multiauth

package

v2.2.4+incompatible Latest Latest Go to latest Published: Sep 20, 2020 License: MIT Imports: 7 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/goadesign/examples

Links

Open Source Insights

README ¶

goa v2 Security Example

This example illustrates how to secure microservice endpoints. The service endpoints showcase the various security schemes supported in goa. It exposes endpoints secured via different security requirements, the doubly_secure and also_doubly_secure endpoints illustrate how to secure a single endpoint using multiple requirements.

Design

The key design sections for the multi_auth service define the various security requirements. The most interesting ones are the doubly_secure and also_doubly_secure requirements:

Security(JWTAuth, APIKeyAuth, func() { // Use JWT and an API key to secure this endpoint.
	Scope("api:read")  // Enforce presence of both "api:read"
	Scope("api:write") // and "api:write" scopes in JWT claims.
})

The payload DSL defines two attributes key and token that hold the API key and JWT token respectively:

Payload(func() {
	APIKey("api_key", "key", String, func() {
		Description("API key")
	})
	Token("token", String, func() {
		Description("JWT used for authentication")
	})
})

The design requires the client to provide both an API key and a JWT token. doubly_secure loads the value of the API key from the request query string while also_doubly_secure loads it from the request headers.

doubly_secure

HTTP(func() {
	GET("/secure")

	Param("key:k")
          ...

also_doubly_secure

HTTP(func() {
	POST("/secure")

	Header("key:Authorization")

Documentation ¶

Index ¶

Variables
func NewSecuredService(logger *log.Logger) securedservice.Service

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// ErrUnauthorized is the error returned by Login when the request credentials
	// are invalid.
	ErrUnauthorized error = securedservice.Unauthorized("invalid username and password combination")

	// ErrInvalidToken is the error returned when the JWT token is invalid.
	ErrInvalidToken error = securedservice.Unauthorized("invalid token")

	// ErrInvalidTokenScopes is the error returned when the scopes provided in
	// the JWT token claims are invalid.
	ErrInvalidTokenScopes error = securedservice.InvalidScopes("invalid scopes in token")

	// Key is the key used in JWT authentication
	Key = []byte("secret")
)

Functions ¶

func NewSecuredService ¶

func NewSecuredService(logger *log.Logger) securedservice.Service

NewSecuredService returns the secured_service service implementation.

Types ¶

This section is empty.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cmd
multi_auth
multi_auth-cli
design
gen
grpc/cli/multi_auth
grpc/secured_service/client
grpc/secured_service/pb
grpc/secured_service/server
http/cli/multi_auth
http/secured_service/client
http/secured_service/server
secured_service

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL