auth

package

v1.0.5 Latest Latest Go to latest Published: Feb 10, 2021 License: MIT Imports: 14 Imported by: 2

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/txsvc/service

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func CreateAuthorization(ctx context.Context, auth *Authorization) error
func CreateJWTAuthorizationEndpoint(c *gin.Context)
func CreateJWTToken(secret, realm, clientID, userID, scope string, duration int64) (string, error)
func GetBearerToken(c *gin.Context) string
func GetSecureJWTMiddleware(realm, secretKey string) (*jwt.GinJWTMiddleware, error)
func GetToken(ctx context.Context, clientID, authType string) (string, error)
func IdentityHandler(c *gin.Context) interface{}
func PayloadMappingHandler(data interface{}) jwt.MapClaims
func ScopeAuthorizationHandler(data interface{}, c *gin.Context) bool
func ValidateJWTAuthorizationEndpoint(c *gin.Context)
type Authorization
- func FindAuthorization(ctx context.Context, token string) (*Authorization, error)
- func GetAuthorization(ctx context.Context, clientID, authType string) (*Authorization, error)
- func (a *Authorization) IsValid() bool
type AuthorizationRequest
type AuthorizationResponse
type Client

Constants ¶

View Source

const (
	// DatastoreAuthorizations collection AUTHORIZATION
	DatastoreAuthorizations string = "AUTHORIZATIONS"

	// AuthTypeJWT constant jwt
	AuthTypeJWT = "jwt"
	// AuthTypeSlack constant salack
	AuthTypeSlack = "slack"
)

Variables ¶

This section is empty.

Functions ¶

func CreateAuthorization ¶ added in v0.0.4

func CreateAuthorization(ctx context.Context, auth *Authorization) error

CreateAuthorization creates all data needed for the OAuth fu

func CreateJWTAuthorizationEndpoint ¶ added in v0.12.0

func CreateJWTAuthorizationEndpoint(c *gin.Context)

CreateJWTAuthorizationEndpoint creates an JWT authorization

func CreateJWTToken ¶ added in v0.11.0

func CreateJWTToken(secret, realm, clientID, userID, scope string, duration int64) (string, error)

CreateJWTToken creates a token that can be used for JWT authentication / authorization

func GetBearerToken ¶ added in v0.12.0

func GetBearerToken(c *gin.Context) string

GetBearerToken extracts the bearer token

func GetSecureJWTMiddleware ¶

func GetSecureJWTMiddleware(realm, secretKey string) (*jwt.GinJWTMiddleware, error)

GetSecureJWTMiddleware instantiates a JWT middleware and all the necessary handlers

func GetToken ¶ added in v0.0.4

func GetToken(ctx context.Context, clientID, authType string) (string, error)

GetToken returns the oauth token of the workspace integration

func IdentityHandler ¶

func IdentityHandler(c *gin.Context) interface{}

IdentityHandler returns the Client structure

func PayloadMappingHandler ¶

func PayloadMappingHandler(data interface{}) jwt.MapClaims

PayloadMappingHandler extracts the client_id, user_id and scope of the request

func ScopeAuthorizationHandler ¶

func ScopeAuthorizationHandler(data interface{}, c *gin.Context) bool

ScopeAuthorizationHandler checks for required scopes

func ValidateJWTAuthorizationEndpoint ¶ added in v0.12.0

func ValidateJWTAuthorizationEndpoint(c *gin.Context)

ValidateJWTAuthorizationEndpoint verifies that the token is valid and exists in the authorization table

Types ¶

type Authorization ¶

type Authorization struct {
	ClientID  string `json:"client_id" binding:"required"` // UNIQUE
	Name      string `json:"name"`                         // name of the domain, realm, tennant etc
	Token     string `json:"token" binding:"required"`
	TokenType string `json:"token_type" binding:"required"` // user,app,bot
	UserID    string `json:"user_id"`                       // depends on TokenType. UserID could equal ClientID or BotUSerID in Slack
	Scope     string `json:"scope"`                         // a comma separated list of scopes, see below
	Expires   int64  `json:"expires"`                       // 0 = never
	// internal
	// FIXME: add revokation flag to the Authorization
	AuthType string `json:"-"` // currently: jwt, slack
	Created  int64  `json:"-"`
	Updated  int64  `json:"-"`
}

Authorization represents a user, app or bot and its permissions

func FindAuthorization ¶ added in v0.12.0

func FindAuthorization(ctx context.Context, token string) (*Authorization, error)

FindAuthorization looks for an authorization by token

func GetAuthorization ¶ added in v0.0.4

func GetAuthorization(ctx context.Context, clientID, authType string) (*Authorization, error)

GetAuthorization looks for an authorization

func (*Authorization) IsValid ¶ added in v0.12.0

func (a *Authorization) IsValid() bool

IsValid verifies that the Authorization is still valid, i.e. not expired and not revoked.

type AuthorizationRequest ¶ added in v0.12.0

type AuthorizationRequest struct {
	Secret     string `json:"secret" binding:"required"`
	Realm      string `json:"realm" binding:"required"`
	ClientID   string `json:"client_id" binding:"required"`
	ClientType string `json:"client_type" binding:"required"` // user,app,bot
	UserID     string `json:"user_id" binding:"required"`
	Scope      string `json:"scope" binding:"required"`
	Duration   int64  `json:"duration" binding:"required"`
}

AuthorizationRequest struct is used to request a token

type AuthorizationResponse ¶ added in v0.12.0

type AuthorizationResponse struct {
	Realm    string `json:"realm" binding:"required"`
	ClientID string `json:"client_id" binding:"required"`
	Token    string `json:"token" binding:"required"`
}

AuthorizationResponse provides the token to the requestor

type Client ¶

type Client struct {
	ClientID string `json:"client_id"`
	UserID   string `json:"user_id"`
	Scope    string `json:"scope"`
}

Client represents the claim of the client calling the API

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL