security

package

v1.0.13 Latest Latest Go to latest Published: Mar 10, 2020 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/bihe/commons-go

Documentation ¶

Overview ¶

Package security implements authentication / authorization by means of JWT tokens

Index ¶

Constants
func Authorize(required Claim, claims []string) (roles []string, err error)
func CreateToken(issuer string, key []byte, expiry int, c Claims) (string, error)
type Claim
type Claims
type JwtMiddleware
- func NewJwtMiddleware(options JwtOptions, settings cookies.Settings) *JwtMiddleware
- func (j *JwtMiddleware) JwtContext(next http.Handler) http.Handler
type JwtOptions
type JwtTokenPayload
- func ParseJwtToken(token, tokenSecret, issuer string) (JwtTokenPayload, error)
type MemoryCache
- func NewMemCache(duration time.Duration) *MemoryCache
- func (s *MemoryCache) Get(key string) *User
- func (s *MemoryCache) Set(key string, user *User)
type User

Constants ¶

View Source

const (
	// UserKey defines an authenticated user object stored in the context
	UserKey = "context_user"
)

Variables ¶

This section is empty.

Functions ¶

func Authorize ¶

func Authorize(required Claim, claims []string) (roles []string, err error)

Authorize validates the given claims and verifies if they match the required claim a claim entry is in the form "name|url|role"

func CreateToken ¶

func CreateToken(issuer string, key []byte, expiry int, c Claims) (string, error)

CreateToken uses the configuration and supplied parameter to create a new token

Types ¶

type Claim ¶

type Claim struct {
	// Name of the application
	Name string
	// URL of the application
	URL string
	// Roles possible roles
	Roles []string
}

Claim defines the authorization requirements

type Claims ¶

type Claims struct {
	Type        string   `json:"Type"`
	DisplayName string   `json:"DisplayName"`
	Email       string   `json:"Email"`
	UserID      string   `json:"UserId"`
	UserName    string   `json:"UserName"`
	GivenName   string   `json:"GivenName"`
	Surname     string   `json:"Surname"`
	Claims      []string `json:"Claims"`
}

Claims defines custom JWT claims for the token

type JwtMiddleware ¶ added in v1.0.3

type JwtMiddleware struct {
	// contains filtered or unexported fields
}

JwtMiddleware is used to authenticate a user based on a token the token is either retrieved by the well known Authorization header or fetched from a cookie

func NewJwtMiddleware ¶ added in v1.0.3

func NewJwtMiddleware(options JwtOptions, settings cookies.Settings) *JwtMiddleware

NewJwtMiddleware creates a new instance using the provided options

func (*JwtMiddleware) JwtContext ¶ added in v1.0.3

func (j *JwtMiddleware) JwtContext(next http.Handler) http.Handler

JwtContext performs the middleware action

type JwtOptions ¶ added in v1.0.3

type JwtOptions struct {
	// JwtSecret is the jwt signing key
	JwtSecret string
	// JwtIssuer specifies identifies the principal that issued the token
	JwtIssuer string
	// CookieName specifies the HTTP cookie holding the token
	CookieName string
	// RequiredClaim to access the application
	RequiredClaim Claim
	// RedirectURL forwards the request to an external authentication service
	RedirectURL string
	// CacheDuration defines the duration to cache the JWT token result
	CacheDuration string
	// ErrorPath is used if html errors are returned to the client
	ErrorPath string
}

JwtOptions defines presets for the Authentication handler by the default the JWT token is fetched from the Authentication header as a fallback it is possible to fetch the token from a specific cookie

type JwtTokenPayload ¶

type JwtTokenPayload struct {
	Type        string
	UserName    string
	Email       string
	Claims      []string
	UserID      string `json:"UserId"`
	DisplayName string
	Surname     string
	GivenName   string
	jwt.StandardClaims
}

JwtTokenPayload is the parsed contents of the given token

func ParseJwtToken ¶

func ParseJwtToken(token, tokenSecret, issuer string) (JwtTokenPayload, error)

ParseJwtToken parses, validates and extracts data from a jwt token

type MemoryCache ¶ added in v1.0.2

type MemoryCache struct {
	sync.Mutex
	// contains filtered or unexported fields
}

MemoryCache implements a simple cache

func NewMemCache ¶ added in v1.0.2

func NewMemCache(duration time.Duration) *MemoryCache

NewMemCache create a cache with the given TTL

func (*MemoryCache) Get ¶ added in v1.0.2

func (s *MemoryCache) Get(key string) *User

Get returns an Userobject by the given key

func (*MemoryCache) Set ¶ added in v1.0.2

func (s *MemoryCache) Set(key string, user *User)

Set puts an Userobject into the cache

type User ¶

type User struct {
	Username      string
	Roles         []string
	Email         string
	UserID        string
	DisplayName   string
	Authenticated bool
}

User is the authenticated principal extracted from the JWT token

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL