middleware

package
v0.0.0-...-721f978 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 22, 2017 License: MIT Imports: 8 Imported by: 0

Documentation

Overview

Package middleware defines HTTP middleware such as those used for user validation.

Index

Constants

View Source 
const (
	APIAuthTypeValue    = "API"
	DeviceAuthTypeValue = "DEVICE"
	AuthTypeHeader      = "X-FREYR-AUTHTYPE"
	TokenHeader         = "X-FREYR-TOKEN"
	AuthUserHeader      = "X-FREYR-USER"
	APIAuthDateHeader   = "X-FREYR-DATETIME"
	APISignatureHeader  = "X-FREYR-SIGNATURE"
)

Constant definitions for authorization type headers and header values.

Variables

This section is empty.

Functions

func Authorize 

func Authorize(auths ...Authorizer) apollo.Constructor

Authorize returns a piece of middleware that will verify if the request is authorized by and of the Authorizers passed in before calling subsequent handlers.

func SignRequest 

func SignRequest(s models.Secret, userEmail string, r *http.Request)

SignRequest builds a signing-string from the request's content and signs it with the given secret.

Types

type APIAuthorizer 

type APIAuthorizer struct {
	// contains filtered or unexported fields
}

APIAuthorizer is a type used to validate requests were signed in the manner expected of API style requests.

func NewAPIAuthorizer 

func NewAPIAuthorizer(ss models.SecretStore) *APIAuthorizer

NewAPIAuthorizer returns a new APIAuthorizer

func (*APIAuthorizer) Authorize 

func (a *APIAuthorizer) Authorize(ctx context.Context, r *http.Request) context.Context

Authorize validates that a request has been signed with a user's secret

type Authorizer 

type Authorizer interface {
	Authorize(ctx context.Context, r *http.Request) context.Context
}

Authorizer is an interface that represents types capable of validating if an HTTP request is authorized, and returning a context indicating the authorized user

type DeviceAuthorizer 

type DeviceAuthorizer struct {
	// contains filtered or unexported fields
}

DeviceAuthorizer is a type used to verify that a request was signed in the manner specified for requests from a device.

func NewDeviceAuthorizer 

func NewDeviceAuthorizer(ss models.SecretStore) *DeviceAuthorizer

NewDeviceAuthorizer returns a new *DeviceAuthorizer

func (*DeviceAuthorizer) Authorize 

func (d *DeviceAuthorizer) Authorize(ctx context.Context, r *http.Request) context.Context

Authorize validates a a valid JWT signature header is present signed by the user's secret and that the content in the signature matches the headers describing the user and core on who's behalf the request was made.

type WebAuthorizer 

type WebAuthorizer struct {
	// contains filtered or unexported fields
}

WebAuthorizer is used to verify if requests are signed in a manner expected users accessing the api via a web browser.

func NewWebAuthorizer 

func NewWebAuthorizer(tS token.JWTTokenGen) *WebAuthorizer

NewWebAuthorizer generates a new *WebAuthorizer

func (*WebAuthorizer) Authorize 

func (u *WebAuthorizer) Authorize(ctx context.Context, r *http.Request) context.Context

Authorize validates the request contains a cookie placed by the system's oauth handler and that the cookie has a valid signature signed by the master token.JtwTokenGen

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.