session

package
v0.24.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 5, 2024 License: Apache-2.0 Imports: 25 Imported by: 73

Documentation

Index

Constants

View Source 
const (
	RefreshAPIPath = "/session/refresh"
	SignoutAPIPath = "/signout"

	AntiCSRF_VIA_TOKEN         = "VIA_TOKEN"
	AntiCSRF_VIA_CUSTOM_HEADER = "VIA_CUSTOM_HEADER"
	AntiCSRF_NONE              = "NONE"

	CookieSameSite_NONE   = "none"
	CookieSameSite_LAX    = "lax"
	CookieSameSite_STRICT = "strict"
)
View Source 
const RECIPE_ID = "session"

Variables

View Source 
var AvailableTokenTransferMethods = []sessmodels.TokenTransferMethod{sessmodels.CookieTransferMethod, sessmodels.HeaderTransferMethod}
View Source 
var HEADERS = []string{
	"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsInZlcnNpb24iOiIxIn0=",
	"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsInZlcnNpb24iOiIyIn0=",
}
View Source 
var JWKRefreshRateLimit = 500

Functions

func AfterEach added in v0.5.2 

func AfterEach()

func BeforeEach added in v0.5.2 

func BeforeEach()

func BuildFrontToken added in v0.12.0 

func BuildFrontToken(userId string, atExpiry uint64, jwtPayload interface{}) string

func ClearSession added in v0.12.0 

func ClearSession(config sessmodels.TypeNormalisedInput, res http.ResponseWriter, transferMethod sessmodels.TokenTransferMethod, request *http.Request, userContext supertokens.UserContext) error

func ClearSessionCookiesFromOlderCookieDomain added in v0.19.0 

func ClearSessionCookiesFromOlderCookieDomain(req *http.Request, res http.ResponseWriter, config sessmodels.TypeNormalisedInput, userContext supertokens.UserContext) error

ClearSessionCookiesFromOlderCookieDomain addresses an edge case where changing the cookieDomain config on the server can lead to session integrity issues. For instance, if the API server URL is 'api.example.com' with a cookie domain of '.example.com', and the server updates the cookie domain to 'api.example.com', the client may retain cookies with both '.example.com' and 'api.example.com' domains.

Consequently, if the server chooses the older cookie, session invalidation occurs, potentially resulting in an infinite refresh loop. To fix this, users are asked to specify "OlderCookieDomain" in the config.

This function checks for multiple cookies with the same name and clears the cookies for the older domain.

func ClearSessionFromAllTokenTransferMethods added in v0.12.0 

func ClearSessionFromAllTokenTransferMethods(config sessmodels.TypeNormalisedInput, req *http.Request, res http.ResponseWriter, userContext supertokens.UserContext) error

func CreateJWT added in v0.3.2 

func CreateJWT(payload map[string]interface{}, validitySecondsPointer *uint64, useStaticSigningKey *bool, userContext ...supertokens.UserContext) (jwtmodels.CreateJWTResponse, error)

func CreateNewSession 

func CreateNewSession(req *http.Request, res http.ResponseWriter, tenantId string, userID string, accessTokenPayload map[string]interface{}, sessionDataInDatabase map[string]interface{}, userContext ...supertokens.UserContext) (sessmodels.SessionContainer, error)

func CreateNewSessionInRequest added in v0.12.0 

func CreateNewSessionInRequest(req *http.Request, res http.ResponseWriter, tenantId string, config sessmodels.TypeNormalisedInput, appInfo supertokens.NormalisedAppinfo, recipeInstance Recipe, recipeImpl sessmodels.RecipeInterface, userID string, accessTokenPayload map[string]interface{}, sessionDataInDatabase map[string]interface{}, userContext supertokens.UserContext) (sessmodels.SessionContainer, error)

func CreateNewSessionWithoutRequestResponse added in v0.12.0 

func CreateNewSessionWithoutRequestResponse(tenantId string, userID string, accessTokenPayload map[string]interface{}, sessionDataInDatabase map[string]interface{}, disableAntiCSRF *bool, userContext ...supertokens.UserContext) (sessmodels.SessionContainer, error)

func FetchAndSetClaim added in v0.9.0 

func FetchAndSetClaim(sessionHandle string, claim *claims.TypeSessionClaim, userContext ...supertokens.UserContext) (bool, error)

func GetAllSessionHandlesForUser 

func GetAllSessionHandlesForUser(userID string, tenantId *string, userContext ...supertokens.UserContext) ([]string, error)

func GetAntiCsrfTokenFromHeaders added in v0.12.0 

func GetAntiCsrfTokenFromHeaders(req *http.Request) *string

func GetAuthmodeFromHeader added in v0.12.0 

func GetAuthmodeFromHeader(req *http.Request) *sessmodels.TokenTransferMethod

func GetCORSAllowedHeaders added in v0.12.0 

func GetCORSAllowedHeaders() []string

func GetClaimValue added in v0.9.0 

func GetClaimValue(sessionHandle string, claim *claims.TypeSessionClaim, userContext ...supertokens.UserContext) (sessmodels.GetClaimValueResult, error)

func GetCombinedJWKS added in v0.12.6 

func GetCombinedJWKS() (*keyfunc.JWKS, error)

* This function fetches all JWKs from the first available core instance. This combines the other JWKS functions to become error resistant.

Every core instance a backend is connected to is expected to connect to the same database and use the same key set for token verification. Otherwise, the result of session verification would depend on which core is currently available.

func GetCookieValue added in v0.12.0 

func GetCookieValue(request *http.Request, key string) *string

func GetCurrTimeInMS added in v0.12.0 

func GetCurrTimeInMS() uint64

func GetJWKS added in v0.3.2 

func GetJWKS(userContext ...supertokens.UserContext) (jwtmodels.GetJWKSResponse, error)

func GetOpenIdDiscoveryConfiguration added in v0.3.2 

func GetOpenIdDiscoveryConfiguration(userContext ...supertokens.UserContext) (openidmodels.GetOpenIdDiscoveryConfigurationResponse, error)

func GetRequiredClaimValidators added in v0.12.0 

func GetRequiredClaimValidators(
	sessionContainer sessmodels.SessionContainer,
	overrideGlobalClaimValidators func(globalClaimValidators []claims.SessionClaimValidator, sessionContainer sessmodels.SessionContainer, userContext supertokens.UserContext) ([]claims.SessionClaimValidator, error),
	userContext supertokens.UserContext,
) ([]claims.SessionClaimValidator, error)

func GetRidFromHeader added in v0.12.0 

func GetRidFromHeader(req *http.Request) *string

func GetSession 

func GetSession(req *http.Request, res http.ResponseWriter, options *sessmodels.VerifySessionOptions, userContext ...supertokens.UserContext) (sessmodels.SessionContainer, error)

func GetSessionFromRequest added in v0.12.0 

func GetSessionFromRequest(req *http.Request, res http.ResponseWriter, config sessmodels.TypeNormalisedInput, options *sessmodels.VerifySessionOptions, recipeImpl sessmodels.RecipeInterface, userContext supertokens.UserContext) (sessmodels.SessionContainer, error)

func GetSessionFromRequestContext 

func GetSessionFromRequestContext(ctx context.Context) sessmodels.SessionContainer

func GetSessionInformation 

func GetSessionInformation(sessionHandle string, userContext ...supertokens.UserContext) (*sessmodels.SessionInformation, error)

func GetSessionWithoutRequestResponse added in v0.12.0 

func GetSessionWithoutRequestResponse(accessToken string, antiCSRFToken *string, options *sessmodels.VerifySessionOptions, userContext ...supertokens.UserContext) (sessmodels.SessionContainer, error)

func GetToken added in v0.12.0 

func GetToken(req *http.Request, tokenType sessmodels.TokenType, transferMethod sessmodels.TokenTransferMethod) (*string, error)

func GetURLScheme added in v0.0.5 

func GetURLScheme(URL string) (string, error)

func HandleRefreshAPI added in v0.12.0 

func HandleRefreshAPI(apiImplementation sessmodels.APIInterface, options sessmodels.APIOptions, userContext supertokens.UserContext) error

func Init 

func Init(config *sessmodels.TypeInput) supertokens.Recipe

func MakeAPIImplementation added in v0.12.0 

func MakeAPIImplementation() sessmodels.APIInterface

func MakeRecipeImplementation added in v0.12.0 

func MakeRecipeImplementation(querier supertokens.Querier, config sessmodels.TypeNormalisedInput, appInfo supertokens.NormalisedAppinfo) sessmodels.RecipeInterface

func MergeIntoAccessTokenPayload added in v0.9.0 

func MergeIntoAccessTokenPayload(sessionHandle string, accessTokenPayloadUpdate map[string]interface{}, userContext ...supertokens.UserContext) (bool, error)

func ParseJWTWithoutSignatureVerification added in v0.12.0 

func ParseJWTWithoutSignatureVerification(token string) (sessmodels.ParsedJWTInfo, error)

func RefreshSession 

func RefreshSession(req *http.Request, res http.ResponseWriter, userContext ...supertokens.UserContext) (sessmodels.SessionContainer, error)

func RefreshSessionInRequest added in v0.12.0 

func RefreshSessionInRequest(req *http.Request, res http.ResponseWriter, config sessmodels.TypeNormalisedInput, recipeImpl sessmodels.RecipeInterface, userContext supertokens.UserContext) (sessmodels.SessionContainer, error)

func RefreshSessionWithoutRequestResponse added in v0.12.0 

func RefreshSessionWithoutRequestResponse(refreshToken string, disableAntiCSRF *bool, antiCSRFToken *string, userContext ...supertokens.UserContext) (sessmodels.SessionContainer, error)

func RemoveClaim added in v0.9.0 

func RemoveClaim(sessionHandle string, claim *claims.TypeSessionClaim, userContext ...supertokens.UserContext) (bool, error)

func ResetForTest 

func ResetForTest()

func RevokeAllSessionsForUser 

func RevokeAllSessionsForUser(userID string, tenantId *string, userContext ...supertokens.UserContext) ([]string, error)

func RevokeMultipleSessions 

func RevokeMultipleSessions(sessionHandles []string, userContext ...supertokens.UserContext) ([]string, error)

func RevokeSession 

func RevokeSession(sessionHandle string, userContext ...supertokens.UserContext) (bool, error)

func SetAccessTokenInResponse added in v0.12.0 

func SetAccessTokenInResponse(config sessmodels.TypeNormalisedInput, res http.ResponseWriter, accessToken string, frontToken string, tokenTransferMethod sessmodels.TokenTransferMethod, request *http.Request, userContext supertokens.UserContext) error

func SetClaimValue added in v0.9.0 

func SetClaimValue(sessionHandle string, claim *claims.TypeSessionClaim, value interface{}, userContext ...supertokens.UserContext) (bool, error)

func SignOutAPI added in v0.12.0 

func SignOutAPI(apiImplementation sessmodels.APIInterface, options sessmodels.APIOptions, userContext supertokens.UserContext) error

func UpdateSessionDataInDatabase added in v0.12.0 

func UpdateSessionDataInDatabase(sessionHandle string, newSessionData map[string]interface{}, userContext ...supertokens.UserContext) (bool, error)

func ValidateAccessTokenStructure added in v0.12.0 

func ValidateAccessTokenStructure(payload map[string]interface{}, version int) error

func ValidateAndNormaliseUserInput added in v0.12.0 

func ValidateAndNormaliseUserInput(appInfo supertokens.NormalisedAppinfo, config *sessmodels.TypeInput) (sessmodels.TypeNormalisedInput, error)

func ValidateClaimsForSessionHandle added in v0.9.0 

func ValidateClaimsForSessionHandle(
	sessionHandle string,
	overrideGlobalClaimValidators func([]claims.SessionClaimValidator, sessmodels.SessionInformation, supertokens.UserContext) []claims.SessionClaimValidator,
	userContext ...supertokens.UserContext,
) (sessmodels.ValidateClaimsResponse, error)

func ValidateClaimsInJWTPayload added in v0.9.0 

func ValidateClaimsInJWTPayload(
	tenantId string,
	userID string,
	jwtPayload map[string]interface{},
	overrideGlobalClaimValidators func(globalClaimValidators []claims.SessionClaimValidator, userID string, userContext ...supertokens.UserContext) []claims.SessionClaimValidator,
	userContext ...supertokens.UserContext,
) ([]claims.ClaimValidationError, error)

func ValidateClaimsInPayload added in v0.12.0 

func ValidateClaimsInPayload(claimValidators []claims.SessionClaimValidator, newAccessTokenPayload map[string]interface{}, userContext supertokens.UserContext) []claims.ClaimValidationError

func VerifySession 

func VerifySession(options *sessmodels.VerifySessionOptions, otherHandler http.HandlerFunc) http.HandlerFunc

func VerifySessionHelper 

func VerifySessionHelper(recipeInstance Recipe, options *sessmodels.VerifySessionOptions, otherHandler http.HandlerFunc) http.HandlerFunc

Types

type AccessTokenInfoStruct added in v0.12.0 

type AccessTokenInfoStruct struct {
	SessionHandle           string
	UserID                  string
	RefreshTokenHash1       string
	ParentRefreshTokenHash1 *string
	UserData                map[string]interface{}
	AntiCsrfToken           *string
	ExpiryTime              uint64
	TimeCreated             uint64
	TenantId                string
}

func GetInfoFromAccessToken added in v0.12.0 

func GetInfoFromAccessToken(jwtInfo sessmodels.ParsedJWTInfo, jwks *keyfunc.JWKS, doAntiCsrfCheck bool) (*AccessTokenInfoStruct, error)

type Recipe 

type Recipe struct {
	RecipeModule supertokens.RecipeModule
	Config       sessmodels.TypeNormalisedInput
	RecipeImpl   sessmodels.RecipeInterface
	OpenIdRecipe openid.Recipe
	APIImpl      sessmodels.APIInterface
	// contains filtered or unexported fields
}

func GetRecipeInstanceOrThrowError added in v0.9.0 

func GetRecipeInstanceOrThrowError() (*Recipe, error)

func MakeRecipe 

func MakeRecipe(recipeId string, appInfo supertokens.NormalisedAppinfo, config *sessmodels.TypeInput, onSuperTokensAPIError func(err error, req *http.Request, res http.ResponseWriter)) (Recipe, error)

func (*Recipe) AddClaimFromOtherRecipe added in v0.9.0 

func (r *Recipe) AddClaimFromOtherRecipe(claim *claims.TypeSessionClaim) error

Claim functions

func (*Recipe) AddClaimValidatorFromOtherRecipe added in v0.9.0 

func (r *Recipe) AddClaimValidatorFromOtherRecipe(validator claims.SessionClaimValidator) error

func (*Recipe) GetClaimsAddedByOtherRecipes added in v0.12.0 

func (r *Recipe) GetClaimsAddedByOtherRecipes() []*claims.TypeSessionClaim

type SessionContainerInput 

type SessionContainerInput struct {
	// contains filtered or unexported fields
}

type TokenInfo 

type TokenInfo struct {
	Uid string      `json:"uid"`
	Ate uint64      `json:"ate"`
	Up  interface{} `json:"up"`
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.