Documentation
¶
Overview ¶
Package jwt includes a parser, generator and a middleware to checks if a request-token is valid. If not a StatusUnauthorized (401) will return.
Claims must implement the jwt.Claimer interface. Like this its easy to extend. A standard Claim is defined which can get embedded in your struct to avoid rewriting all of the functions.
Config struct for a simple token configuration is provided.
By default the claim of a valid token will be passed to the request context by the key jwt.CLAIM. Its searching the Token in the cookies by the key "jwt.CookieJwt". A setCookie function exits which can be used by the custom authentication implementation.
cfg := jwt.Config{Issuer: "mock", Alg: jMW.HS256, Subject: "test", Audience: "gotest", Duration: 10 * time.Minutes, SignKey: "secret"}
jtoken, err := jwt.New(cfg, &claim)
middleware.Add(jtoken.MW)
Index ¶
- Constants
- Variables
- type Claim
- func (c *Claim) Aud() string
- func (c *Claim) Exp() int64
- func (c *Claim) Iat() int64
- func (c *Claim) Iss() string
- func (c *Claim) Jid() string
- func (c *Claim) Nbf() int64
- func (c *Claim) Render() interface{}
- func (c *Claim) SetAud(aud string)
- func (c *Claim) SetExp(exp int64)
- func (c *Claim) SetIat(iat int64)
- func (c *Claim) SetIss(iss string)
- func (c *Claim) SetJid(id string)
- func (c *Claim) SetNbf(nbf int64)
- func (c *Claim) SetSub(sub string)
- func (c *Claim) Sub() string
- type Claimer
- type Config
- type Cookie
- type RefreshConfig
- type Token
Constants ¶
const ( CookieJwt = "JWT_TOKEN" CookieRefresh = "REFRESH_TOKEN" )
Cookie constants
const ( HS256 = "HS256" HS384 = "HS384" HS512 = "HS512" )
Algorithms
const CLAIM = "JWT"
CLAIM is added to the request ctx.
Variables ¶
var ( ErrConfigNotValid = errors.New("jwt: config is not valid") ErrSigningMethod = errors.New("jwt: unexpected signing method: %v") ErrInvalidClaim = errors.New("jwt: token claims are invalid %v") ErrTokenExpired = errors.New("jwt: token is expired") )
Error messages.
Functions ¶
This section is empty.
Types ¶
type Claim ¶
type Claim struct {
jwt.StandardClaims
}
Claim that implements the Claimer interface.
type Claimer ¶
type Claimer interface {
SetJid(string)
Jid() string
SetIss(string)
Iss() string
SetAud(string)
Aud() string
SetSub(string)
Sub() string
Iat() int64
SetIat(int64)
Exp() int64
SetExp(int64)
Nbf() int64
SetNbf(int64)
// Render should return the needed data for the frontend.
Render() interface{}
// Valid is defined in the jwt-go package but can get overwritten here.
Valid() error
}
Claimer interface
type Config ¶
type Config struct {
Alg string // algorithm (HS256, HS384, HS512)
Issuer string // issuer
Audience string // audience
Subject string // subject
Duration time.Duration // the ttl of the token (suggested short lived PT15M)
SignKey string // the sign key. atm only a key, later on it can also be a file path
RefreshToken RefreshConfig // true if a refresh token should get created
}
Config of the jwt token.
type Cookie ¶
type Cookie struct {
}
Cookie to set or fetch the data.
type RefreshConfig ¶
type RefreshConfig struct {
Duration time.Duration // the ttl of the refresh token. 0 = infinity (suggested long lived P30DT)
}
RefreshConfig - @TODO this should be handled in the middleware not in the controller, create custom functions.
type Token ¶
type Token struct {
// contains filtered or unexported fields
}
Token struct
func (*Token) Generate ¶
Generate a new token with the given claim. A signed token and refresh token will return. The refresh token is a uuid. Error will return if the token could not get signed.
func (*Token) MW ¶
func (t *Token) MW(h http.HandlerFunc) http.HandlerFunc
MW will be passed to the middleware.
Source Files