session

package
v0.6.7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 20, 2024 License: Apache-2.0 Imports: 22 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	CtxTokenHeaderKey     = "token_header"
	CtxTokenHeaderDelKey  = "token_header_delete"
	CtxDisableRedirectKey = "disable_redirect"
	CtxCookieNameKey      = "cookie_name"
)

Variables

View Source 
var (
	ErrKIDNotFound  = keyfunc.ErrKIDNotFound
	ErrTokenInvalid = fmt.Errorf("token is invalid")
)
View Source 
var (
	TokenKey    = "token"
	ProviderKey = "provider"
)
View Source 
var GlobalRegistry = &Registry{
	Store: make(map[string]*Session),
}

Functions

func GetOptionJWK added in v0.6.0 

func GetOptionJWK(opts ...OptionJWK) optionsJWK

func MapOptionKeyfunc added in v0.6.0 

func MapOptionKeyfunc(opt optionsJWK) keyfunc.Options

Types

type Action added in v0.5.7 

type Action struct {
	Active string `cfg:"active"`
	Token  *Token `cfg:"token"`
}

type AuthHeaderStyle added in v0.5.8 

type AuthHeaderStyle int

AuthHeaderStyle is a type to set Authorization header style. 

const (
	AuthHeaderStyleBasic AuthHeaderStyle = iota
	AuthHeaderStyleBearerSecret
	AuthHeaderStyleParams
)

type HostCookieName added in v0.6.4 

type HostCookieName struct {
	// Host as "localhost:8082"
	Host  string `cfg:"host"`
	Regex string `cfg:"regex"`

	CookieName string `cfg:"cookie_name"`
	// contains filtered or unexported fields
}

type InfKeyFunc added in v0.6.0 

type InfKeyFunc interface {
	Keyfunc(token *jwt.Token) (interface{}, error)
}

type InfKeyFuncParser added in v0.6.0 

type InfKeyFuncParser interface {
	InfKeyFunc
	ParseWithClaims(tokenString string, claims jwt.Claims) (*jwt.Token, error)
}

type InfProviderCert added in v0.6.0 

type InfProviderCert interface {
	GetCertURL() string
	GetName() string
}

type JwkKeyFuncParse added in v0.6.0 

type JwkKeyFuncParse struct {
	KeyFunc func(token *jwt.Token) (interface{}, error)
}

func MultiJWTKeyFunc added in v0.6.0 

func MultiJWTKeyFunc(providers []InfProviderCert, opts ...OptionJWK) (*JwkKeyFuncParse, error)

MultiJWTKeyFunc returns a jwt.Keyfunc with multiple keyfunc.

Doesn't support introspect and noops, it will ignore them.

func (*JwkKeyFuncParse) Keyfunc added in v0.6.0 

func (j *JwkKeyFuncParse) Keyfunc(token *jwt.Token) (interface{}, error)

func (*JwkKeyFuncParse) ParseWithClaims added in v0.6.0 

func (j *JwkKeyFuncParse) ParseWithClaims(tokenString string, claims jwt.Claims) (*jwt.Token, error)

type KeyFound added in v0.6.0 

type KeyFound struct {
	Key  interface{}
	Name string
}

func KeySelectorFirst added in v0.6.0 

func KeySelectorFirst(multiJWKS *MultipleJWKS, token *jwt.Token) (*KeyFound, error)

KeySelectorFirst returns the first key found in the multiple JWK Sets.

type KeyFuncMulti added in v0.6.0 

type KeyFuncMulti struct {
	// contains filtered or unexported fields
}

func (*KeyFuncMulti) KeySelectorFirst added in v0.6.0 

func (k *KeyFuncMulti) KeySelectorFirst(multiJWKS *MultipleJWKS, token *jwt.Token) (interface{}, error)

func (*KeyFuncMulti) Keyfunc added in v0.6.0 

func (k *KeyFuncMulti) Keyfunc(token *jwt.Token) (interface{}, error)

type MetaData 

type MetaData struct {
	Error string `json:"error"`
}

type MultipleJWKS added in v0.6.0 

type MultipleJWKS struct {
	// contains filtered or unexported fields
}

MultipleJWKS manages multiple JWKS and has a field for jwt.Keyfunc.

func GetMultiple added in v0.6.0 

func GetMultiple(multiple map[MultipleJWKSKey]keyfunc.Options, options MultipleOptions) (multiJWKS *MultipleJWKS, err error)

GetMultiple creates a new MultipleJWKS. A map of length one or more JWKS URLs to Options is required.

Be careful when choosing Options for each JWKS in the map. If RefreshUnknownKID is set to true for all JWKS in the map then many refresh requests would take place each time a JWT is processed, this should be rate limited by RefreshRateLimit.

func (*MultipleJWKS) Keyfunc added in v0.6.0 

func (m *MultipleJWKS) Keyfunc(token *jwt.Token) (interface{}, error)

Keyfunc matches the signature of github.com/golang-jwt/jwt/v5's jwt.Keyfunc function.

type MultipleJWKSKey added in v0.6.0 

type MultipleJWKSKey struct {
	URL  string
	Name string
}

type MultipleOptions added in v0.6.0 

type MultipleOptions struct {
	KeySelector func(multiJWKS *MultipleJWKS, token *jwt.Token) (key interface{}, err error)
}

type Oauth2 added in v0.5.8 

type Oauth2 struct {
	// ClientID is the application's ID.
	ClientID string `cfg:"client_id"`
	// ClientSecret is the application's secret.
	ClientSecret string `cfg:"client_secret" log:"false"`
	// Scope specifies optional requested permissions.
	Scopes []string `cfg:"scopes"`
	// CertURL is the resource server's public key URL.
	CertURL string `cfg:"cert_url"`
	// IntrospectURL is the check the active or not with request.
	IntrospectURL string `cfg:"introspect_url"`
	// AuthURL is the resource server's authorization endpoint
	// use for redirection to login page.
	AuthURL string `cfg:"auth_url"`
	// TokenURL is the resource server's token endpoint URL.
	TokenURL  string `cfg:"token_url"`
	LogoutURL string `cfg:"logout_url"`
	// AuthHeaderStyle is optional. If not set, AuthHeaderStyleBasic will be used.
	AuthHeaderStyle AuthHeaderStyle
}

type OptionJWK added in v0.6.0 

type OptionJWK func(options *optionsJWK)

func WithClient added in v0.6.0 

func WithClient(client *http.Client) OptionJWK

WithClient is used to set the http.Client used to fetch the JWKs.

func WithContext added in v0.6.0 

func WithContext(ctx context.Context) OptionJWK

WithContext is used to set the context used to fetch the JWKs.

func WithIntrospect added in v0.6.0 

func WithIntrospect(v bool) OptionJWK

func WithKeyFunc added in v0.6.0 

func WithKeyFunc(keyFunc InfKeyFunc) OptionJWK

WithGivenKeys is used to set the given keys used to verify the token.

Return ErrKIDNotFound if the kid is not found.

Example: 

// Create the JWKS from the given keys.
givenKeys := map[string]keyfunc.GivenKey{
	"my-key-id": keyfunc.NewGivenHMAC(...),
}
jwks := keyfunc.NewGiven(givenKeys)

func WithRefreshErrorHandler added in v0.6.0 

func WithRefreshErrorHandler(fn func(err error)) OptionJWK

WithRefreshErrorHandler sets the refresh error handler for the jwt.Key.

func WithRefreshInterval added in v0.6.0 

func WithRefreshInterval(d time.Duration) OptionJWK

WithRefreshInterval sets the refresh interval for the jwt.Keyfunc default is 5 minutes.

type Options 

type Options struct {
	Path     string `cfg:"path"`
	MaxAge   int    `cfg:"max_age"`
	Domain   string `cfg:"domain"`
	Secure   bool   `cfg:"secure"`
	HttpOnly bool   `cfg:"http_only"`
	// SameSite for Lax 2, Strict 3, None 4.
	SameSite http.SameSite `cfg:"same_site"`
}

type Provider added in v0.5.7 

type Provider struct {
	Name   string  `cfg:"name"`
	Oauth2 *Oauth2 `cfg:"oauth2"`
	// PasswordFlow is use password flow to get token.
	PasswordFlow bool `cfg:"password_flow"`
	// Priority is use to sort provider.
	Priority int `cfg:"priority"`
}

type ProviderWrapper added in v0.5.7 

type ProviderWrapper struct {
	Name    string
	Generic *providers.Generic
}

func (*ProviderWrapper) GetCertURL added in v0.5.7 

func (p *ProviderWrapper) GetCertURL() string

func (*ProviderWrapper) GetName added in v0.6.0 

func (p *ProviderWrapper) GetName() string

type Registry 

type Registry struct {
	Store map[string]*Session
	// contains filtered or unexported fields
}

func (*Registry) Get 

func (r *Registry) Get(name string) *Session

func (*Registry) Set 

func (r *Registry) Set(name string, store *Session)

type Session 

type Session struct {
	SessionKey string  `cfg:"session_key"`
	Store      Store   `cfg:"store"`
	Options    Options `cfg:"options"`

	// CookieName for default cookie name.
	// Overwrite this value with 'cookie_name' ctx value.
	CookieName string `cfg:"cookie_name"`
	// CookieNameHosts for cookie name by host with regexp.
	CookieNameHosts []HostCookieName `cfg:"cookie_name_hosts"`

	Action   Action              `cfg:"action"`
	Provider map[string]Provider `cfg:"provider"`
	// contains filtered or unexported fields
}

func (*Session) DelToken added in v0.5.7 

func (m *Session) DelToken(c echo.Context) error

func (*Session) Do 

func (m *Session) Do(next echo.HandlerFunc, c echo.Context) error

func (*Session) GetCookieName added in v0.6.4 

func (m *Session) GetCookieName(c echo.Context) string

func (*Session) GetStore 

func (m *Session) GetStore() StoreInf

func (*Session) GetToken added in v0.6.1 

func (m *Session) GetToken(c echo.Context) (*TokenData, *Oauth2, error)

func (*Session) Init 

func (m *Session) Init(ctx context.Context, name string) error

func (*Session) IsLogged 

func (m *Session) IsLogged(c echo.Context) (bool, error)

IsLogged check token is exist and valid.

func (*Session) Middleware 

func (m *Session) Middleware(ctx context.Context, name string) (echo.MiddlewareFunc, error)

func (*Session) RedirectToLogin 

func (m *Session) RedirectToLogin(c echo.Context, store StoreInf, addRedirectPath bool, removeSession bool) error

func (*Session) RedirectToMain 

func (m *Session) RedirectToMain(c echo.Context) error

func (*Session) SetAction 

func (m *Session) SetAction() error

func (*Session) SetStore 

func (m *Session) SetStore(ctx context.Context) error

func (*Session) SetToken added in v0.5.7 

func (m *Session) SetToken(c echo.Context, token []byte, providerName string) error

type Store 

type Store struct {
	Active string       `cfg:"active"`
	Redis  *store.Redis `cfg:"redis"`
	File   *store.File  `cfg:"file"`
}

type StoreInf 

type StoreInf interface {
	Get(r *http.Request, name string) (*sessions.Session, error)
}

type Token 

type Token struct {
	LoginPath          string `cfg:"login_path"`
	DisableRefresh     bool   `cfg:"disable_refresh"`
	InsecureSkipVerify bool   `cfg:"insecure_skip_verify"`
	// contains filtered or unexported fields
}

func (*Token) GetKeyFunc added in v0.5.11 

func (t *Token) GetKeyFunc() InfKeyFuncParser

type TokenData added in v0.5.7 

type TokenData struct {
	AccessToken      string `json:"access_token"`
	ExpiresIn        int    `json:"expires_in"`
	RefreshExpiresIn int    `json:"refresh_expires_in"`
	RefreshToken     string `json:"refresh_token"`
	TokenType        string `json:"token_type"`
	NotBeforePolicy  int    `json:"not-before-policy"`
	SessionState     string `json:"session_state"`
	Scope            string `json:"scope"`
	IDToken          string `json:"id_token"`
}

func ParseToken added in v0.5.7 

func ParseToken(v []byte) (*TokenData, error)

func ParseToken64 added in v0.5.7 

func ParseToken64(v string) (*TokenData, error)

Parse64 parse the cookie

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.