Documentation ¶
Index ¶
- Variables
- func Authenticator(next http.Handler) http.Handler
- func EpochNow() int64
- func ExpireIn(tm time.Duration) int64
- func IsExpired(t *jwt.Token) bool
- func NewContext(ctx context.Context, t *jwt.Token, err error) context.Context
- func Verifier(ja *JwtAuth) func(http.Handler) http.Handler
- func Verify(ja *JwtAuth, paramAliases ...string) func(http.Handler) http.Handler
- func VerifyRequest(ja *JwtAuth, r *http.Request, paramAliases ...string) (*jwt.Token, error)
- type Claims
- func (c Claims) Get(k string) (interface{}, bool)
- func (c Claims) Set(k string, v interface{}) Claims
- func (c Claims) SetExpiry(tm time.Time) Claims
- func (c Claims) SetExpiryIn(tm time.Duration) Claims
- func (c Claims) SetIssuedAt(tm time.Time) Claims
- func (c Claims) SetIssuedNow() Claims
- func (c Claims) Valid() error
- type JwtAuth
Constants ¶
This section is empty.
Variables ¶
var ( TokenCtxKey = &contextKey{"Token"} ErrorCtxKey = &contextKey{"Error"} )
var ( ErrExpired = errors.New("jwtauth: token is expired") )
Functions ¶
func Authenticator ¶
Authenticator is a default authentication middleware to enforce access from the Verifier middleware request context values. The Authenticator sends a 401 Unauthorized response for any unverified tokens and passes the good ones through. It's just fine until you decide to write something similar and customize your client response.
func EpochNow ¶
func EpochNow() int64
Helper function that returns the NumericDate time value used by the spec
func Verifier ¶
Verifier http middleware handler will verify a JWT string from a http request.
Verifier will search for a JWT token in a http request, in the order:
- 'jwt' URI query parameter
- 'Authorization: BEARER T' request header
- Cookie 'jwt' value
The first JWT string that is found as a query parameter, authorization header or cookie header is then decoded by the `jwt-go` library and a *jwt.Token object is set on the request context. In the case of a signature decoding error the Verifier will also set the error on the request context.
The Verifier always calls the next http handler in sequence, which can either be the generic `jwtauth.Authenticator` middleware or your own custom handler which checks the request context jwt token and error to prepare a custom http response.
Types ¶
type Claims ¶
type Claims map[string]interface{}
Claims is a convenience type to manage a JWT claims hash.
func (Claims) SetExpiryIn ¶
Set expiry ("exp") in the claims to some duration from the present time and return itself so it can be chained
func (Claims) SetIssuedAt ¶
Set issued at ("iat") to specified time in the claims
func (Claims) SetIssuedNow ¶
Set issued at ("iat") to present time in the claims
type JwtAuth ¶
type JwtAuth struct {
// contains filtered or unexported fields
}
func New ¶
New creates a JwtAuth authenticator instance that provides middleware handlers and encoding/decoding functions for JWT signing.
func NewWithParser ¶
NewWithParser is the same as New, except it supports custom parser settings introduced in jwt-go/v2.4.0.
We explicitly toggle `SkipClaimsValidation` in the `jwt-go` parser so that we can control when the claims are validated - in our case, by the Verifier http middleware handler.