethod sessmodels.TokenTransferMethod) error

func ClearSessionFromAllTokenTransferMethods added in v0.12.0

func ClearSessionFromAllTokenTransferMethods(config sessmodels.TypeNormalisedInput, req *http.Request, res http.ResponseWriter) error

func CreateJWT added in v0.3.2

func CreateJWT(payload map[string]interface{}, validitySecondsPointer *uint64, useStaticSigningKey *bool) (jwtmodels.CreateJWTResponse, error)

func CreateJWTWithContext added in v0.5.0

func CreateJWTWithContext(payload map[string]interface{}, validitySecondsPointer *uint64, useStaticSigningKey *bool, userContext supertokens.UserContext) (jwtmodels.CreateJWTResponse, error)

func CreateNewSession

func CreateNewSession(req *http.Request, res http.ResponseWriter, userID string, accessTokenPayload map[string]interface{}, sessionDataInDatabase map[string]interface{}) (sessmodels.SessionContainer, error)

func CreateNewSessionInRequest added in v0.12.0

func CreateNewSessionInRequest(req *http.Request, res http.ResponseWriter, config sessmodels.TypeNormalisedInput, appInfo supertokens.NormalisedAppinfo, recipeInstance Recipe, recipeImpl sessmodels.RecipeInterface, userID string, accessTokenPayload map[string]interface{}, sessionDataInDatabase map[string]interface{}, userContext supertokens.UserContext) (sessmodels.SessionContainer, error)

func CreateNewSessionWithContext added in v0.5.0

func CreateNewSessionWithContext(req *http.Request, res http.ResponseWriter, userID string, accessTokenPayload map[string]interface{}, sessionDataInDatabase map[string]interface{}, userContext supertokens.UserContext) (sessmodels.SessionContainer, error)

func CreateNewSessionWithContextWithoutRequestResponse added in v0.12.0

func CreateNewSessionWithContextWithoutRequestResponse(userID string, accessTokenPayload map[string]interface{}, sessionDataInDatabase map[string]interface{}, disableAntiCSRF *bool, userContext supertokens.UserContext) (sessmodels.SessionContainer, error)

func CreateNewSessionWithoutRequestResponse added in v0.12.0

func CreateNewSessionWithoutRequestResponse(userId string, accessTokenPayload map[string]interface{}, sessionDataInDatabase map[string]interface{}, disableAntiCSRF *bool) (sessmodels.SessionContainer, error)

func FetchAndSetClaim added in v0.9.0

func FetchAndSetClaim(sessionHandle string, claim *claims.TypeSessionClaim) (bool, error)

func FetchAndSetClaimWithContext added in v0.9.0

func FetchAndSetClaimWithContext(sessionHandle string, claim *claims.TypeSessionClaim, userContext supertokens.UserContext) (bool, error)

func GetAllSessionHandlesForUser

func GetAllSessionHandlesForUser(userID string) ([]string, error)

func GetAllSessionHandlesForUserWithContext added in v0.5.0

func GetAllSessionHandlesForUserWithContext(userID string, userContext supertokens.UserContext) ([]string, error)

func GetAntiCsrfTokenFromHeaders added in v0.12.0

func GetAntiCsrfTokenFromHeaders(req *http.Request) *string

func GetAuthmodeFromHeader added in v0.12.0

func GetAuthmodeFromHeader(req *http.Request) *sessmodels.TokenTransferMethod

func GetCORSAllowedHeaders added in v0.12.0

func GetCORSAllowedHeaders() []string

func GetClaimValue added in v0.9.0

func GetClaimValue(sessionHandle string, claim *claims.TypeSessionClaim) (sessmodels.GetClaimValueResult, error)

func GetClaimValueWithContext added in v0.9.0

func GetClaimValueWithContext(sessionHandle string, claim *claims.TypeSessionClaim, userContext supertokens.UserContext) (sessmodels.GetClaimValueResult, error)

func GetCombinedJWKS added in v0.12.6

func GetCombinedJWKS() (*keyfunc.JWKS, error)

* This function fetches all JWKs from the first available core instance. This combines the other JWKS functions to become error resistant.

Every core instance a backend is connected to is expected to connect to the same database and use the same key set for token verification. Otherwise, the result of session verification would depend on which core is currently available.

func GetCookieValue added in v0.12.0

func GetCookieValue(request *http.Request, key string) *string

func GetCurrTimeInMS added in v0.12.0

func GetCurrTimeInMS() uint64

func GetJWKS added in v0.3.2

func GetJWKS() (jwtmodels.GetJWKSResponse, error)

func GetJWKSWithContext added in v0.5.0

func GetJWKSWithContext(userContext supertokens.UserContext) (jwtmodels.GetJWKSResponse, error)

func GetOpenIdDiscoveryConfiguration added in v0.3.2

func GetOpenIdDiscoveryConfiguration() (openidmodels.GetOpenIdDiscoveryConfigurationResponse, error)

func GetOpenIdDiscoveryConfigurationWithContext added in v0.5.0

func GetOpenIdDiscoveryConfigurationWithContext(userContext supertokens.UserContext) (openidmodels.GetOpenIdDiscoveryConfigurationResponse, error)

func GetRequiredClaimValidators added in v0.12.0

func GetRequiredClaimValidators(
	sessionContainer sessmodels.SessionContainer,
	overrideGlobalClaimValidators func(globalClaimValidators []claims.SessionClaimValidator, sessionContainer sessmodels.SessionContainer, userContext supertokens.UserContext) ([]claims.SessionClaimValidator, error),
	userContext supertokens.UserContext,
) ([]claims.SessionClaimValidator, error)

func GetRidFromHeader added in v0.12.0

func GetRidFromHeader(req *http.Request) *string

func GetSessionFromRequestContext

func GetSessionFromRequestContext(ctx context.Context) sessmodels.SessionContainer

func GetSessionInformation

func GetSessionInformation(sessionHandle string) (*sessmodels.SessionInformation, error)

func GetSessionInformationWithContext added in v0.5.0

func GetSessionInformationWithContext(sessionHandle string, userContext supertokens.UserContext) (*sessmodels.SessionInformation, error)

func GetSessionWithContext added in v0.5.0

func GetSessionWithContext(req *http.Request, res http.ResponseWriter, options *sessmodels.VerifySessionOptions, userContext supertokens.UserContext) (sessmodels.SessionContainer, error)

func GetSessionWithContextWithoutRequestResponse added in v0.12.0

func GetSessionWithContextWithoutRequestResponse(accessToken string, antiCSRFToken *string, options *sessmodels.VerifySessionOptions, userContext supertokens.UserContext) (sessmodels.SessionContainer, error)

func GetSessionWithoutRequestResponse added in v0.12.0

func GetSessionWithoutRequestResponse(accessToken string, antiCSRFToken *string, options *sessmodels.VerifySessionOptions) (sessmodels.SessionContainer, error)

func GetToken added in v0.12.0

func GetToken(req *http.Request, tokenType sessmodels.TokenType, transferMethod sessmodels.TokenTransferMethod) (*string, error)

func GetURLScheme added in v0.0.5

func GetURLScheme(URL string) (string, error)

func HandleRefreshAPI added in v0.12.0

func HandleRefreshAPI(apiImplementation sessmodels.APIInterface, options sessmodels.APIOptions) error

func Init

func Init(config *sessmodels.TypeInput) supertokens.Recipe

func MakeAPIImplementation added in v0.12.0

func MakeAPIImplementation() sessmodels.APIInterface

func MakeRecipeImplementation added in v0.12.0

func MergeIntoAccessTokenPayload added in v0.9.0

func MergeIntoAccessTokenPayload(sessionHandle string, accessTokenPayloadUpdate map[string]interface{}) (bool, error)

func MergeIntoAccessTokenPayloadWithContext added in v0.9.0

func MergeIntoAccessTokenPayloadWithContext(sessionHandle string, accessTokenPayloadUpdate map[string]interface{}, userContext supertokens.UserContext) (bool, error)

func ParseJWTWithoutSignatureVerification added in v0.12.0

func ParseJWTWithoutSignatureVerification(token string) (sessmodels.ParsedJWTInfo, error)

func RefreshSessionInRequest added in v0.12.0

func RefreshSessionWithContext added in v0.5.0

func RefreshSessionWithContext(req *http.Request, res http.ResponseWriter, userContext supertokens.UserContext) (sessmodels.SessionContainer, error)

func RefreshSessionWithContextWithoutRequestResponse added in v0.12.0

func RefreshSessionWithContextWithoutRequestResponse(refreshToken string, disableAntiCSRF *bool, antiCSRFToken *string, userContext supertokens.UserContext) (sessmodels.SessionContainer, error)

func RefreshSessionWithoutRequestResponse added in v0.12.0

func RefreshSessionWithoutRequestResponse(refreshToken string, disableAntiCSRF *bool, antiCSRFToken *string) (sessmodels.SessionContainer, error)

func RemoveClaim added in v0.9.0

func RemoveClaim(sessionHandle string, claim *claims.TypeSessionClaim) (bool, error)

func RemoveClaimWithContext added in v0.9.0

func RemoveClaimWithContext(sessionHandle string, claim *claims.TypeSessionClaim, userContext supertokens.UserContext) (bool, error)

func ResetForTest

func ResetForTest()

func RevokeAllSessionsForUser

func RevokeAllSessionsForUser(userID string) ([]string, error)

func RevokeAllSessionsForUserWithContext added in v0.5.0

func RevokeAllSessionsForUserWithContext(userID string, userContext supertokens.UserContext) ([]string, error)

func RevokeMultipleSessions

func RevokeMultipleSessions(sessionHandles []string) ([]string, error)

func RevokeMultipleSessionsWithContext added in v0.5.0

func RevokeMultipleSessionsWithContext(sessionHandles []string, userContext supertokens.UserContext) ([]string, error)

func RevokeSession

func RevokeSession(sessionHandle string) (bool, error)

func RevokeSessionWithContext added in v0.5.0

func RevokeSessionWithContext(sessionHandle string, userContext supertokens.UserContext) (bool, error)

func SetAccessTokenInResponse added in v0.12.0

func SetAccessTokenInResponse(config sessmodels.TypeNormalisedInput, res http.ResponseWriter, accessToken string, frontToken string, tokenTransferMethod sessmodels.TokenTransferMethod) error

func SetClaimValue added in v0.9.0

func SetClaimValue(sessionHandle string, claim *claims.TypeSessionClaim, value interface{}) (bool, error)

func SetClaimValueWithContext added in v0.9.0

func SetClaimValueWithContext(sessionHandle string, claim *claims.TypeSessionClaim, value interface{}, userContext supertokens.UserContext) (bool, error)

func SignOutAPI added in v0.12.0

func SignOutAPI(apiImplementation sessmodels.APIInterface, options sessmodels.APIOptions) error

func UpdateSessionDataInDatabase added in v0.12.0

func UpdateSessionDataInDatabase(sessionHandle string, newSessionData map[string]interface{}) (bool, error)

func UpdateSessionDataInDatabaseWithContext added in v0.12.0

func UpdateSessionDataInDatabaseWithContext(sessionHandle string, newSessionData map[string]interface{}, userContext supertokens.UserContext) (bool, error)

func ValidateAccessTokenStructure added in v0.12.0

func ValidateAccessTokenStructure(payload map[string]interface{}, version int) error

func ValidateAndNormaliseUserInput added in v0.12.0

func ValidateAndNormaliseUserInput(appInfo supertokens.NormalisedAppinfo, config *sessmodels.TypeInput) (sessmodels.TypeNormalisedInput, error)

func ValidateClaimsForSessionHandle added in v0.9.0

func ValidateClaimsForSessionHandle(
	sessionHandle string,
	overrideGlobalClaimValidators func(globalClaimValidators []claims.SessionClaimValidator, sessionInfo sessmodels.SessionInformation, userContext supertokens.UserContext) []claims.SessionClaimValidator,
) (sessmodels.ValidateClaimsResponse, error)

func ValidateClaimsForSessionHandleWithContext added in v0.9.0

func ValidateClaimsForSessionHandleWithContext(
	sessionHandle string,
	overrideGlobalClaimValidators func(globalClaimValidators []claims.SessionClaimValidator, sessionInfo sessmodels.SessionInformation, userContext supertokens.UserContext) []claims.SessionClaimValidator,
	userContext supertokens.UserContext,
) (sessmodels.ValidateClaimsResponse, error)

func ValidateClaimsInJWTPayload added in v0.9.0

func ValidateClaimsInJWTPayload(
	userID string,
	jwtPayload map[string]interface{},
	overrideGlobalClaimValidators func(globalClaimValidators []claims.SessionClaimValidator, userID string, userContext supertokens.UserContext) []claims.SessionClaimValidator,
) ([]claims.ClaimValidationError, error)

func ValidateClaimsInJWTPayloadWithContext added in v0.9.0

func ValidateClaimsInJWTPayloadWithContext(
	userID string,
	jwtPayload map[string]interface{},
	overrideGlobalClaimValidators func(globalClaimValidators []claims.SessionClaimValidator, userID string, userContext supertokens.UserContext) []claims.SessionClaimValidator,
	userContext supertokens.UserContext,
) ([]claims.ClaimValidationError, error)

func ValidateClaimsInPayload added in v0.12.0

func ValidateClaimsInPayload(claimValidators []claims.SessionClaimValidator, newAccessTokenPayload map[string]interface{}, userContext supertokens.UserContext) []claims.ClaimValidationError

func VerifySession

func VerifySession(options *sessmodels.VerifySessionOptions, otherHandler http.HandlerFunc) http.HandlerFunc

func VerifySessionHelper

func VerifySessionHelper(recipeInstance Recipe, options *sessmodels.VerifySessionOptions, otherHandler http.HandlerFunc) http.HandlerFunc

Types

type AccessTokenInfoStruct added in v0.12.0

type AccessTokenInfoStruct struct {
	SessionHandle           string
	UserID                  string
	RefreshTokenHash1       string
	ParentRefreshTokenHash1 *string
	UserData                map[string]interface{}
	AntiCsrfToken           *string
	ExpiryTime              uint64
	TimeCreated             uint64
}

func GetInfoFromAccessToken added in v0.12.0

func GetInfoFromAccessToken(jwtInfo sessmodels.ParsedJWTInfo, jwks *keyfunc.JWKS, doAntiCsrfCheck bool) (*AccessTokenInfoStruct, error)

type Recipe

type Recipe struct {
	RecipeModule supertokens.RecipeModule
	Config       sessmodels.TypeNormalisedInput
	RecipeImpl   sessmodels.RecipeInterface
	OpenIdRecipe openid.Recipe
	APIImpl      sessmodels.APIInterface
	// contains filtered or unexported fields
}

func GetRecipeInstanceOrThrowError added in v0.9.0

func GetRecipeInstanceOrThrowError() (*Recipe, error)

func MakeRecipe

func MakeRecipe(recipeId string, appInfo supertokens.NormalisedAppinfo, config *sessmodels.TypeInput, onSuperTokensAPIError func(err error, req *http.Request, res http.ResponseWriter)) (Recipe, error)

func (*Recipe) AddClaimFromOtherRecipe added in v0.9.0

func (r *Recipe) AddClaimFromOtherRecipe(claim *claims.TypeSessionClaim) error

Claim functions

func (*Recipe) AddClaimValidatorFromOtherRecipe added in v0.9.0

func (r *Recipe) AddClaimValidatorFromOtherRecipe(validator claims.SessionClaimValidator) error

func (*Recipe) GetClaimsAddedByOtherRecipes added in v0.12.0

func (r *Recipe) GetClaimsAddedByOtherRecipes() []*claims.TypeSessionClaim

type SessionContainerInput

type SessionContainerInput struct {
	// contains filtered or unexported fields
}

type TokenInfo

type TokenInfo struct {
	Uid string      `json:"uid"`
	Ate uint64      `json:"ate"`
	Up  interface{} `json:"up"`
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL