README
¶
mw-tokenauth
JWT Token Authentication Middleware for Buffalo.
Installation
$ go get github.com/gobuffalo/mw-tokenauth
Usage
For details on how to use this middleware, see the Go Reference
You can also gain insight into how to use it by looking at the tests
Documentation
¶
Overview ¶
Package tokenauth provides jwt token authorisation middleware supports HMAC, RSA, ECDSA, RSAPSS EdDSA algorithms uses github.com/golang-jwt/jwt/v4 for jwt implementation
Setting Up tokenauth middleware ¶
Using tokenauth with defaults
app.Use(tokenauth.New(tokenauth.Options{}))
Specifying Signing method for JWT
app.Use(tokenauth.New(tokenauth.Options{
SignMethod: jwt.SigningMethodRS256,
}))
By default the Key used is loaded from the JWT_SECRET or JWT_PUBLIC_KEY env variable depending on the SigningMethod used. However you can retrive the key from a different source.
app.Use(tokenauth.New(tokenauth.Options{
GetKey: func(jwt.SigningMethod) (interface{}, error) {
// Your Implementation here ...
},
}))
Default authorisation scheme is Bearer, you can specify your own.
app.Use(tokenauth.New(tokenauth.Options{
AuthScheme: "Token"
}))
Creating a new token ¶
This can be referred from the underlying JWT package being used https://github.com/golang-jwt/jwt
Example
claims := jwt.MapClaims{}
claims["userid"] = "123"
claims["exp"] = time.Now().Add(time.Minute * 5).Unix()
// add more claims
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
tokenString, err := token.SignedString([]byte(SecretKey))
Getting Claims from JWT token from buffalo context ¶
Example of retriving username from claims (this step is same regardless of the signing method used)
claims := c.Value("claims").(jwt.MapClaims)
username := claims["username"].(string)
Index ¶
- Variables
- func GetHMACKey(jwt.SigningMethod) (interface{}, error)
- func GetKeyECDSA(jwt.SigningMethod) (interface{}, error)
- func GetKeyRSA(jwt.SigningMethod) (interface{}, error)
- func GetKeyRSAPSS(signingMethod jwt.SigningMethod) (interface{}, error)
- func GetkeyEdDSA(jwt.SigningMethod) (interface{}, error)
- func New(options Options) buffalo.MiddlewareFunc
- type Options
Constants ¶
This section is empty.
Variables ¶
var ( // ErrTokenInvalid is returned when the token provided is invalid ErrTokenInvalid = errors.New("token invalid") // ErrNoToken is returned if no token is supplied in the request. ErrNoToken = errors.New("token not found in request") // ErrBadSigningMethod is returned if the token sign method in the request // does not match the signing method used ErrBadSigningMethod = errors.New("unexpected signing method") )
Functions ¶
func GetHMACKey ¶
func GetHMACKey(jwt.SigningMethod) (interface{}, error)
GetHMACKey gets secret key from env
func GetKeyECDSA ¶
func GetKeyECDSA(jwt.SigningMethod) (interface{}, error)
GetKeyECDSA gets the public.pem file location from env and returns ecdsa.PublicKey
func GetKeyRSA ¶
func GetKeyRSA(jwt.SigningMethod) (interface{}, error)
GetKeyRSA gets the public key file location from env and returns rsa.PublicKey
func GetKeyRSAPSS ¶
func GetKeyRSAPSS(signingMethod jwt.SigningMethod) (interface{}, error)
GetKeyRSAPSS uses GetKeyRSA() since both requires rsa.PublicKey
func GetkeyEdDSA ¶ added in v1.0.1
func GetkeyEdDSA(jwt.SigningMethod) (interface{}, error)
GetKeyECDSA gets the public.pem file location from env and returns eddsa.PublicKey
func New ¶
func New(options Options) buffalo.MiddlewareFunc
New enables jwt token verification if no Sign method is provided, by default uses HMAC
Source Files