bouncer

package
v0.3.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 15, 2021 License: MIT Imports: 25 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	CookieName          = "auth_348c070" // random suffix is needed to eliminate probability of names collision
	AuthorizationHeader = "Authorization"
)

Variables

View Source 
var (
	//ErrForbidden - requestor does not have sufficient permission to perform request -
	// non of the rules have not returned non nil response
	ErrForbidden = &forbidden{"forbidden"}
	//ErrInvalidToken - token is malformed, expired or not present
	ErrInvalidToken = &notallowed{"invalid token"}
)
View Source 
var (
	NewWithClaims      = jwt.NewWithClaims
	SigningMethodES256 = jwt.SigningMethodES256
)

Functions

func AuthedRequest 

func AuthedRequest(t *testing.T, claims Claims) *http.Request

func GatewayPassed 

func GatewayPassed(r *http.Request) bool

func GenerateKeys 

func GenerateKeys(log *logan.Entry, directoryPath string) error

GenerateKeys - generates keys used to sign JWT

Types

type AuthenticationType 

type AuthenticationType string

AuthenticationType - defines authentication type of 

const (
	//AuthenticationTypeJWT - session ID + jwt token
	AuthenticationTypeJWT AuthenticationType = "jwt"
	//AuthenticationTypeBearer - session ID
	AuthenticationTypeBearer AuthenticationType = "bearer"
)

type Bouncer 

type Bouncer interface {
	Check(r *http.Request, rules ...Rule) (*Claims, error)
}

func New 

func New(opts Opts) Bouncer

type Bouncerer 

type Bouncerer interface {
	Bouncer() Bouncer
}

func NewBouncerer 

func NewBouncerer(getter kv.Getter) Bouncerer

type Claims 

type Claims struct {
	IdentityID         string `json:"identity_id"`
	jwt.StandardClaims `log:"-"`
}

func ParseClaims 

func ParseClaims(r *http.Request) (*Claims, error)

ParseClaims - parses claims without signature verification and token validation. Returns ErrInvalidToken if token is malformed or not present

type Gateway 

type Gateway interface {
	// GetAuthHeadersSanitizer returns middleware that sanitizes auth headers based on config provided
	GetAuthHeadersSanitizer() func(http.Handler) http.Handler
	GetCors() func(http.Handler) http.Handler
}

type Gatewayer 

type Gatewayer interface {
	Gateway() Gateway
}

func NewGatewayer 

func NewGatewayer(getter kv.Getter, storage SessionProvider, log *logan.Entry) Gatewayer

type Identity 

type Identity struct {
	ID   *string
	UUID *uuid.UUID
}

Identity allows to check constraints not bound to particular identity type.

func (Identity) IsAuthorized 

func (a Identity) IsAuthorized(claims Claims) bool

type Opts 

type Opts struct {
	// SkipChecks make any request with valid or missing token pass
	SkipChecks bool
}

type Rule 

type Rule interface {
	IsAuthorized(Claims) bool
}

type RuleFunc 

type RuleFunc func(Claims) bool

The RuleFunc type is an adapter to allow the use of ordinary functions as Rule

func (RuleFunc) IsAuthorized 

func (r RuleFunc) IsAuthorized(claims Claims) bool

type Session 

type Session struct {
	ID        uuid.UUID
	Identity  uuid.UUID
	Removed   bool
	ExpiresAt time.Time
	AuthType  AuthenticationType
}

Session - represents auth primitive that could be controlled by identity

type SessionProvider 

type SessionProvider interface {
	Get(context.Context, uuid.UUID) (*Session, error)
}

SessionProvider - allows to access stored sessions

type StandardClaims 

type StandardClaims = jwt.StandardClaims

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.