jwt

package
v0.1.13 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 9, 2021 License: MIT Imports: 9 Imported by: 0

Documentation

Overview

Package jwt provides a parser, generator and a middleware to checks if a jwt-token is valid. If not, a StatusUnauthorized (401) will return.

Claims must implement the jwt.Claimer interface. A standard Claim is defined which can get embedded in your struct to avoid rewriting all of the functions.

Config struct for a simple token configuration is provided.

Generate: will set the CookieRefresh, the Claim gets generated and calls the CallbackGenerate function. After that, the token gets signed and the CookieJWT gets set.

Parse: will check the CookieJWT and parses the string. The claim will be checked if its valid. If the claim is expired, the CallbackRefresh function will be called, to check if a new token should be generated. On success the request.Context CLAIM will be set.

A refresh token will only be generated if a refresh callback is set and the CookieJWT and CookieRefresh is available.

Index

Constants

View Source 
const (
	CookieJWT     = "JWT"
	CookieRefresh = "REFRESH"
)

Cookie constants

View Source 
const (
	HS256 = "HS256"
	HS384 = "HS384"
	HS512 = "HS512"
)

allowed algorithms.

View Source 
const CLAIM = "JWT"

CLAIM key for the request ctx.

Variables

View Source 
var (
	ErrConfigNotValid = errors.New("jwt: config is not valid")
	ErrSigningMethod  = "jwt: unexpected signing method: %v"
	ErrInvalidClaim   = "jwt: claim is not valid %s: %#v"
	ErrTokenExpired   = errors.New("jwt: token is expired")
)

Error messages.

Functions 

func Cookie(r *http.Request, name string) (string, error)

Cookie returns a cookie by name. If it does not exist, an error will return.

func NewCookie 

func NewCookie(w http.ResponseWriter, name string, value string, ttl time.Duration)

NewCookie creates a cookie with the given name, value and expiration. Additionally this cookie is http only and secured.

Types

type Claim 

type Claim struct {
	jwt.StandardClaims
}

Claim type implements the Claimer interface and extends the jwt.StandardClaims.

func (*Claim) Aud 

func (c *Claim) Aud() string

Aud get the AUDIENCE of the token.

func (*Claim) Exp 

func (c *Claim) Exp() int64

Exp get the EXPIRED of the token.

func (*Claim) Iat 

func (c *Claim) Iat() int64

Iat get the ISSUED AT of the token.

func (*Claim) Iss 

func (c *Claim) Iss() string

Iss get the ISSUER of the token.

func (*Claim) Jid 

func (c *Claim) Jid() string

Jid get the JID of the token.

func (*Claim) Nbf 

func (c *Claim) Nbf() int64

Nbf get the NOT BEFORE of the token.

func (*Claim) Render 

func (c *Claim) Render() interface{}

Render should return the needed claim data for the frontend.

func (*Claim) SetAud 

func (c *Claim) SetAud(aud string)

SetAud set the AUDIENCE of the token.

func (*Claim) SetExp 

func (c *Claim) SetExp(exp int64)

SetExp set the EXPIRED of the token.

func (*Claim) SetIat 

func (c *Claim) SetIat(iat int64)

SetIat set the ISSUED AT of the token.

func (*Claim) SetIss 

func (c *Claim) SetIss(iss string)

SetIss set the ISSUER of the token.

func (*Claim) SetJid 

func (c *Claim) SetJid(id string)

SetJid set the JID of the token.

func (*Claim) SetNbf 

func (c *Claim) SetNbf(nbf int64)

SetNbf set the NOT BEFORE of the token.

func (*Claim) SetSub 

func (c *Claim) SetSub(sub string)

SetSub set the SUBJECT of the token.

func (*Claim) Sub 

func (c *Claim) Sub() string

Sub get the SUBJECT of the token.

func (*Claim) Valid 

func (c *Claim) Valid() error

Valid the claim.

type Claimer 

type Claimer interface {
	Jid() string
	SetJid(string)
	Iss() string
	SetIss(string)
	Aud() string
	SetAud(string)
	Sub() string
	SetSub(string)
	Iat() int64
	SetIat(int64)
	Exp() int64
	SetExp(int64)
	Nbf() int64
	SetNbf(int64)

	// UserID should return the user id.
	UserID() interface{}
	// Render should return the needed data for the frontend.
	Render() interface{}
	// Valid is defined in the jwt-go package but can get overwritten here.
	Valid() error
}

Claimer interface.

type Config 

type Config struct {
	Alg          string        // algorithm (HS256, HS384, HS512)
	Issuer       string        // issuer
	Audience     string        // audience
	Subject      string        // subject
	Expiration   time.Duration // the ttl of the token (suggested short lived 15 Minutes). 0 is not allowed.
	SignKey      string        // the sign key. atm only a key, later on it can also be a file path
	RefreshToken RefreshConfig // true if a refresh token should get created
}

Config of the jwt token.

type RefreshConfig 

type RefreshConfig struct {
	Expiration time.Duration // 0 means infinity.
}

RefreshConfig config.

type Token 

type Token struct {

	// should be used to check if the refresh token is still valid. Error should return if not.
	CallbackRefresh func(http.ResponseWriter, *http.Request, Claimer) error
	// should be used to check user data and update the claim, before the token gets generated.
	CallbackGenerate func(http.ResponseWriter, *http.Request, Claimer, string) error
	// contains filtered or unexported fields
}

Token struct.

func New 

func New(config Config, claimer Claimer) (*Token, error)

New token instance. Error will return if the config is invalid.

func (*Token) Generate 

func (t *Token) Generate(w http.ResponseWriter, r *http.Request) (Claimer, error)

Generate a new token. Refresh cookie will be set, a new Claim generated and passed to the callback function - if defined. The JWT token gets signed and set as JTW cookie. Error will return if the token could not get signed or the callback function returns an error.

func (*Token) MW 

func (t *Token) MW(h http.HandlerFunc) http.HandlerFunc

MW will be passed to the middleware.

func (*Token) Parse 

func (t *Token) Parse(w http.ResponseWriter, r *http.Request) error

Parse the JWT cookie. The Claim will be checked if its valid. If the Claim is expired, the refresh Callback will be called to generate a new Token. The Claim will be set as request context JWT. A refresh token will only be generated if the CookieJWT (expired) and CookieRefresh is set.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.