Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( ErrExpired = errors.New("authentication: token is expired") ErrNBFInvalid = errors.New("authentication: token nbf validation failed") ErrIATInvalid = errors.New("authentication: token iat validation failed") ErrNoTokenFound = errors.New("authentication: no token found") ErrAlgoInvalid = errors.New("authentication: algorithm mismatch") )
Library errors
var ( TokenCtxKey = &contextKey{"Token"} AccessClaimsCtxKey = &contextKey{"AccessClaims"} ErrorCtxKey = &contextKey{"Error"} )
Context keys
Functions ¶
func NewContext ¶
NewContext creates a new context with JWT token and error
Types ¶
type AppClaims ¶
type AppClaims struct { // ID for the account UserID string `json:"uid,omitempty"` // Name of the account e.g. an email or username Name string `json:"name,omitempty"` // Roles the account has access too Roles []Role `json:"roles,omitempty"` // Type of the account, e.g. user Type string `json:"type,omitempty"` // Metadata associated with the account Metadata map[string]interface{} `json:"metadata,omitempty"` // https://tools.ietf.org/html/rfc7519#section-4.1 jwt.StandardClaims }
AppClaims represent the claims parsed from JWT access token.
func AppClaimsFromCtx ¶
AppClaimsFromCtx retrieves the parsed AppClaims from request context.
func (*AppClaims) ParseClaims ¶
ParseClaims parses JWT claims into AppClaims.
type Config ¶
type Config struct { // Algorithm to be used for for signing and validating JWT token JwtAuthAlgo string `json:"jwtAuthAlgo"` // JWT token expiry duration JwtExpiry time.Duration `json:"jwtExpiry"` // Refresh token expiry duration JwtRefreshExpiry time.Duration `json:"jwtRefreshExpiry"` // Private key used for generating JWT token SignKey interface{} `json:"signKey"` // Public key used to validate the JWT token VerifyKey interface{} `json:"verifyKey"` // Custom JWT Parser *jwt.Parser is custom parser settings introduced in jwt-go/v2.4.0. JwtParser *jwt.Parser `json:"jwtParser"` }
Config holds the configuration for the jwtauth
type JWTAuth ¶
type JWTAuth interface { // Functions to create JWTs GenTokenPair(accessClaims *AppClaims, refreshClaims *RefreshClaims) (string, string, error) CreateJWT(c *AppClaims) (string, error) CreateRefreshJWT(c *RefreshClaims) (string, error) // Middlewares for validating JWT tokens Authenticate(next http.Handler) http.Handler Verify() func(http.Handler) http.Handler RequiresRole(role Role) func(next http.Handler) http.Handler // Functions to extract tokens from http request TokenFromCookie(r *http.Request) string TokenFromHeader(r *http.Request) string TokenFromQuery(r *http.Request) string // Functions to encode and decode tokens Encode(claims jwt.Claims) (t *jwt.Token, tokenString string, err error) Decode(tokenString string) (t *jwt.Token, err error) // Utility functions for setting token expiry ExpireIn(tm time.Duration) int64 SetIssuedAt(claims jwt.MapClaims, tm time.Time) SetIssuedNow(claims jwt.MapClaims) SetExpiry(claims jwt.MapClaims, tm time.Time) SetExpiryIn(claims jwt.MapClaims, tm time.Duration) }
JWTAuth implements the JWTAuth methods
func NewJWTAuth ¶
NewJWTAuth creates a JWTAuth authenticator instance that provides middleware handlers and encoding/decoding functions for JWT signing. *jwt.Parser is custom parser settings introduced in jwt-go/v2.4.0.
type RefreshClaims ¶
type RefreshClaims struct { // ID for the account UserID string `json:"uid,omitempty"` // Roles the account has access too Roles []Role `json:"roles,omitempty"` // Metadata associated with the account Metadata map[string]interface{} `json:"metadata,omitempty"` // https://tools.ietf.org/html/rfc7519#section-4.1 jwt.StandardClaims }
RefreshClaims represents the claims parsed from JWT refresh token.
func (*RefreshClaims) ParseClaims ¶
func (c *RefreshClaims) ParseClaims(claims jwt.MapClaims) error
ParseClaims parses the JWT claims into RefreshClaims.