mw-tokenauth: github.com/gobuffalo/mw-tokenauth Index | Files

package tokenauth

import "github.com/gobuffalo/mw-tokenauth"

Package tokenauth provides jwt token authorisation middleware supports HMAC, RSA, ECDSA, RSAPSS algorithms uses github.com/dgrijalva/jwt-go for jwt implementation

Setting Up tokenauth middleware

Using tokenauth with defaults

app.Use(tokenauth.New(tokenauth.Options{}))

Specifying Signing method for JWT

app.Use(tokenauth.New(tokenauth.Options{
    SignMethod: jwt.SigningMethodRS256,
}))

By default the Key used is loaded from the JWT_SECRET or JWT_PUBLIC_KEY env variable depending on the SigningMethod used. However you can retrive the key from a different source.

app.Use(tokenauth.New(tokenauth.Options{
    GetKey: func(jwt.SigningMethod) (interface{}, error) {
         // Your Implementation here ...
    },
}))

Default authorisation scheme is Bearer, you can specify your own.

app.Use(tokenauth.New(tokenauth.Options{
    AuthScheme: "Token"
}))

Creating a new token

This can be referred from the underlying JWT package being used https://github.com/dgrijalva/jwt-go

Example

claims := jwt.MapClaims{}
claims["userid"] = "123"
claims["exp"] = time.Now().Add(time.Minute * 5).Unix()
// add more claims
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
tokenString, err := token.SignedString([]byte(SecretKey))

Getting Claims from JWT token from buffalo context

Example of retriving username from claims (this step is same regardless of the signing method used)

claims := c.Value("claims").(jwt.MapClaims)
username := claims["username"].(string)

Index

Package Files

tokenauth.go

Variables

var (
    // ErrTokenInvalid is returned when the token provided is invalid
    ErrTokenInvalid = errors.New("token invalid")
    // ErrNoToken is returned if no token is supplied in the request.
    ErrNoToken = errors.New("token not found in request")
    // ErrBadSigningMethod is returned if the token sign method in the request
    // does not match the signing method used
    ErrBadSigningMethod = errors.New("unexpected signing method")
)

func GetHMACKey Uses

func GetHMACKey(jwt.SigningMethod) (interface{}, error)

GetHMACKey gets secret key from env

func GetKeyECDSA Uses

func GetKeyECDSA(jwt.SigningMethod) (interface{}, error)

GetKeyECDSA gets the public.pem file location from env and returns ecdsa.PublicKey

func GetKeyRSA Uses

func GetKeyRSA(jwt.SigningMethod) (interface{}, error)

GetKeyRSA gets the public key file location from env and returns rsa.PublicKey

func GetKeyRSAPSS Uses

func GetKeyRSAPSS(signingMethod jwt.SigningMethod) (interface{}, error)

GetKeyRSAPSS uses GetKeyRSA() since both requires rsa.PublicKey

func New Uses

func New(options Options) buffalo.MiddlewareFunc

New enables jwt token verification if no Sign method is provided, by default uses HMAC

type Options Uses

type Options struct {
    SignMethod jwt.SigningMethod
    GetKey     func(jwt.SigningMethod) (interface{}, error)
    AuthScheme string
}

Options for the JWT middleware

Package tokenauth imports 7 packages (graph). Updated 2019-03-05. Refresh now. Tools for package owners.