auth

package

v3.5.0+incompatible Latest Latest Go to latest Published: Nov 29, 2018 License: Apache-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/lushdigital/microservice-core-golang

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func ContextWithConsumer(parent context.Context, consumer Consumer) context.Context
func EnsureRequestID(next http.Handler) http.Handler
func HandlerGrants(grants []string, next http.HandlerFunc) http.HandlerFunc
func HandlerValidateJWT(pk *rsa.PublicKey, next http.HandlerFunc) http.HandlerFunc
func NewContextWithRequestID(c context.Context, r *http.Request) context.Context
func ParseJWT(pk *rsa.PublicKey, raw string) (*jwt.Token, error)
func RequestIDFromContext(c context.Context) string
func RespondToJWT(pk *rsa.PublicKey, raw string, responder JWTResponder)
type Claims
type Consumer
- func ConsumerFor(token *jwt.Token) (*Consumer, error)
- func ConsumerFromContext(c context.Context) Consumer
- func (c *Consumer) HasAnyGrant(grants ...string) bool
- func (c *Consumer) IsUser(userID int64) bool
type ErrAssertClaims
- func (e *ErrAssertClaims) Error() string
type ErrUnexpectedSigningMethod
- func (e *ErrUnexpectedSigningMethod) Error() string
type JWTResponder
type Tokeniser
- func NewMockTokeniser() (*Tokeniser, error)
- func NewTokeniser(privateKey *rsa.PrivateKey, publicKey *rsa.PublicKey, issuer string) *Tokeniser
- func NewTokeniserFromKeyPair(privateKeyB, publicKeyB []byte, issuer string) (*Tokeniser, error)
- func NewTokeniserFromPublicKey(pkb []byte) (*Tokeniser, error)
- func (t *Tokeniser) GenerateToken(consumer *Consumer) (string, error)
- func (t *Tokeniser) GetTokenConsumer(raw string) *Consumer
- func (t *Tokeniser) GetTokenExpiry(raw string) time.Time
- func (t *Tokeniser) ParseToken(raw string) (*jwt.Token, error)
- func (t *Tokeniser) ValidateToken(raw string) (bool, error)

Constants ¶

View Source

const (
	// TokenValidPeriod is the default amount of minutes a token is valid
	TokenValidPeriod = 60
)

Variables ¶

View Source

var (
	// ErrTokenMalformed is the message to return for a malformed token.
	ErrTokenMalformed = errors.New("token malformed")

	// ErrTokenExpired is the message to return for an expired token.
	ErrTokenExpired = errors.New("token expired or not yet valid")

	// ErrTokenInvalid is the message to return for an invalid token.
	ErrTokenInvalid = errors.New("invalid token")
)

Functions ¶

func ContextWithConsumer ¶

func ContextWithConsumer(parent context.Context, consumer Consumer) context.Context

ContextWithConsumer takes a context and a service consumer and returns a new context with the consumer embedded.

func EnsureRequestID ¶

func EnsureRequestID(next http.Handler) http.Handler

EnsureRequestID will create a Request ID header if one is not found. It will then place the request ID into the request's context.

func HandlerGrants ¶

func HandlerGrants(grants []string, next http.HandlerFunc) http.HandlerFunc

HandlerGrants is an HTTP handler to check that the consumer in the request context has the required grants.

func HandlerValidateJWT ¶

func HandlerValidateJWT(pk *rsa.PublicKey, next http.HandlerFunc) http.HandlerFunc

HandlerValidateJWT takes a JWT from the request headers, attempts validation and returns a http handler.

func NewContextWithRequestID ¶

func NewContextWithRequestID(c context.Context, r *http.Request) context.Context

NewContextWithRequestID takes a context and an *http.Request and returns a new context with the RequestID.

func ParseJWT ¶

func ParseJWT(pk *rsa.PublicKey, raw string) (*jwt.Token, error)

ParseJWT parses a JWT string and checks its signature validity DEPRECATED: This should no longer be used in favour of creating a tokeniser

func RequestIDFromContext ¶

func RequestIDFromContext(c context.Context) string

RequestIDFromContext extracts the RequestID from the supplied context.

func RespondToJWT ¶

func RespondToJWT(pk *rsa.PublicKey, raw string, responder JWTResponder)

RespondToJWT takes the raw JWT and the public RSA key

Types ¶

type Claims ¶

type Claims struct {
	Consumer Consumer `json:"consumer"`
	jwt.StandardClaims
}

Claims hold the JWT claims to user for a token

type Consumer ¶

type Consumer struct {
	ID        int64    `json:"id"`
	FirstName string   `json:"first_name"`
	LastName  string   `json:"last_name"`
	Language  string   `json:"language"`
	Grants    []string `json:"grants"`
}

Consumer represents an API user

func ConsumerFor ¶

func ConsumerFor(token *jwt.Token) (*Consumer, error)

ConsumerFor derives the Consumer from the JWT claims DEPRECATED: This should no longer be used in favour of creating a tokeniser

func ConsumerFromContext ¶

func ConsumerFromContext(c context.Context) Consumer

ConsumerFromContext extracts the consumer from the supplied context.

func (*Consumer) HasAnyGrant ¶

func (c *Consumer) HasAnyGrant(grants ...string) bool

HasAnyGrant checks if a consumer possess any of a given set of grants

func (*Consumer) IsUser ¶

func (c *Consumer) IsUser(userID int64) bool

IsUser checks if a consumer has the same ID as a user

type ErrAssertClaims ¶

type ErrAssertClaims struct {
	// contains filtered or unexported fields
}

ErrAssertClaims is thrown when asserting the type of claims

func (*ErrAssertClaims) Error ¶

func (e *ErrAssertClaims) Error() string

type ErrUnexpectedSigningMethod ¶

type ErrUnexpectedSigningMethod struct {
	// contains filtered or unexported fields
}

ErrUnexpectedSigningMethod is thrown when parsing a JWT encounters an unexpected signature method.

func (*ErrUnexpectedSigningMethod) Error ¶

func (e *ErrUnexpectedSigningMethod) Error() string

type JWTResponder ¶

type JWTResponder interface {
	OnUnauthorizedErr(err error)
	OnComplete(token *jwt.Token)
}

JWTResponder defines the behaviour of validating a JWT

type Tokeniser ¶

type Tokeniser struct {
	// contains filtered or unexported fields
}

Tokeniser is the auth tokeniser for JSON Web Tokens

func NewMockTokeniser ¶

func NewMockTokeniser() (*Tokeniser, error)

NewMockTokeniser creates a new tokeniser with a random key pair

func NewTokeniser ¶

func NewTokeniser(privateKey *rsa.PrivateKey, publicKey *rsa.PublicKey, issuer string) *Tokeniser

NewTokeniser returns a new JWT instance

func NewTokeniserFromKeyPair ¶

func NewTokeniserFromKeyPair(privateKeyB, publicKeyB []byte, issuer string) (*Tokeniser, error)

NewTokeniserFromKeyPair parses a public key to

func NewTokeniserFromPublicKey ¶

func NewTokeniserFromPublicKey(pkb []byte) (*Tokeniser, error)

NewTokeniserFromPublicKey parses a public key to

func (*Tokeniser) GenerateToken ¶

func (t *Tokeniser) GenerateToken(consumer *Consumer) (string, error)

GenerateToken generates and returns an authentication token.

func (*Tokeniser) GetTokenConsumer ¶

func (t *Tokeniser) GetTokenConsumer(raw string) *Consumer

GetTokenConsumer returns the consumer details for a given auth token.

func (*Tokeniser) GetTokenExpiry ¶

func (t *Tokeniser) GetTokenExpiry(raw string) time.Time

GetTokenExpiry returns the expiry date for a given auth token.

func (*Tokeniser) ParseToken ¶

func (t *Tokeniser) ParseToken(raw string) (*jwt.Token, error)

ParseToken takes a string and returns a valid jwt token

func (*Tokeniser) ValidateToken ¶

func (t *Tokeniser) ValidateToken(raw string) (bool, error)

ValidateToken validates an authentication token and returns true/false based upon the result.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL