token

package
v0.9.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 19, 2024 License: MIT Imports: 24 Imported by: 0

Documentation

Overview

Example (Auth) 
s, err := GenerateSecret()

if err != nil {
	panic(err)
}

a := auth{secret: s}
tok, err := a.CreateToken()

if err != nil {
	panic(err)
}

fmt.Println(tok)
fmt.Println(a.ValidateToken(tok))
fmt.Println(tok.Payload())

Output:

TODO

Index

Examples

Constants

This section is empty.

Variables

View Source 
var (
	ErrInvalidAuthToken = errors.NewError("INVALID_TOKEN", "Invalid authentication token", 401)
	ErrInvalidAuthCode  = errors.NewError("INVALID_CODE", "Invalid authentication code", 401)
	ErrAccessDenied     = errors.NewFrozenError("ACCESS_DENIED", "Access denied", 403)
)

Functions

This section is empty.

Types

type OneTimeCode 

type OneTimeCode [20]byte
Example 
fmt.Println(CreateOneTimeCode())

Output:

TODO

func CreateOneTimeCode 

func CreateOneTimeCode() (otc OneTimeCode, err error)

func (*OneTimeCode) FromString 

func (t *OneTimeCode) FromString(str string) error

func (OneTimeCode) MarshalText 

func (t OneTimeCode) MarshalText() (text []byte, err error)

func (OneTimeCode) String 

func (t OneTimeCode) String() string

func (*OneTimeCode) UnmarshalText 

func (t *OneTimeCode) UnmarshalText(text []byte) (err error)

type Permission 

type Permission string

func Perm 

func Perm(action, resource string) (p Permission)

func (Permission) Action 

func (p Permission) Action() string

func (Permission) HasAction 

func (p Permission) HasAction() bool

func (Permission) HasResource 

func (p Permission) HasResource() bool

func (Permission) HasWildcard 

func (p Permission) HasWildcard() bool

func (Permission) Match 

func (p1 Permission) Match(p2 Permission) Permission

func (Permission) Resource 

func (p Permission) Resource() string

func (*Permission) SetAction 

func (p *Permission) SetAction(action string)

func (*Permission) SetResource 

func (p *Permission) SetResource(resource string)

func (Permission) String 

func (p Permission) String() string

type Policy 

type Policy struct {
	Prio int64
	Cond []byte
}

type PolicyKey 

type PolicyKey struct {
	Role string
	Perm Permission
}

type Scheme 

type Scheme struct {
	// contains filtered or unexported fields
}

func NewScheme 

func NewScheme(secret Secret, tokenStore TokenStore) *Scheme

func (*Scheme) AddPolicies 

func (s *Scheme) AddPolicies(cb func(add func(role string, perm Permission, prio int64, cond ...any) error) error) (err error)

Add many policies in bulk. See AddPolicy.

func (*Scheme) AddPolicy 

func (s *Scheme) AddPolicy(role string, perm Permission, prio int64, cond ...any) (err error)

Adds a policy. Policies must be added AFTER registering all routes. A policy MIGHT contain either a pointer to condition, or a JSON encoded condition as []byte, that will be loaded into a route's policy. Any non-matching fields will be ignored. A policy's role + perm combination MUST be unique, or otherwise overwritten by the latter. An error will be returned if the permission doesn't exist on any route.

func (*Scheme) CreateToken 

func (s *Scheme) CreateToken(payload ...[]byte) (t Token, err error)

Create a token with an optional payload (e.g. a user ID) that will be stored in the token. The payload cannot exceed 24 bytes, and will be padded with random bytes.

func (*Scheme) CreateTokenWithId 

func (s *Scheme) CreateTokenWithId(id identifier.ID, payload ...[]byte) (t Token, err error)

Create a token with a specific ID and an optional payload (e.g. a user ID) that will be stored in the token. The payload cannot exceed 24 bytes, and will be padded with random bytes.

func (*Scheme) GetPolicy 

func (s *Scheme) GetPolicy(roles []string, perm Permission) (cond unsafe.Pointer, err error)

Any policy matching the route's permission, and one of the user's roles, will be loaded in ascending priority order.

func (*Scheme) IteratePermissions 

func (s *Scheme) IteratePermissions(inPolicy ...bool) iter.Seq[Permission]

Iterates all registered permissions. Set inPolicy to iterate permissions either used in policies or not. Default is to iterate all regardless it's used in a policy or not.

func (*Scheme) IteratePolicies 

func (s *Scheme) IteratePolicies() iter.Seq2[PolicyKey, Policy]

Iterates all added policies.

func (*Scheme) OperationSecurityDocs 

func (s *Scheme) OperationSecurityDocs(permTag string) openapi.SecurityRequirement

OperationSecurityDocs implements security2.Scheme.

func (*Scheme) OperationSecurityHandler 

func (s *Scheme) OperationSecurityHandler(typ reflect.Type, permTag string, caller *runtime.Func) (handler func(p unsafe.Pointer, c *fasthttp.RequestCtx) error, modTag string, err error)

OperationSecurityHandler implements security2.Scheme.

func (*Scheme) RemovePolicy 

func (s *Scheme) RemovePolicy(role string, perm Permission)

Removes any previously added policy for the role and permission. Does nothing if it never existed.

func (*Scheme) SecurityDocs 

func (s *Scheme) SecurityDocs() openapi.SecurityScheme

SecurityDocs implements security2.Scheme.

type Secret 

type Secret [secretLen]byte
Example 
s, err := GenerateSecret()

if err != nil {
	panic(err)
}

fmt.Println(s)

Output:

TODO

func GenerateSecret 

func GenerateSecret() (s Secret, err error)

func SecretFromString 

func SecretFromString(str string) (s Secret, err error)

func (Secret) AppendBinary 

func (s Secret) AppendBinary(b []byte) ([]byte, error)

func (Secret) AppendText 

func (s Secret) AppendText(b []byte) ([]byte, error)

func (*Secret) FromString 

func (s *Secret) FromString(str string) error

func (Secret) MarshalBinary 

func (t Secret) MarshalBinary() (data []byte, err error)

func (Secret) MarshalText 

func (s Secret) MarshalText() (text []byte, err error)

func (Secret) String 

func (s Secret) String() string

func (*Secret) UnmarshalBinary 

func (s *Secret) UnmarshalBinary(data []byte) error

func (*Secret) UnmarshalText 

func (s *Secret) UnmarshalText(text []byte) (err error)

type Token 

type Token struct {
	// contains filtered or unexported fields
}

func (Token) AppendBinary 

func (t Token) AppendBinary(b []byte) ([]byte, error)

func (Token) AppendText 

func (t Token) AppendText(b []byte) ([]byte, error)

func (*Token) FromString 

func (t *Token) FromString(str string) error

func (Token) Id 

func (t Token) Id() identifier.ID

func (Token) MarshalBinary 

func (t Token) MarshalBinary() (data []byte, err error)

func (Token) MarshalText 

func (t Token) MarshalText() (text []byte, err error)

func (Token) Payload 

func (t Token) Payload() [24]byte

The payload can be any additional data you have stored, e.g. a user ID.

func (Token) String 

func (t Token) String() string

func (*Token) UnmarshalBinary 

func (t *Token) UnmarshalBinary(data []byte) error

func (*Token) UnmarshalText 

func (t *Token) UnmarshalText(text []byte) (err error)

type TokenStore 

type TokenStore interface {

	// Looks up a token in the underlying token store, and returns its corresponding user.
	// A user can have 0+ roles. If the token doesn't exist in store and/or has been revoked, it MUST
	// return an error. The ctx MIGHT be a *papi.RequestCtx.
	Lookup(ctx context.Context, tok Token) (user User, err error)
}

func DummyStore 

func DummyStore(roles ...string) TokenStore

Used for testing.

type User 

type User interface {
	UserRoles() []string
}

A user representation. The representation SHOULD be brief and only contain values that are necessary to comply with policies, e.g. user ID, tenant ID, roles, etc.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.