Documentation
¶
Index ¶
- Constants
- Variables
- func ResetTokenLifespan(lifespan int64) func(*JWTokenService) error
- func WebCookieTokenLifespan(lifespan int64) func(*JWTokenService) error
- type JWTokenService
- func (ts *JWTokenService) Algorithm() string
- func (ts *JWTokenService) Issuer() string
- func (ts *JWTokenService) KeyID() string
- func (ts *JWTokenService) NewAccessToken(u model.User, scopes []string, app model.AppData, requireTFA bool) (ijwt.Token, error)
- func (ts *JWTokenService) NewInviteToken() (ijwt.Token, error)
- func (ts *JWTokenService) NewRefreshToken(u model.User, scopes []string, app model.AppData) (ijwt.Token, error)
- func (ts *JWTokenService) NewResetToken(userID string) (ijwt.Token, error)
- func (ts *JWTokenService) NewWebCookieToken(u model.User) (ijwt.Token, error)
- func (ts *JWTokenService) Parse(s string) (ijwt.Token, error)
- func (ts *JWTokenService) PublicKey() interface{}
- func (ts *JWTokenService) RefreshAccessToken(refreshToken ijwt.Token) (ijwt.Token, error)
- func (ts *JWTokenService) String(t ijwt.Token) (string, error)
- func (ts *JWTokenService) ValidateTokenString(tstr string, v jwtValidator.Validator, tokenType string) (ijwt.Token, error)
- func (ts *JWTokenService) WebCookieTokenLifespan() int64
- type TokenService
Constants ¶
View Source
const ( // PayloadName is a JWT token payload "name". PayloadName = "name" // PayloadTFAuthorized is a JWT token payload "tfa_authorized". PayloadTFAuthorized = "tfa_authorized" )
View Source
const ( // OfflineScope is a scope value to request refresh token. OfflineScope = "offline" // RefrestTokenType is a refresh token type value. RefrestTokenType = "refresh" // InviteTokenType is an invite token type value. InviteTokenType = "invite" // AccessTokenType is an access token type value. AccessTokenType = "access" // ResetTokenType is a reset password token type value. ResetTokenType = "reset" // WebCookieTokenType is a web-cookie token type value. WebCookieTokenType = "web-cookie" )
Variables ¶
View Source
var ( // ErrCreatingToken is a token creation error. ErrCreatingToken = errors.New("Error creating token") // ErrSavingToken is a token saving error. ErrSavingToken = errors.New("Error saving token") // ErrInvalidApp is when the application is not eligible to obtain the token ErrInvalidApp = errors.New("Application is not eligible to obtain the token") // ErrInvalidOfflineScope is when the requested scope does not have an offline value. ErrInvalidOfflineScope = errors.New("Requested scope don't have offline value") // ErrInvalidUser is when the user cannot obtain the new token. ErrInvalidUser = errors.New("The user cannot obtain the new token") // TokenLifespan is a token expiration time, one week. TokenLifespan = int64(604800) // int64(1*7*24*60*60) // InviteTokenLifespan is an invite token expiration time, one hour. InviteTokenLifespan = int64(3600) // int64(1*60*60) // RefreshTokenLifespan is a default expiration time for refresh tokens, one year. RefreshTokenLifespan = int64(31536000) // int(365*24*60*60) )
Functions ¶
func ResetTokenLifespan ¶
func ResetTokenLifespan(lifespan int64) func(*JWTokenService) error
ResetTokenLifespan sets custom lifespan in seconds for the reset token
func WebCookieTokenLifespan ¶
func WebCookieTokenLifespan(lifespan int64) func(*JWTokenService) error
WebCookieTokenLifespan sets custom lifespan in seconds for the web cookie token
Types ¶
type JWTokenService ¶
type JWTokenService struct {
// contains filtered or unexported fields
}
JWTokenService is a JWT token service.
func (*JWTokenService) Algorithm ¶
func (ts *JWTokenService) Algorithm() string
Algorithm returns signature algorithm.
func (*JWTokenService) Issuer ¶
func (ts *JWTokenService) Issuer() string
Issuer returns token issuer name.
func (*JWTokenService) KeyID ¶
func (ts *JWTokenService) KeyID() string
KeyID returns public key ID, using SHA-1 fingerprint.
func (*JWTokenService) NewAccessToken ¶
func (ts *JWTokenService) NewAccessToken(u model.User, scopes []string, app model.AppData, requireTFA bool) (ijwt.Token, error)
NewAccessToken creates new access token for user.
func (*JWTokenService) NewInviteToken ¶
func (ts *JWTokenService) NewInviteToken() (ijwt.Token, error)
NewInviteToken creates new invite token.
func (*JWTokenService) NewRefreshToken ¶
func (ts *JWTokenService) NewRefreshToken(u model.User, scopes []string, app model.AppData) (ijwt.Token, error)
NewRefreshToken creates new refresh token.
func (*JWTokenService) NewResetToken ¶
func (ts *JWTokenService) NewResetToken(userID string) (ijwt.Token, error)
NewResetToken creates new token for password resetting.
func (*JWTokenService) NewWebCookieToken ¶
NewWebCookieToken creates new web cookie token.
func (*JWTokenService) Parse ¶
func (ts *JWTokenService) Parse(s string) (ijwt.Token, error)
Parse parses token data from the string representation.
func (*JWTokenService) PublicKey ¶
func (ts *JWTokenService) PublicKey() interface{}
PublicKey returns public key.
func (*JWTokenService) RefreshAccessToken ¶
RefreshAccessToken issues new access token for provided refresh token.
func (*JWTokenService) String ¶
func (ts *JWTokenService) String(t ijwt.Token) (string, error)
String returns string representation of a token.
func (*JWTokenService) ValidateTokenString ¶
func (ts *JWTokenService) ValidateTokenString(tstr string, v jwtValidator.Validator, tokenType string) (ijwt.Token, error)
ValidateTokenString parses token and validates it.
func (*JWTokenService) WebCookieTokenLifespan ¶
func (ts *JWTokenService) WebCookieTokenLifespan() int64
WebCookieTokenLifespan return auth token lifespan
type TokenService ¶
type TokenService interface {
NewAccessToken(u model.User, scopes []string, app model.AppData, requireTFA bool) (ijwt.Token, error)
NewRefreshToken(u model.User, scopes []string, app model.AppData) (ijwt.Token, error)
RefreshAccessToken(token ijwt.Token) (ijwt.Token, error)
NewInviteToken() (ijwt.Token, error)
NewResetToken(userID string) (ijwt.Token, error)
NewWebCookieToken(u model.User) (ijwt.Token, error)
Parse(string) (ijwt.Token, error)
String(ijwt.Token) (string, error)
Issuer() string
Algorithm() string
WebCookieTokenLifespan() int64
PublicKey() interface{} // we are not using crypto.PublicKey here to avoid dependencies
KeyID() string
}
TokenService is an abstract token manager.
func NewJWTokenService ¶
func NewJWTokenService(keys *model.JWTKeys, issuer string, tokenStorage model.TokenStorage, appStorage model.AppStorage, userStorage model.UserStorage, options ...func(TokenService) error) (TokenService, error)
NewJWTokenService returns new JWT token service. Arguments: - privateKeyPath - the path to the private key in pem format. Please keep it in a secret place. - publicKeyPath - the path to the public key.
Source Files
Click to show internal directories.
Click to hide internal directories.