Documentation ¶
Overview ¶
Package echojwtx implements echo-jwt middleware with additional helpers for setting the JWT Subject as an actor context value.
Index ¶
Constants ¶
View Source
const (
// ActorKey defines the context key an actor is stored in.
ActorKey = "actor"
)
View Source
const ( // DefaultOIDCJWKSRemoteTimeout defines the default timeout for fetching the OIDC JWKS file. DefaultOIDCJWKSRemoteTimeout = 5 * time.Second )
Variables ¶
View Source
var (
// TestPrivRSAKey1 provides an RSA key used to sign tokens
TestPrivRSAKey1, _ = rsa.GenerateKey(rand.Reader, testKeySize)
// TestPrivRSAKey1ID is the ID of this signing key in tokens
TestPrivRSAKey1ID = "testKey1"
// TestPrivRSAKey2 provides an RSA key used to sign tokens
TestPrivRSAKey2, _ = rsa.GenerateKey(rand.Reader, testKeySize)
// TestPrivRSAKey2ID is the ID of this signing key in tokens
TestPrivRSAKey2ID = "testKey2"
)
View Source
var ( // ErrJWKSURIMissing is returned when the jwks_uri field is not found in the issuer's oidc well-known configuration. ErrJWKSURIMissing = errors.New("jwks_uri missing from oidc provider") )
Functions ¶
func MustViperFlags ¶
MustViperFlags adds jwks-uri to the provided flagset and binds to viper jwks.uri.
Types ¶
type Auth ¶
type Auth struct {
// contains filtered or unexported fields
}
Auth handles JWT Authentication as echo middleware.
func NewAuth ¶
func NewAuth(ctx context.Context, config AuthConfig) (*Auth, error)
NewAuth creates a new auth middleware handler for JWTs using JWKS.
func (*Auth) Middleware ¶
func (a *Auth) Middleware() echo.MiddlewareFunc
Middleware returns echo middleware for validation jwt tokens.
type AuthConfig ¶
type AuthConfig struct { // Logger defines the auth logger to use. Logger *zap.Logger // Issuer is the Auth Issuer Issuer string // Audience is the Auth Audience Audience string // JWTConfig configuration for handling JWT validation. JWTConfig echojwt.Config // KeyFuncOptions configuration for fetching JWKS. KeyFuncOptions keyfunc.Options }
AuthConfig provides configuration for JWT validation using JWKS.
func AuthConfigFromViper ¶
func AuthConfigFromViper(v *viper.Viper) (*AuthConfig, error)
AuthConfigFromViper builds a new AuthConfig from viper.
Click to show internal directories.
Click to hide internal directories.