go-jwt-middleware: github.com/auth0/go-jwt-middleware Index | Files

package jwtmiddleware

import "github.com/auth0/go-jwt-middleware"


Package Files


func FromAuthHeader Uses

func FromAuthHeader(r *http.Request) (string, error)

FromAuthHeader is a "TokenExtractor" that takes a give request and extracts the JWT token from the Authorization header.

func OnError Uses

func OnError(w http.ResponseWriter, r *http.Request, err string)

type JWTMiddleware Uses

type JWTMiddleware struct {
    Options Options

func New Uses

func New(options ...Options) *JWTMiddleware

New constructs a new Secure instance with supplied options.

func (*JWTMiddleware) CheckJWT Uses

func (m *JWTMiddleware) CheckJWT(w http.ResponseWriter, r *http.Request) error

func (*JWTMiddleware) Handler Uses

func (m *JWTMiddleware) Handler(h http.Handler) http.Handler

func (*JWTMiddleware) HandlerWithNext Uses

func (m *JWTMiddleware) HandlerWithNext(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)

Special implementation for Negroni, but could be used elsewhere.

type Options Uses

type Options struct {
    // The function that will return the Key to validate the JWT.
    // It can be either a shared secret or a public key.
    // Default value: nil
    ValidationKeyGetter jwt.Keyfunc
    // The name of the property in the request where the user information
    // from the JWT will be stored.
    // Default value: "user"
    UserProperty string
    // The function that will be called when there's an error validating the token
    // Default value:
    ErrorHandler errorHandler
    // A boolean indicating if the credentials are required or not
    // Default value: false
    CredentialsOptional bool
    // A function that extracts the token from the request
    // Default: FromAuthHeader (i.e., from Authorization header as bearer token)
    Extractor TokenExtractor
    // Debug flag turns on debugging output
    // Default: false
    Debug bool
    // When set, all requests with the OPTIONS method will use authentication
    // Default: false
    EnableAuthOnOptions bool
    // When set, the middelware verifies that tokens are signed with the specific signing algorithm
    // If the signing method is not constant the ValidationKeyGetter callback can be used to implement additional checks
    // Important to avoid security issues described here: https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/
    // Default: nil
    SigningMethod jwt.SigningMethod

Options is a struct for specifying configuration options for the middleware.

type TokenExtractor Uses

type TokenExtractor func(r *http.Request) (string, error)

TokenExtractor is a function that takes a request as input and returns either a token or an error. An error should only be returned if an attempt to specify a token was found, but the information was somehow incorrectly formed. In the case where a token is simply not present, this should not be treated as an error. An empty string should be returned in that case.

func FromFirst Uses

func FromFirst(extractors ...TokenExtractor) TokenExtractor

FromFirst returns a function that runs multiple token extractors and takes the first token it finds

func FromParameter Uses

func FromParameter(param string) TokenExtractor

FromParameter returns a function that extracts the token from the specified query string parameter

Package jwtmiddleware imports 7 packages (graph) and is imported by 47 packages. Updated 2017-04-26. Refresh now. Tools for package owners.