auth

package
v0.7.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 23, 2024 License: LGPL-3.0 Imports: 7 Imported by: 0

Documentation

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Alg added in v0.6.0 

type Alg[S SigningKey, V VerifyKey, M SigningMethod] interface {
	SecretKeyFunc(uid string) (S, error)
	VerifyKeyFunc(uid string) (V, error)
	SigningMethod() M
}

type Builder added in v0.6.0 

type Builder[
	S SigningKey,
	V VerifyKey,
	M SigningMethod,
	T Alg[S, V, M],
] struct {
	// contains filtered or unexported fields
}

func InstanceBuilder added in v0.6.0 

func InstanceBuilder[
	S SigningKey,
	V VerifyKey,
	M SigningMethod,
	T Alg[S, V, M],
](alg T) *Builder[S, V, M, T]

InstanceBuilder returns a Builder instance.

func (*Builder[S, V, M, T]) Build added in v0.6.0 

func (b *Builder[S, V, M, T]) Build() *Instance

func (*Builder[S, V, M, T]) SetRefreshTimeout added in v0.6.0 

func (b *Builder[S, V, M, T]) SetRefreshTimeout(timeout time.Duration) *Builder[S, V, M, T]

SetRefreshTimeout sets the refresh timeout for the Instance.

func (*Builder[S, V, M, T]) SetTimeout added in v0.6.0 

func (b *Builder[S, V, M, T]) SetTimeout(timeout time.Duration) *Builder[S, V, M, T]

SetTimeout sets the timeout for the Instance.

type ECDSA added in v0.6.0 

type ECDSA struct {
	*jwt.SigningMethodECDSA
	// contains filtered or unexported fields
}
Example 
privateKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
if err != nil {
	panic(err)
}
instance := InstanceBuilder(NewECDSA(
	jwt.SigningMethodES256,
	func(uid string) (*ecdsa.PrivateKey, error) {
		return privateKey, nil
	},
	func(uid string) (*ecdsa.PublicKey, error) {
		return &privateKey.PublicKey, nil
	}),
).Build()
token, err := instance.Sign("user")
if err != nil {
	panic(err)
}
uid, err := instance.CheckToken(token)
if err != nil {
	panic(err)
}
fmt.Println(uid)

Output:

user

func NewECDSA added in v0.6.0 

func NewECDSA(method *jwt.SigningMethodECDSA, s func(string) (*ecdsa.PrivateKey, error), v func(string) (*ecdsa.PublicKey, error)) *ECDSA

func (*ECDSA) SecretKeyFunc added in v0.6.0 

func (h *ECDSA) SecretKeyFunc(uid string) (*ecdsa.PrivateKey, error)

func (*ECDSA) SigningMethod added in v0.6.0 

func (h *ECDSA) SigningMethod() *jwt.SigningMethodECDSA

func (*ECDSA) VerifyKeyFunc added in v0.6.0 

func (h *ECDSA) VerifyKeyFunc(uid string) (*ecdsa.PublicKey, error)

type Ed25519 added in v0.6.0 

type Ed25519 struct {
	*jwt.SigningMethodEd25519
	// contains filtered or unexported fields
}
Example 
publicKey, privateKey, err := ed25519.GenerateKey(rand.Reader)
if err != nil {
	panic(err)
}
instance := InstanceBuilder(NewEd25519(
	func(uid string) (ed25519.PrivateKey, error) {
		return privateKey, nil
	},
	func(uid string) (ed25519.PublicKey, error) {
		return publicKey, nil
	}),
).Build()
token, err := instance.Sign("user")
if err != nil {
	panic(err)
}
uid, err := instance.CheckToken(token)
if err != nil {
	panic(err)
}
fmt.Println(uid)

Output:

user

func NewEd25519 added in v0.6.0 

func NewEd25519(s func(string) (ed25519.PrivateKey, error), v func(string) (ed25519.PublicKey, error)) *Ed25519

func (*Ed25519) SecretKeyFunc added in v0.6.0 

func (h *Ed25519) SecretKeyFunc(uid string) (ed25519.PrivateKey, error)

func (*Ed25519) SigningMethod added in v0.6.0 

func (h *Ed25519) SigningMethod() *jwt.SigningMethodEd25519

func (*Ed25519) VerifyKeyFunc added in v0.6.0 

func (h *Ed25519) VerifyKeyFunc(uid string) (ed25519.PublicKey, error)

type HMAC added in v0.6.0 

type HMAC struct {
	*jwt.SigningMethodHMAC
	// contains filtered or unexported fields
}
Example 
instance := InstanceBuilder(NewHMAC(
	jwt.SigningMethodHS256,
	func(uid string) ([]byte, error) {
		return []byte("secret"), nil
	}),
).Build()
token, err := instance.Sign("user")
if err != nil {
	panic(err)
}
uid, err := instance.CheckToken(token)
if err != nil {
	panic(err)
}
fmt.Println(uid)

Output:

user

func NewHMAC added in v0.6.0 

func NewHMAC(method *jwt.SigningMethodHMAC, f func(string) ([]byte, error)) *HMAC

func (*HMAC) SecretKeyFunc added in v0.6.0 

func (h *HMAC) SecretKeyFunc(uid string) ([]byte, error)

func (*HMAC) SigningMethod added in v0.6.0 

func (h *HMAC) SigningMethod() *jwt.SigningMethodHMAC

func (*HMAC) VerifyKeyFunc added in v0.6.0 

func (h *HMAC) VerifyKeyFunc(uid string) ([]byte, error)

type ITokenManager added in v0.6.2 

type ITokenManager interface {
	// SignWithClaims signs the token with the given claims.
	SignWithClaims(uid string, claims map[string]any) (token string, err error)
	// ParseToken parses the token string and returns a jwt.Token and an error.
	ParseToken(token string) (*jwt.Token, error)
	// RefreshToken accepts a valid token and
	// returns a new token with new expire time.
	RefreshToken(token string) (newToken string, err error)
}

type Instance added in v0.5.0 

type Instance struct {
	ITokenManager
}
Example 
instance := auth.InstanceBuilder(
	auth.NewHMAC(
		jwt.SigningMethodHS256,
		func(userID string) ([]byte, error) {
			return []byte("hello world"), nil
		}),
).SetTimeout(time.Second * 4).
	SetRefreshTimeout(time.Second * 5).Build()
token, _ := instance.Sign("user")
ctx := &box.Ctx{
	Request: &restful.Request{
		Request: &http.Request{
			Header: map[string][]string{
				"Authorization": {token},
			},
		},
	},
}
u1, err := ctx.IsLogin(instance)
if err != nil {
	panic(err)
}
fmt.Println(u1)
u2, err := instance.CheckToken(token)
if err != nil {
	panic(err)
}
fmt.Println(u2)
time.Sleep(time.Second * 2)
newToken, err := instance.RefreshToken(token)
if err != nil {
	panic(err)
}
_, err = instance.CheckToken(newToken)
if err != nil {
	panic(err)
}

time.Sleep(time.Second * 3)
// token is expired, newToken is still valid
_, err = ctx.IsLogin(instance)
fmt.Println(err != nil)
_, err = instance.CheckToken(token)
fmt.Println(err != nil)
_, err = instance.CheckToken(newToken)
if err != nil {
	panic(err)
}
time.Sleep(time.Second)
// cant refresh token if refresh timeout is reached
_, err = instance.RefreshToken(newToken)
fmt.Println(err != nil)

ctx2 := &box.Ctx{
	Request: &restful.Request{
		Request: &http.Request{
			Header: map[string][]string{
				"Authorization": {"wtf"},
			},
		},
	},
}
_, err = ctx2.IsLogin(instance)
fmt.Println(err != nil)

Output:

user
user
true
true
true
true

func (*Instance) CheckToken added in v0.5.0 

func (e *Instance) CheckToken(token string) (userID string, err error)

CheckToken accept a jwt token and returns the uid in token.

func (*Instance) Sign added in v0.5.0 

func (e *Instance) Sign(uid string) (token string, err error)

Sign returns a signed jwt string.

type RSA added in v0.6.0 

type RSA struct {
	*jwt.SigningMethodRSA
	// contains filtered or unexported fields
}
Example 
privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
	panic(err)
}
instance := InstanceBuilder(NewRSA(jwt.SigningMethodRS256,
	func(uid string) (*rsa.PrivateKey, error) {
		return privateKey, nil
	},
	func(uid string) (*rsa.PublicKey, error) {
		return &privateKey.PublicKey, nil
	}),
).Build()
token, err := instance.Sign("user")
if err != nil {
	panic(err)
}
uid, err := instance.CheckToken(token)
if err != nil {
	panic(err)
}
fmt.Println(uid)

Output:

user

func NewRSA added in v0.6.0 

func NewRSA(method *jwt.SigningMethodRSA, s func(string) (*rsa.PrivateKey, error), v func(string) (*rsa.PublicKey, error)) *RSA

func (*RSA) SecretKeyFunc added in v0.6.0 

func (h *RSA) SecretKeyFunc(userID string) (*rsa.PrivateKey, error)

func (*RSA) SigningMethod added in v0.6.0 

func (h *RSA) SigningMethod() *jwt.SigningMethodRSA

func (*RSA) VerifyKeyFunc added in v0.6.0 

func (h *RSA) VerifyKeyFunc(userID string) (*rsa.PublicKey, error)

type RSAPSS added in v0.6.0 

type RSAPSS struct {
	*jwt.SigningMethodRSAPSS
	// contains filtered or unexported fields
}
Example 
privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
	panic(err)
}
instance := InstanceBuilder(NewRSAPSS(jwt.SigningMethodPS256,
	func(uid string) (*rsa.PrivateKey, error) {
		return privateKey, nil
	},
	func(uid string) (*rsa.PublicKey, error) {
		return &privateKey.PublicKey, nil
	}),
).Build()
token, err := instance.Sign("user")
if err != nil {
	panic(err)
}
uid, err := instance.CheckToken(token)
if err != nil {
	panic(err)
}
fmt.Println(uid)

Output:

user

func NewRSAPSS added in v0.6.0 

func NewRSAPSS(method *jwt.SigningMethodRSAPSS, s func(string) (*rsa.PrivateKey, error), v func(string) (*rsa.PublicKey, error)) *RSAPSS

func (*RSAPSS) SecretKeyFunc added in v0.6.0 

func (h *RSAPSS) SecretKeyFunc(userID string) (*rsa.PrivateKey, error)

func (*RSAPSS) SigningMethod added in v0.6.0 

func (h *RSAPSS) SigningMethod() *jwt.SigningMethodRSAPSS

func (*RSAPSS) VerifyKeyFunc added in v0.6.0 

func (h *RSAPSS) VerifyKeyFunc(userID string) (*rsa.PublicKey, error)

type SigningKey added in v0.6.0 

type SigningKey interface {
	[]byte | *ecdsa.PrivateKey | ed25519.PrivateKey | *rsa.PrivateKey
}

type SigningMethod added in v0.6.0 

type SigningMethod interface {
	jwt.SigningMethod
}

type TokenManager added in v0.6.1 

type TokenManager[
	S SigningKey,
	V VerifyKey,
	M SigningMethod,
	T Alg[S, V, M],
] struct {
	// contains filtered or unexported fields
}

func (*TokenManager[S, V, M, T]) ParseToken added in v0.6.1 

func (i *TokenManager[S, V, M, T]) ParseToken(token string) (*jwt.Token, error)

ParseToken parse a token string.

func (*TokenManager[S, V, M, T]) RefreshToken added in v0.6.1 

func (i *TokenManager[S, V, M, T]) RefreshToken(token string) (newToken string, err error)

RefreshToken accepts a valid token and returns a new token with new expire time.

func (*TokenManager[S, V, M, T]) SignWithClaims added in v0.6.1 

func (i *TokenManager[S, V, M, T]) SignWithClaims(uid string, claims map[string]any) (token string, err error)

SignWithClaims signs the token with the given claims.

type VerifyKey added in v0.6.0 

type VerifyKey interface {
	[]byte | *ecdsa.PublicKey | ed25519.PublicKey | *rsa.PublicKey
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.