userclaimjwt

package

v0.0.0-...-41c5914 Latest Latest Go to latest Published: May 10, 2018 License: MIT Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/gokit/jwtkit

Links

Open Source Insights

README ¶

UserClaim HTTP API

UserClaim HTTP API is a auto generated http api for the struct UserClaim.

The API expects the user to implement and provide the backend interface to provided underline db interaction:

type IdentityBackend interface {
	Count(context.Context) (int, error)
	Delete(context.Context, string) error
	Get(context.Context, string) (Identity, error)
	Update(context.Context, string, Identity) error
	Revoke(context.Context, string) error
	Refresh(context.Context, string) (JWTAuth, error)
	GetAll(context.Context, string, string, int, int) ([]Identity, int, error)
	Grant(context.Context, example.CreateUserSession) (JWTAuth, error)
	Authenticate(context.Context, string) (example.UserClaim, error)
}


var contractDataJSON = `{


    "password":	"3mkbzeb1pooel6mxw38z",

    "expiration":	null,

    "email":	"DorothyBurns@Buzzbean.gov"

}`

blacklist := mock.TokenBackend()
whitelist := mock.TokenBackend()
idb := mock.IdentityBackend()
jwter := userclaimjwt.NewJWTIdentity(userclaimjwt.JWTConfig{
    Maker:               noSecureUser,
    Signer:              "wellington",
    Secrets:             secretFunc,
    Method:              jwt.SigningMethodHS256,
    AccessTokenExpires:  600 * time.Millisecond,
    RefreshTokenExpires: 1 * time.Second,
}, blacklist, whitelist, idb)

var cred example.CreateUserSession
if jsnerr := json.Unmarshal([]byte(contractDataJSON), &cred); jsnerr != nil {
    log.Fatal(jserr)
}

auth, err := jwter.Grant(context.Background(), cred)

Documentation ¶

Overview ¶

Package userclaimjwt provides a auto-generated package which contains a API for authentication using JWT.

Index ¶

Variables
type Identities
type Identity
- func (id Identity) Validate() error
type IdentityAccess
type IdentityBackend
type IdentityDB
type IdentityInfo
type IdentityMaker
type IdentityOps
type IdentityToken
type JWTAuth
- func (ja JWTAuth) Validate() error
type JWTClaim
type JWTConfig
type JWTError
- func (t JWTError) Error() string
type JWTIdentity
- func NewJWTIdentity(config JWTConfig, whitelist tokens.TokenSet, blacklist tokens.TokenSet, ...) JWTIdentity
- func (jwa JWTIdentity) Authenticate(ctx context.Context, accessToken string) (example.UserClaim, error)
- func (jwa JWTIdentity) Grant(ctx context.Context, cr example.CreateUserSession) (JWTAuth, error)
- func (jwa JWTIdentity) Refresh(ctx context.Context, encodedRefreshToken string) (JWTAuth, error)
- func (jwa JWTIdentity) Revoke(ctx context.Context, encodedRefreshToken string) error
type Testimony
type TokenSecrets
type TokenValidator

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrNotFound                = errors.New("not found")
	ErrInvalidIdentity         = errors.New("provided Identity is invalid")
	ErrParseJWTToken           = errors.New("parse error: invalid jwt token")
	ErrNoJWTAuthorizationToken = errors.New("no jwt authorization token")
	ErrInternalError           = errors.New("backend failed with error")
	ErrInvalidJWTToken         = errors.New("received jwt token is invalid")
	ErrUnexpectedJWTClaim      = errors.New("jwt token claim is not expected type")
	ErrExpiredJWTToken         = errors.New("received jwt token is expired")
	ErrInvalidRefreshToken     = errors.New("Invalid refresh token")
	ErrTokenRefreshDenied      = errors.New("refresh_token already blacklist")
	ErrExpiredRefreshToken     = errors.New("refresh_token already expired")
	ErrNoTargetHeaderInToken   = errors.New("token.Header has no 'jwt-target-id'")
	ErrExpiredAccessToken      = errors.New("access_token already expired")
	ErrInvalidSigningMethod    = errors.New("token signing method mismatched")
	ErrFailedToGetSecret       = errors.New("target-id failed to get secret from secrets function")
)

errors ...

Functions ¶

This section is empty.

Types ¶

type Identities ¶

type Identities struct {
	Page            int        `json:"page"`
	ResponsePerPage int        `json:"responsePerPage"`
	TotalRecords    int        `json:"total_records"`
	Records         []Identity `json:"records"`
}

Identities defines a type to represent the response given to a request for all records of the type example.Identity.

type Identity ¶

type Identity struct {
	PublicID        string            `json:"public_id"`
	RefreshToken    string            `json:"refresh_token"`
	Expires         int64             `json:"expires"`
	TargetID        string            `json:"target_id"`
	LastLogin       int64             `json:"last_login"`
	IssuedAt        int64             `json:"last_login"`
	RefreshInterval time.Duration     `json:"refresh_interval"`
	Data            example.UserClaim `json:"data"`
}

Identity embodies data stored for a user's login credentials.

func (Identity) Validate ¶

func (id Identity) Validate() error

Validate returns an error if giving Identity does not match desired field value state.

type IdentityAccess ¶

type IdentityAccess struct {
	Type        string `json:"type"`
	AccessToken string `json:"access_token"`
}

IdentityAccess embodies data received over api calls to revoke or refresh a identity token.

type IdentityBackend ¶

type IdentityBackend interface {
	IdentityOps
	Count(context.Context) (int, error)
	Delete(context.Context, string) error
	Get(context.Context, string) (Identity, error)
	Update(context.Context, string, Identity) error
	GetAll(context.Context, string, string, int, int) ([]Identity, int, error)
}

IdentityBackend defines an interface that expose a backend interface which can expose methods that contain all necessary logic for interaction with api for http endpoints.

type IdentityDB ¶

type IdentityDB interface {
	Count(ctx context.Context) (int, error)
	Delete(ctx context.Context, publicID string) error
	Create(ctx context.Context, elem Identity) error
	Get(ctx context.Context, publicID string) (Identity, error)
	Update(ctx context.Context, publicID string, elem Identity) error
	GetAllByOrder(ctx context.Context, order string, orderBy string) ([]Identity, error)
	GetByField(ctx context.Context, key string, value interface{}) (Identity, error)
	GetAll(ctx context.Context, order string, orderBy string, page int, responsePerPage int) ([]Identity, int, error)
}

IdentityDB defines an interface which exposes a underline storage system for retrieving and storing identity records. @implement

type IdentityInfo ¶

type IdentityInfo struct {
	Total int `json:"total"`
}

IdentityInfo contains meta-data regarding all records in db of type Identity.

type IdentityMaker ¶

type IdentityMaker func(context.Context, JWTConfig, example.CreateUserSession) (Testimony, error)

IdentityMaker defines a function type provided by maker for generating identity claim.

type IdentityOps ¶

type IdentityOps interface {
	Revoke(context.Context, string) error
	Refresh(context.Context, string) (JWTAuth, error)
	Grant(context.Context, example.CreateUserSession) (JWTAuth, error)
	Authenticate(context.Context, string) (example.UserClaim, error)
}

IdentityOps embodies method specific for grant, authenticating, revoking and refreshing identities.

type IdentityToken ¶

type IdentityToken struct {
	RefreshToken string `json:"refresh_token"`
}

IdentityToken embodies data received over api calls to refresh or revoke a identity token.

type JWTAuth ¶

type JWTAuth struct {
	AccessToken    string `json:"access_token"`
	RefreshToken   string `json:"refresh_token"`
	TokenType      string `json:"token_type"`
	Expires        int64  `json:"expires"`
	RefreshExpires int64  `json:"refresh_expires"`
}

JWTAuth embodies data provided as response to a token refresh or sso login operation.

func (JWTAuth) Validate ¶

func (ja JWTAuth) Validate() error

Validate returns an error if giving JWTAuth does not match desired field value state.

type JWTClaim ¶

type JWTClaim struct {
	jwt.StandardClaims
	SpecialID string `json:"special_id"`
	Data      example.UserClaim
}

JWTClaim embodies the data attached with the standard claims.

type JWTConfig ¶

type JWTConfig struct {
	Signer              string
	AccessTokenExpires  time.Duration
	RefreshTokenExpires time.Duration
	Maker               IdentityMaker
	Secrets             TokenSecrets
	Validator           TokenValidator
	Method              jwt.SigningMethod
}

JWTConfig embodies the field for configuring JWTBackend.

type JWTError ¶

type JWTError struct {
	Err    error `json:"err"`
	SrcErr error `json:"srcerr"`
}

JWTError embodies data sent as error for a operation.

func (JWTError) Error ¶

func (t JWTError) Error() string

Error returns the underline combined src and err error values associated with the error instance.

type JWTIdentity ¶

type JWTIdentity struct {
	IdentityDB
	// contains filtered or unexported fields
}

JWTIdentity implements the IdentityBackend interface and embodies all necessary method for granting, revoking and refreshing jwt access and refresh tokens.

func NewJWTIdentity ¶

func NewJWTIdentity(config JWTConfig, whitelist tokens.TokenSet, blacklist tokens.TokenSet, backend IdentityDB) JWTIdentity

NewJWTIdentity returns a new JWTIdentity instance which embodies and implements the IdentityBackend interface.

func (JWTIdentity) Authenticate ¶

func (jwa JWTIdentity) Authenticate(ctx context.Context, accessToken string) (example.UserClaim, error)

Authenticate attempts to authenticate users access token to validate user's

func (JWTIdentity) Grant ¶

func (jwa JWTIdentity) Grant(ctx context.Context, cr example.CreateUserSession) (JWTAuth, error)

Grant generates a new jwt token for provided credential contract if valiated to be correct and authorizable. It returns a json of JWTClaim.

func (JWTIdentity) Refresh ¶

func (jwa JWTIdentity) Refresh(ctx context.Context, encodedRefreshToken string) (JWTAuth, error)

Refresh attempts to provide a new access token through the provided refresh token if valid. Allow the user to get new token for access to underline resources.

func (JWTIdentity) Revoke ¶

func (jwa JWTIdentity) Revoke(ctx context.Context, encodedRefreshToken string) error

Revoke exists for the purpose to actively revoke a an existing jwt record refresh token which then revokes all present and pending

type Testimony ¶

type Testimony struct {
	TargetID string
	Data     example.UserClaim
}

Testimony embodies data returned by user for creation of new identity claim.

type TokenSecrets ¶

type TokenSecrets func(context.Context, JWTConfig, string) ([]byte, error)

TokenSecrets defines a function type when provided the config and target id received from the Identity maker will return a byte slice which represent the secret the token is signed with.

type TokenValidator ¶

type TokenValidator func(context.Context, JWTConfig, *jwt.Token) error

TokenValidator defines a function type provided by user for custom validating incoming token.

Source Files ¶

View all Source files

userclaimjwt.go

Directories ¶

Path	Synopsis
mock

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL