Documentation
¶
Overview ¶
Package auth all things related to authentication and authorization
Index ¶
- Variables
- func Authenticator(next http.Handler) http.Handler
- func NewContext(ctx context.Context, t *JWT, err error) context.Context
- func TokenFromCookie(r *http.Request) string
- func TokenFromHeader(r *http.Request) string
- func TokenFromQuery(r *http.Request) string
- func Verifier(ja *JWTAuth) func(http.Handler) http.Handler
- func Verify(ja *JWTAuth, findTokenFns ...func(r *http.Request) string) func(http.Handler) http.Handler
- type JWT
- type JWTAuth
- type JWTAuthConfig
- type JWTRoleChecker
- type JWTTntChecker
Constants ¶
This section is empty.
Variables ¶
var ( TokenCtxKey = &contextKey{"Token"} ErrorCtxKey = &contextKey{"Error"} )
used context key for parameter given in a std context
var ( ErrExpired = errors.New("token is expired") ErrNBFInvalid = errors.New("token nbf validation failed") ErrIATInvalid = errors.New("token iat validation failed") ErrNoTokenFound = errors.New("no token found") ErrAlgoInvalid = errors.New("algorithm mismatch") )
defining some common errors
var JWTConfig = JWTAuthConfig{ Active: false, }
JWTConfig for the service
Functions ¶
func Authenticator ¶
Authenticator returns a handler for authentication
func NewContext ¶
NewContext creating a new context for the http functions
func TokenFromCookie ¶
TokenFromCookie tries to retrieve the token string from a cookie named "jwt".
func TokenFromHeader ¶
TokenFromHeader tries to retrieve the token string from the "Authorization" request header: "Authorization: BEARER T".
func TokenFromQuery ¶
TokenFromQuery tries to retrieve the token string from the "jwt" URI query parameter.
To use it, build our own middleware handler, such as:
func Verifier(ja *JWTAuth) func(http.Handler) http.Handler {
return func(next http.Handler) http.Handler {
return Verify(ja, TokenFromQuery, TokenFromHeader, TokenFromCookie)(next)
}
}
Types ¶
type JWT ¶
type JWT struct {
Token string
Header map[string]any
Payload map[string]any
Signature string
IsValid bool
}
JWT struct for the decoded jwt token
func FromContext ¶
FromContext extract the JWT and a flatten claim structure from a context
func VerifyRequest ¶
func VerifyRequest(ja *JWTAuth, r *http.Request, findTokenFns ...func(r *http.Request) string) (*JWT, error)
VerifyRequest this request -> authorization
func VerifyToken ¶
VerifyToken verify the bearer token
func (*JWT) Validate ¶
func (j *JWT) Validate(_ JWTAuthConfig) error
Validate validation of the token is not implemented
type JWTAuthConfig ¶
type JWTAuthConfig struct {
Active bool
Validate bool
TenantClaim string
Strict bool
RoleActive bool
RoleClaim string
RoleMapping map[string]string
}
JWTAuthConfig authentication/Authorisation configuration for JWT authentification
func ParseJWTConfig ¶
func ParseJWTConfig(cfg config.Authentication) (JWTAuthConfig, error)
ParseJWTConfig building up the dynamical configuration for this
type JWTRoleChecker ¶
type JWTRoleChecker struct {
Config JWTAuthConfig
}
JWTRoleChecker checking a user role against the configuration
type JWTTntChecker ¶
type JWTTntChecker struct {
Config JWTAuthConfig
}
JWTTntChecker checking a user tenant against the configuration
func (JWTTntChecker) CheckTenant ¶
func (j JWTTntChecker) CheckTenant(ctx context.Context, tenant string) bool
CheckTenant checking the user tenant against the given in the REST Api route
Source Files