Documentation ¶
Index ¶
- Constants
- func CreateAuthorization(ctx context.Context, auth *Authorization) error
- func CreateJWTAuthorizationEndpoint(c *gin.Context)
- func CreateJWTToken(secret, realm, clientID, userID, scope string, duration int64) (string, error)
- func GetBearerToken(c *gin.Context) string
- func GetSecureJWTMiddleware(realm, secretKey string) (*jwt.GinJWTMiddleware, error)
- func GetToken(ctx context.Context, clientID, authType string) (string, error)
- func IdentityHandler(c *gin.Context) interface{}
- func PayloadMappingHandler(data interface{}) jwt.MapClaims
- func ScopeAuthorizationHandler(data interface{}, c *gin.Context) bool
- func ValidateJWTAuthorizationEndpoint(c *gin.Context)
- type Authorization
- type AuthorizationRequest
- type AuthorizationResponse
- type Client
Constants ¶
const ( // DatastoreAuthorizations collection AUTHORIZATION DatastoreAuthorizations string = "AUTHORIZATIONS" // AuthTypeJWT constant jwt AuthTypeJWT = "jwt" // AuthTypeSlack constant salack AuthTypeSlack = "slack" )
Variables ¶
This section is empty.
Functions ¶
func CreateAuthorization ¶ added in v0.0.4
func CreateAuthorization(ctx context.Context, auth *Authorization) error
CreateAuthorization creates all data needed for the OAuth fu
func CreateJWTAuthorizationEndpoint ¶ added in v0.12.0
CreateJWTAuthorizationEndpoint creates an JWT authorization
func CreateJWTToken ¶ added in v0.11.0
CreateJWTToken creates a token that can be used for JWT authentication / authorization
func GetBearerToken ¶ added in v0.12.0
GetBearerToken extracts the bearer token
func GetSecureJWTMiddleware ¶
func GetSecureJWTMiddleware(realm, secretKey string) (*jwt.GinJWTMiddleware, error)
GetSecureJWTMiddleware instantiates a JWT middleware and all the necessary handlers
func IdentityHandler ¶
IdentityHandler returns the Client structure
func PayloadMappingHandler ¶
PayloadMappingHandler extracts the client_id, user_id and scope of the request
func ScopeAuthorizationHandler ¶
ScopeAuthorizationHandler checks for required scopes
func ValidateJWTAuthorizationEndpoint ¶ added in v0.12.0
ValidateJWTAuthorizationEndpoint verifies that the token is valid and exists in the authorization table
Types ¶
type Authorization ¶
type Authorization struct { ClientID string `json:"client_id" binding:"required"` // UNIQUE Name string `json:"name"` // name of the domain, realm, tennant etc Token string `json:"token" binding:"required"` TokenType string `json:"token_type" binding:"required"` // user,app,bot UserID string `json:"user_id"` // depends on TokenType. UserID could equal ClientID or BotUSerID in Slack Scope string `json:"scope"` // a comma separated list of scopes, see below Expires int64 `json:"expires"` // 0 = never // internal // FIXME: add revokation flag to the Authorization AuthType string `json:"-"` // currently: jwt, slack Created int64 `json:"-"` Updated int64 `json:"-"` }
Authorization represents a user, app or bot and its permissions
func FindAuthorization ¶ added in v0.12.0
func FindAuthorization(ctx context.Context, token string) (*Authorization, error)
FindAuthorization looks for an authorization by token
func GetAuthorization ¶ added in v0.0.4
func GetAuthorization(ctx context.Context, clientID, authType string) (*Authorization, error)
GetAuthorization looks for an authorization
func (*Authorization) IsValid ¶ added in v0.12.0
func (a *Authorization) IsValid() bool
IsValid verifies that the Authorization is still valid, i.e. not expired and not revoked.
type AuthorizationRequest ¶ added in v0.12.0
type AuthorizationRequest struct { Secret string `json:"secret" binding:"required"` Realm string `json:"realm" binding:"required"` ClientID string `json:"client_id" binding:"required"` ClientType string `json:"client_type" binding:"required"` // user,app,bot UserID string `json:"user_id" binding:"required"` Scope string `json:"scope" binding:"required"` Duration int64 `json:"duration" binding:"required"` }
AuthorizationRequest struct is used to request a token
type AuthorizationResponse ¶ added in v0.12.0
type AuthorizationResponse struct { Realm string `json:"realm" binding:"required"` ClientID string `json:"client_id" binding:"required"` Token string `json:"token" binding:"required"` }
AuthorizationResponse provides the token to the requestor