gojwtcognito

package module

v1.1.0 Latest Latest Go to latest Published: Aug 16, 2020 License: MIT Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/bruno-chavez/gojwtcognito

Links

Open Source Insights

README ¶

gojwtcognito is an easy to use, small package designed to parse request headers and look for JWTs provided by AWS Cognito to either check if they are valid or get info from them.

Install

$ go get github.com/bruno-chavez/gojwtcognito

Usage

Import the package, call a NewCognitoChecker. From here you pass the object pointer to where you need to validate tokens, get claims or groups.

Usage Tips

You can then pass the CognitoChecker object pointer to other parts of your code that get called multiple times, like server handlers for example.
The region, User Pool ID and App Client can all be found inside AWS Cognito.
The supported tokens that Cognito uses for authentication are either accessToken or idToken.
If you need to check for user data like emails, names or associated groups idToken is what you are looking for.
The claims inside each JWT varies depends on the token type you pass to GetClaims.

Documentation

Check the GoDoc page for more info on what is available inside the package.

Examples

Generating the object


cognitoChecker := gojwtcognito.NewCognitoChecker(
                       "us-east-1",
                       "us-east-1_apwePSzx",
                       "3b1fh12qzvmgjuio563qtm678u",
                  )

Validating an accessToken

func verifyUser(w http.ResponseWriter, r *http.Request, c *cognitoChecker) {

    err := c.ValidateTokenFromHeader(r, "accessToken")
    if err != nil {
        log.Println(err)
        return
    }
    
    err = c.ValidateTokenFromHeader(r, "idToken")
    if err != nil {
        log.Println(err)
        return
    }

}

Looking up a specific claim

claims is a map of type map[string]interface{}

func Claims(w http.ResponseWriter, r *http.Request, c *cognitoChecker) {

    claims, err := c.GetClaims(r, "idToken")
    if err != nil {
        log.Println(err)
    }
    
    log.Println(claims["cognito:username"])
}

Looking up all the groups of a user

groups is a slice of type []string

func Groups(w http.ResponseWriter, r *http.Request, c *cognitoChecker) {

    groups, err := c.GetGroups(r)
    if err != nil {
        log.Println(err)
    }
    
    for _, v := range groups {
        fmt.Println(v)
    }
}

Contribute

Found a bug or an error? Post it in the issue tracker.

Want to add an awesome new feature? Fork this repository and add your feature, then send a pull request.

License

Documentation ¶

Overview ¶

Package gojwtcognito is an easy to use, small package designed to parse request headers and look for JWTs provided by AWS Cognito to either check if they are valid or get some data from them.

Index ¶

type CognitoChecker
- func NewCognitoChecker(region, userPool, appClient string) (*CognitoChecker, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type CognitoChecker ¶ added in v1.1.0

type CognitoChecker struct {
	// contains filtered or unexported fields
}

CognitoChecker is the main object of the API of the package. Contains information about your AWS Cognito configuration.

func NewCognitoChecker ¶ added in v1.1.0

func NewCognitoChecker(region, userPool, appClient string) (*CognitoChecker, error)

NewCognitoChecker is used for generating a CognitoChecker object and been able to use the library Needs the region, user pool id and app client id of your Cognito user pool to work properly

func (CognitoChecker) GetClaims ¶ added in v1.1.0

func (c CognitoChecker) GetClaims(request *http.Request, tokenType string) (map[string]interface{}, error)

GetClaims parses a request header and looks for a specific JWT from AWS Cognito. Returns a map with all the claims in it or an error if it is an invalid token. Use this function when you need the Cognito claims of a token.

func (CognitoChecker) GetGroups ¶ added in v1.1.0

func (c CognitoChecker) GetGroups(request *http.Request) ([]string, error)

GetGroups parses a request header and looks for a specific JWT from AWS Cognito. Returns a slice with all the groups of a user or an error if it is an invalid token. Use this function when you need the Cognito groups of a user.

func (CognitoChecker) ValidateTokenFromHeader ¶ added in v1.1.0

func (c CognitoChecker) ValidateTokenFromHeader(request *http.Request, tokenType string) error

ValidateTokenFromHeader parses a request header and looks for a specific JWT from AWS Cognito. Returns an error if its not valid or nil if it is. Use this function when you only need to check if a token is valid or not.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL