Documentation
¶
Overview ¶
Package token provides mechanisms for validating access tokens and extracting claims.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Claims ¶
type Claims struct {
Roles []string `json:"roles"` // The names of the roles that the subject has been granted
Scopes []string `json:"scopes"` // The scopes that this authorization is limited to
Zones []string `json:"zones"` // The zones that this token is authorized for, for tenant tokens
IsService bool `json:"is_service"` // True if the subject is an application acting on its own behalf, false if it's a user
}
type Validator ¶
type Validator interface {
// ValidateAccessToken returns a non-nil error if token is valid.
// Claims are returned containing any information we know to be true about the token.
ValidateAccessToken(ctx context.Context, token string) (*Claims, error)
}
Validator allows you to validate that an access token, typically given via an API request, is valid. Validator implementations should return a non-nil error if the validation fails in any way. For example if the payload fails to parse, or the expiry date is outside a supported range.
func AlwaysValid ¶
AlwaysValid returns a Validator that always returns claims.
func NeverValid ¶
NeverValid returns a Validator that always returns err.
type ValidatorFunc ¶
ValidatorFunc implements Validator wrapping a func of the correct signature.
func (ValidatorFunc) ValidateAccessToken ¶
type ValidatorSet ¶
type ValidatorSet []Validator
ValidatorSet is a collection of Validators where a token is deemed valid if any member Validator deems it valid.
func (*ValidatorSet) Append ¶
func (m *ValidatorSet) Append(v Validator)
func (*ValidatorSet) Delete ¶
func (m *ValidatorSet) Delete(v Validator)
func (*ValidatorSet) ValidateAccessToken ¶
Source Files
Click to show internal directories.
Click to hide internal directories.