Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Middleware ¶
func Middleware(next http.Handler, auth ...Authenticator) http.Handler
Middleware creates a http handler middleware which authenticates responses using the provided Authenticators If authentication suceeds, the request will have a context which includes a User object If authentication fails, the context will have an authentication error
func MustParseRSAPrivateKeyFromPEM ¶
func MustParseRSAPrivateKeyFromPEM(key string) *rsa.PrivateKey
Types ¶
type Authenticator ¶
Authenticator takes a JWT, validates the JWT and generates a User object
func NewBeneficiaryAuthenticator ¶
func NewBeneficiaryAuthenticator(aud, iss string, key *rsa.PublicKey) Authenticator
NewBeneficiaryAuthenticator returns an Authenticator which authenticates only beneficiary JWTs
func NewJWTAuthenticator ¶
func NewJWTAuthenticator(aud, iss string, key *rsa.PublicKey) Authenticator
NewJWTAuthenticator returns an Authenticator which supports JWTs
type Generator ¶
type Generator interface {
GenerateBeneficiaryJWT(benID, meetingID string, expiry time.Duration) (jti, jwt string, err error)
}
Generator generates beneficiary JWTs for use with self assessments
func NewBeneficiaryJWTGenerator ¶
func NewBeneficiaryJWTGenerator(aud, iss string, private *rsa.PrivateKey) Generator
NewBeneficiaryJWTGenerator returns a beneficiary JWT generator using the provided audience, issuer and private RSA key
type User ¶
type User interface { // Organisation gets the active organisation the user belongs to // errors are expected if the user is a beneficiary Organisation() (string, error) // Organisations returns the zero or more organisations the user belongs to // Zero organisations will be returned for beneficairies // For most authorization, only the user's active organisation should be used Organisations() []string // UserID gets the user's ID within the system // for users this will be their auth0 IDs // for beneficiaries this will be their beneficiary ID UserID() string // IsBeneficiary returns true if the User is a beneficiary user // beneficiary users do not belong to an organisation and are normally limited in scope IsBeneficiary() bool // GetAssessmentScope returns true and the assessment ID if the user is restricted in scope to a single assessment // this is common for beneficiary users GetAssessmentScope() (string, bool) // IsSuperUser returns true if the User has a particular super user scope. // Super users typically don't belong to organisations and bypass typical permission checks. // This functionality is intended for communication between the various systems which make up Impactasaurus. IsSuperUser(scope string) bool }
User is an object which provides details about the user making the request to the API