Documentation
¶
Index ¶
- Constants
- Variables
- func GetOptionJWK(opts ...OptionJWK) optionsJWK
- func MapOptionKeyfunc(opt optionsJWK) keyfunc.Options
- type Action
- type AuthHeaderStyle
- type InfKeyFunc
- type InfKeyFuncParser
- type InfProviderCert
- type JwkKeyFuncParse
- type KeyFound
- type KeyFuncMulti
- type MetaData
- type MultipleJWKS
- type MultipleJWKSKey
- type MultipleOptions
- type Oauth2
- type OptionJWK
- type Options
- type Provider
- type ProviderWrapper
- type Registry
- type Session
- func (s *Session) DelToken(c echo.Context) error
- func (m *Session) Do(next echo.HandlerFunc, c echo.Context) error
- func (s *Session) GetStore() StoreInf
- func (m *Session) GetToken(c echo.Context) (*TokenData, *Oauth2, error)
- func (m *Session) Init(ctx context.Context, name string) error
- func (m *Session) IsLogged(c echo.Context) (bool, error)
- func (m *Session) Middleware(ctx context.Context, name string) (echo.MiddlewareFunc, error)
- func (m *Session) RedirectToLogin(c echo.Context, store StoreInf, addRedirectPath bool, removeSession bool) error
- func (m *Session) RedirectToMain(c echo.Context) error
- func (m *Session) SetAction() error
- func (s *Session) SetStore(ctx context.Context) error
- func (s *Session) SetToken(c echo.Context, token []byte, providerName string) error
- type Store
- type StoreInf
- type Token
- type TokenData
Constants ¶
View Source
const ( CtxTokenHeaderKey = "token_header" CtxTokenHeaderDelKey = "token_header_delete" CtxDisableRedirectKey = "disable_redirect" )
Variables ¶
View Source
var ( ErrKIDNotFound = keyfunc.ErrKIDNotFound ErrTokenInvalid = fmt.Errorf("token is invalid") )
View Source
var ( TokenKey = "token" ProviderKey = "provider" )
View Source
var GlobalRegistry = &Registry{ Store: make(map[string]*Session), }
Functions ¶
func GetOptionJWK ¶ added in v0.6.0
func GetOptionJWK(opts ...OptionJWK) optionsJWK
func MapOptionKeyfunc ¶ added in v0.6.0
func MapOptionKeyfunc(opt optionsJWK) keyfunc.Options
Types ¶
type AuthHeaderStyle ¶ added in v0.5.8
type AuthHeaderStyle int
AuthHeaderStyle is a type to set Authorization header style.
const ( AuthHeaderStyleBasic AuthHeaderStyle = iota AuthHeaderStyleBearerSecret AuthHeaderStyleParams )
type InfKeyFunc ¶ added in v0.6.0
type InfKeyFunc interface {
Keyfunc(token *jwt.Token) (interface{}, error)
}
type InfKeyFuncParser ¶ added in v0.6.0
type InfKeyFuncParser interface {
InfKeyFunc
ParseWithClaims(tokenString string, claims jwt.Claims) (*jwt.Token, error)
}
type InfProviderCert ¶ added in v0.6.0
type JwkKeyFuncParse ¶ added in v0.6.0
type JwkKeyFuncParse struct {
KeyFunc func(token *jwt.Token) (interface{}, error)
}
func MultiJWTKeyFunc ¶ added in v0.6.0
func MultiJWTKeyFunc(providers []InfProviderCert, opts ...OptionJWK) (*JwkKeyFuncParse, error)
MultiJWTKeyFunc returns a jwt.Keyfunc with multiple keyfunc.
Doesn't support introspect and noops, it will ignore them.
func (*JwkKeyFuncParse) Keyfunc ¶ added in v0.6.0
func (j *JwkKeyFuncParse) Keyfunc(token *jwt.Token) (interface{}, error)
func (*JwkKeyFuncParse) ParseWithClaims ¶ added in v0.6.0
func (j *JwkKeyFuncParse) ParseWithClaims(tokenString string, claims jwt.Claims) (*jwt.Token, error)
type KeyFound ¶ added in v0.6.0
type KeyFound struct {
Key interface{}
Name string
}
func KeySelectorFirst ¶ added in v0.6.0
func KeySelectorFirst(multiJWKS *MultipleJWKS, token *jwt.Token) (*KeyFound, error)
KeySelectorFirst returns the first key found in the multiple JWK Sets.
type KeyFuncMulti ¶ added in v0.6.0
type KeyFuncMulti struct {
// contains filtered or unexported fields
}
func (*KeyFuncMulti) KeySelectorFirst ¶ added in v0.6.0
func (k *KeyFuncMulti) KeySelectorFirst(multiJWKS *MultipleJWKS, token *jwt.Token) (interface{}, error)
func (*KeyFuncMulti) Keyfunc ¶ added in v0.6.0
func (k *KeyFuncMulti) Keyfunc(token *jwt.Token) (interface{}, error)
type MultipleJWKS ¶ added in v0.6.0
type MultipleJWKS struct {
// contains filtered or unexported fields
}
MultipleJWKS manages multiple JWKS and has a field for jwt.Keyfunc.
func GetMultiple ¶ added in v0.6.0
func GetMultiple(multiple map[MultipleJWKSKey]keyfunc.Options, options MultipleOptions) (multiJWKS *MultipleJWKS, err error)
GetMultiple creates a new MultipleJWKS. A map of length one or more JWKS URLs to Options is required.
Be careful when choosing Options for each JWKS in the map. If RefreshUnknownKID is set to true for all JWKS in the map then many refresh requests would take place each time a JWT is processed, this should be rate limited by RefreshRateLimit.
func (*MultipleJWKS) Keyfunc ¶ added in v0.6.0
func (m *MultipleJWKS) Keyfunc(token *jwt.Token) (interface{}, error)
Keyfunc matches the signature of github.com/golang-jwt/jwt/v5's jwt.Keyfunc function.
type MultipleJWKSKey ¶ added in v0.6.0
type MultipleOptions ¶ added in v0.6.0
type MultipleOptions struct {
KeySelector func(multiJWKS *MultipleJWKS, token *jwt.Token) (key interface{}, err error)
}
type Oauth2 ¶ added in v0.5.8
type Oauth2 struct {
// ClientID is the application's ID.
ClientID string `cfg:"client_id"`
// ClientSecret is the application's secret.
ClientSecret string `cfg:"client_secret" log:"false"`
// Scope specifies optional requested permissions.
Scopes []string `cfg:"scopes"`
// CertURL is the resource server's public key URL.
CertURL string `cfg:"cert_url"`
// IntrospectURL is the check the active or not with request.
IntrospectURL string `cfg:"introspect_url"`
// AuthURL is the resource server's authorization endpoint
// use for redirection to login page.
AuthURL string `cfg:"auth_url"`
// TokenURL is the resource server's token endpoint URL.
TokenURL string `cfg:"token_url"`
LogoutURL string `cfg:"logout_url"`
// AuthHeaderStyle is optional. If not set, AuthHeaderStyleBasic will be used.
AuthHeaderStyle AuthHeaderStyle
}
type OptionJWK ¶ added in v0.6.0
type OptionJWK func(options *optionsJWK)
func WithClient ¶ added in v0.6.0
WithClient is used to set the http.Client used to fetch the JWKs.
func WithContext ¶ added in v0.6.0
WithContext is used to set the context used to fetch the JWKs.
func WithIntrospect ¶ added in v0.6.0
func WithKeyFunc ¶ added in v0.6.0
func WithKeyFunc(keyFunc InfKeyFunc) OptionJWK
WithGivenKeys is used to set the given keys used to verify the token.
Return ErrKIDNotFound if the kid is not found.
Example:
// Create the JWKS from the given keys.
givenKeys := map[string]keyfunc.GivenKey{
"my-key-id": keyfunc.NewGivenHMAC(...),
}
jwks := keyfunc.NewGiven(givenKeys)
func WithRefreshErrorHandler ¶ added in v0.6.0
WithRefreshErrorHandler sets the refresh error handler for the jwt.Key.
func WithRefreshInterval ¶ added in v0.6.0
WithRefreshInterval sets the refresh interval for the jwt.Keyfunc default is 5 minutes.
type ProviderWrapper ¶ added in v0.5.7
func (*ProviderWrapper) GetCertURL ¶ added in v0.5.7
func (p *ProviderWrapper) GetCertURL() string
func (*ProviderWrapper) GetName ¶ added in v0.6.0
func (p *ProviderWrapper) GetName() string
type Session ¶
type Session struct {
SessionKey string `cfg:"session_key"`
Store Store `cfg:"store"`
Options Options `cfg:"options"`
CookieName string `cfg:"cookie_name"`
Action Action `cfg:"action"`
Provider map[string]Provider `cfg:"provider"`
// contains filtered or unexported fields
}
func (*Session) Middleware ¶
func (*Session) RedirectToLogin ¶
func (*Session) RedirectToMain ¶
type Token ¶
type Token struct {
LoginPath string `cfg:"login_path"`
DisableRefresh bool `cfg:"disable_refresh"`
InsecureSkipVerify bool `cfg:"insecure_skip_verify"`
// contains filtered or unexported fields
}
func (*Token) GetKeyFunc ¶ added in v0.5.11
func (t *Token) GetKeyFunc() InfKeyFuncParser
type TokenData ¶ added in v0.5.7
type TokenData struct {
AccessToken string `json:"access_token"`
ExpiresIn int `json:"expires_in"`
RefreshExpiresIn int `json:"refresh_expires_in"`
RefreshToken string `json:"refresh_token"`
TokenType string `json:"token_type"`
NotBeforePolicy int `json:"not-before-policy"`
SessionState string `json:"session_state"`
Scope string `json:"scope"`
IDToken string `json:"id_token"`
}
func ParseToken ¶ added in v0.5.7
func ParseToken64 ¶ added in v0.5.7
Parse64 parse the cookie
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.