auth

package module
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 1, 2021 License: Apache-2.0 Imports: 14 Imported by: 0

README

auth - Easy to Use Authentication Package Go Go Reference

This package provides quick easy to use methods and functions to perform various authentication activities in applications.

Inspiration

This package draws inspiration from the Udemy Course - Web Authentication, Encryption, JWT, HMAC, & OAuth With Go by Created by Todd McLeod and Daniel Hoffmann.

The gist of the learning from this course has been incorporated into this package.

License

Copyright 2020 Abhijit Bose. All rights reserved.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

Documentation

Overview

Package auth is a authentication helper that supports multiple types of applications.

Index

Constants

View Source 
const (
	// BcryptDefaultCost is the Bcrypt Default Cost where the performace is optimal
	BcryptDefaultCost = bcrypt.DefaultCost
	// BcryptMaxCost is the Bcrypt Maximum Cost with Longest Time
	BcryptMaxCost = bcrypt.MaxCost
	// BcryptMinCost is the Bcrypt Minimum Cost with Shortest time
	BcryptMinCost = bcrypt.MinCost
	// MethodMD5 describes the MD5 Hashing Algorithm
	MethodMD5 = "MD5"
	// MethodSHA1 describes the SHA1 Hashing Algorithm
	MethodSHA1 = "SHA1"
	// MethodSHA224 describes the SHA224 Hashing Algorithm
	MethodSHA224 = "SHA224"
	// MethodSHA256 describes the SHA256 Hashing Algorithm
	MethodSHA256 = "SHA256"
	// MethodSHA384 describes the SHA384 Hashing Algorithm
	MethodSHA384 = "SHA384"
	// MethodSHA512 describes the SHA512 Hashing Algorithm
	MethodSHA512 = "SHA512"
	// MethodBcrypt describes the bcrypt Hashing Algorithm
	MethodBcrypt = "bcrypt"
)
View Source 
const (
	// Pbkdf2MinSize defines the minimum size of the Salt and Output
	Pbkdf2MinSize = 8
	// Pbkdf2MinRounds defines the minimum number of iterations for the
	// PBKDF2 key derivation process
	Pbkdf2MinRounds = 8
)
View Source 
const (

	// HSTokenDefaultExpiry specifies the Minimum duration for which HSToken is valid
	HSTokenDefaultExpiry = 1 * time.Minute
)

Variables

View Source 
var (
	Md5    *hashFn
	Sha1   *hashFn
	Sha224 *hashFn
	Sha256 *hashFn
	Sha384 *hashFn
	Sha512 *hashFn
	Bcrypt *bcryptFn
)

List of Hash Functions

View Source 
var ErrNotImplemented = fmt.Errorf("error functionality not implemented yet")

ErrNotImplemented occurs when an Un-implemented feature is called on

View Source 
var ErrNotInitialized = fmt.Errorf("error this construct is not initialized")

ErrNotInitialized occurs when an Authentication process or function tries to access an un-initialized data parameter or construct.

View Source 
var ErrNotSupported = fmt.Errorf("error the option or operation is not supported")

ErrNotSupported occurs when a particular feature is not implemented or 

logically not supported in the current context
View Source 
var ErrParameter = fmt.Errorf("error in supplied parameters")

ErrParameter occurs when there are issues with the supplied parameter in any function.

Functions

func Decode added in v0.0.6 

func Decode(f *EncodeIt, value string) ([]byte, error)

Decode is the Generic DecodeFromString function for all encoded values supported

func Digest added in v0.0.6 

func Digest(d DigestIt, data []byte, opts ...DigestOptions) ([]byte, error)

Digest is the generic function for obtaining various type of HASH function operations on the data

func Encode added in v0.0.6 

func Encode(f *EncodeIt, data []byte) string

Encode is Generic EncodeToString function for All byte Arrays

func GetHSToken added in v0.0.9 

func GetHSToken(session string, key []byte, d DigestIt, opt ...HSTokenOptions) (string, error)

GetHSToken function Provides a way to generate a JWT of HS256, HS384 and HS512 type tokens

func GetRandom added in v0.0.5 

func GetRandom(size int) ([]byte, error)

GetRandom returns a cryptographically safe randome numbers byte array with the size specified

func PasswordCheck added in v0.0.8 

func PasswordCheck(d DigestIt, pass string, dig []byte, opts ...DigestOptions) error

PasswordCheck function is used to verify the password against the precalculated digest.

func PasswordHash added in v0.0.2 

func PasswordHash(d DigestIt, pass string, opts ...DigestOptions) ([]byte, error)

PasswordHash is used to generated cryptographically secure digest from the supplied password and also verify the digest.

func Pbkdf2 added in v0.0.8 

func Pbkdf2(password []byte, d DigestIt, opt ...Pbkdf2Options) (
	result []byte,
	salt []byte,
	err error,
)

Pbkdf2 function performs the PBKDF2 operation with given optional functions

func RandString added in v1.0.0 

func RandString(size int) (s string, err error)

RandString generates a random string array based on the given size

func RegisterDigestFunction added in v0.0.6 

func RegisterDigestFunction(name string, f DigestIt)

RegisterDigestFunction adds the specific Hash generation functions in the global list. It is typically run during init() stage.

func RegisterEncoder added in v0.0.6 

func RegisterEncoder(f *EncodeIt)

RegisterEncoder updates the list of Encoders available. This is typically called during init() stage.

func UUIDv4 added in v0.0.6 

func UUIDv4() (string, error)

UUIDv4 function helps to generate UUID using V4 algorithm

Types

type Auth 

type Auth interface {

	// Create function generates the Authentication Entity by processing
	// incoming data and the specific 'bias'.
	Create(data []byte, bias interface{}) (output []byte, err error)

	// Verify function checks the Authentication Entity by processing
	// it with the optional incoming 'bias'. It also recovers the original
	// 'data' and 'bias' used to create the Authentication Entity.
	Verify(value []byte, bias interface{}) (data []byte, iBias interface{}, err error)

	// Set function configures the Authentication Entity creation and
	// verification process. It also accepts the static "Key" that needs
	// to be employed while processing the Authentication Entity.
	Set(method string, key interface{}) error
}

Auth is the generic interface that would be implemented by the various authentication algorithms and classifications.

The term "Authentication Entity" refers to a token, pass, or a Unique piece of information that provides Identity, and Authorization status of the bearer.

type DigestIt added in v0.0.6 

type DigestIt interface {

	// Name Returns the Name in String for the given Hash Function
	Name() string

	// Get function takes in the byte array of arbitrary Size and
	// process it into a digest of fix size
	Get([]byte) ([]byte, error)

	// Auth Interface is Implemented here
	Auth
}

DigestIt interface defines the way by which Hash function coverts byte array of arbitrary size to a byte array of a fixed size called the "hash value", "hash", or "message digest"

func GetDigestFunction added in v0.0.6 

func GetDigestFunction(name string) (f DigestIt)

GetDigestFunction fetches the respective Hash generation function using its pre registed name.

type DigestOptions added in v0.0.6 

type DigestOptions func(DigestIt) DigestIt

DigestOptions provides a functional Option for attribute modification functions

func WithBcryptCost added in v0.0.6 

func WithBcryptCost(cost int) DigestOptions

WithBcryptCost helps to implement Alternative Bcrypt operation

func WithDigest added in v0.0.8 

func WithDigest(digest []byte) DigestOptions

WithDigest helps to implement Verification as part of Digest operations

func WithHMACKey added in v0.0.6 

func WithHMACKey(key []byte) DigestOptions

WithHMACKey helps to implement HMAC operation

type EncodeIt added in v0.0.6 

type EncodeIt struct {
	Name string
	// To(EncodeToString) converts the Supplied byte array to the specific
	// encode Format string
	To func(src []byte) string

	// From(DecodeString) converts the Supplied string back to its byte array form
	From func(s string) ([]byte, error)
}

EncodeIt is the String format encode function for byte Array encoders 

var (
	Hex       *EncodeIt
	Base64    *EncodeIt
	Base64URL *EncodeIt
)

List of Encoders Supported

func GetEncoder added in v0.0.6 

func GetEncoder(name string) (f *EncodeIt)

GetEncoder fetches the specific encoder from the List of Encoders

func (*EncodeIt) Create added in v0.0.7 

func (e *EncodeIt) Create(data []byte, encode interface{}) (output []byte, err error)

Create method from the Auth Interface

func (*EncodeIt) Set added in v0.0.7 

func (e *EncodeIt) Set(method string, key interface{}) error

Set Method from the Auth Interface

func (*EncodeIt) Verify added in v0.0.7 

func (e *EncodeIt) Verify(value []byte, bias interface{}) (data []byte, iBias interface{}, err error)

Verify method from the Auth Interface

type HSTokenClaims added in v0.0.9 

type HSTokenClaims struct {
	Session string `json:"session"`
	jwt.StandardClaims
}

HSTokenClaims provides the required storage for JWT claims

func CheckHSToken added in v0.0.9 

func CheckHSToken(signedToken string, key []byte, d DigestIt) (
	session string,
	claim *HSTokenClaims,
	err error,
)

CheckHSToken function provides a way to verify the signed token and decode 

the underlying data.

func (*HSTokenClaims) Valid added in v0.0.9 

func (c *HSTokenClaims) Valid() error

Valid method for the `jwt.Claims` Interface

type HSTokenOptions added in v0.0.9 

type HSTokenOptions func(*hsTokenFn) *hsTokenFn

HSTokenOptions provides the functional options for the GetHSToken function

func HSTokenDuration added in v0.0.9 

func HSTokenDuration(d time.Duration) HSTokenOptions

HSTokenDuration functional option sets the Duration after which the token expires

func HSTokenExpiry added in v0.0.9 

func HSTokenExpiry(ex time.Time) HSTokenOptions

HSTokenExpiry functional option sets the Exact Expiry time of the token

func HSTokenWith added in v0.0.9 

func HSTokenWith(ID, audience, issuer, subject string) HSTokenOptions

HSTokenWith functional option sets the additional parameters in the JWT token

type Pbkdf2Options added in v0.0.8 

type Pbkdf2Options func(*pbkdf2Fn) *pbkdf2Fn

Pbkdf2Options type provides a way to create functional options for PBKDF2

func Pbkdf2Salt added in v0.0.8 

func Pbkdf2Salt(buf []byte) Pbkdf2Options

Pbkdf2Salt sets a fixed salt for PBKDF2 Key derivation

func Pbkdf2With added in v0.0.8 

func Pbkdf2With(rounds, size int) Pbkdf2Options

Pbkdf2With sets the number of rounds and output size of the PBKDF2

Source Files

View all Source files

Directories

Path Synopsis
Package aesgcm provides easy to use function to perform encryption and decryption using the secure AES-GCM AHEAD algorithm.
 Package aesgcm provides easy to use function to perform encryption and decryption using the secure AES-GCM AHEAD algorithm.
Package dec provides an easy way to decide data from multiple commonly used formats such as Hex and Base64.
 Package dec provides an easy way to decide data from multiple commonly used formats such as Hex and Base64.
Package enc provides an easy way to encode data in multiple commonly used formats such as Hex and Base64.
 Package enc provides an easy way to encode data in multiple commonly used formats such as Hex and Base64.
Package hash provides an easy way to generate digest or one way hash.
 Package hash provides an easy way to generate digest or one way hash.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.