jwt

package
v0.1.14-beta46 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 28, 2023 License: MIT Imports: 9 Imported by: 0

Documentation

Overview

Package jwt provides a parser, generator and a middleware to checks if a jwt-token is valid. If not, a StatusUnauthorized (401) will return.

Claims must implement the jwt.Claimer interface. A standard Claim is defined which can get embedded in your struct to avoid rewriting all of the functions.

Config struct for a simple token configuration is provided.

Generate: will set the CookieRefresh, the Claim gets generated and calls the CallbackGenerate function. After that, the token gets signed and the CookieJWT gets set.

Parse: will check the CookieJWT and parses the string. The claim will be checked if its valid. If the claim is expired, the CallbackRefresh function will be called, to check if a new token should be generated. On success the request.Context CLAIM will be set.

A refresh token will only be generated if a refresh callback is set and the CookieJWT and CookieRefresh is available.

Index

Constants

View Source 
const (
	HS256 = "HS256"
	HS384 = "HS384"
	HS512 = "HS512"
)

allowed algorithms.

View Source 
const CLAIM = "JWT"

CLAIM key for the request ctx.

Variables

View Source 
var (
	ErrConfigNotValid = errors.New("jwt: config is not valid")
	ErrSigningMethod  = "jwt: unexpected signing method: %v"
	ErrInvalidClaim   = "jwt: claim is not valid %s: %#v"
	ErrTokenExpired   = errors.New("jwt: token is expired")
)

Error messages.

View Source 
var CookieNameJWT = "JWT"
View Source 
var CookieNameRefresh = "REFRESH"

Functions 

func Cookie(r *http.Request, name string) (string, error)

Cookie returns a cookie by name. If it does not exist, an error will return.

func CookieJWT 

func CookieJWT() string

func CookieRefresh 

func CookieRefresh() string

func NewCookie 

func NewCookie(w http.ResponseWriter, name string, value string, ttl time.Duration)

NewCookie creates a cookie with the given name, value and expiration. Additionally, this cookie is http only and secured.

Types

type Claim 

type Claim struct {
	jwt.StandardClaims
}

Claim type implements the Claimer interface and extends the jwt.StandardClaims.

func (*Claim) Aud 

func (c *Claim) Aud() string

Aud get the AUDIENCE of the token.

func (*Claim) Exp 

func (c *Claim) Exp() int64

Exp get the EXPIRED of the token.

func (*Claim) Iat 

func (c *Claim) Iat() int64

Iat get the ISSUED AT of the token.

func (*Claim) Iss 

func (c *Claim) Iss() string

Iss get the ISSUER of the token.

func (*Claim) Jid 

func (c *Claim) Jid() string

Jid get the JID of the token.

func (*Claim) Nbf 

func (c *Claim) Nbf() int64

Nbf get the NOT BEFORE of the token.

func (*Claim) Render 

func (c *Claim) Render() interface{}

Render should return the needed claim data for the frontend.

func (*Claim) SetAud 

func (c *Claim) SetAud(aud string)

SetAud set the AUDIENCE of the token.

func (*Claim) SetExp 

func (c *Claim) SetExp(exp int64)

SetExp set the EXPIRED of the token.

func (*Claim) SetIat 

func (c *Claim) SetIat(iat int64)

SetIat set the ISSUED AT of the token.

func (*Claim) SetIss 

func (c *Claim) SetIss(iss string)

SetIss set the ISSUER of the token.

func (*Claim) SetJid 

func (c *Claim) SetJid(id string)

SetJid set the JID of the token.

func (*Claim) SetNbf 

func (c *Claim) SetNbf(nbf int64)

SetNbf set the NOT BEFORE of the token.

func (*Claim) SetSub 

func (c *Claim) SetSub(sub string)

SetSub set the SUBJECT of the token.

func (*Claim) Sub 

func (c *Claim) Sub() string

Sub get the SUBJECT of the token.

func (*Claim) Valid 

func (c *Claim) Valid() error

Valid the claim.

type Claimer 

type Claimer interface {
	Jid() string
	SetJid(string)
	Iss() string
	SetIss(string)
	Aud() string
	SetAud(string)
	Sub() string
	SetSub(string)
	Iat() int64
	SetIat(int64)
	Exp() int64
	SetExp(int64)
	Nbf() int64
	SetNbf(int64)

	// UserID should return the user id.
	UserID() interface{}
	// Render should return the needed data for the frontend.
	Render() interface{}
	// Valid is defined in the jwt-go package but can get overwritten here.
	Valid() error
}

Claimer interface.

type Config 

type Config struct {
	Alg          string        // algorithm (HS256, HS384, HS512)
	Issuer       string        // issuer
	Audience     string        // audience
	Subject      string        // subject
	Expiration   time.Duration // the ttl of the token (suggested short lived 15 Minutes). 0 is not allowed.
	SignKey      string        // the sign key. atm only a key, later on it can also be a file path
	RefreshToken RefreshConfig // true if a refresh token should get created
}

Config of the jwt token.

type RefreshConfig 

type RefreshConfig struct {
	Expiration time.Duration // 0 means infinity.
}

RefreshConfig config.

type Token 

type Token struct {

	// should be used to check if the refresh token is still valid. Error should return if not.
	CallbackRefresh func(http.ResponseWriter, *http.Request, Claimer) error
	// should be used to check user data and update the claim, before the token gets generated.
	CallbackGenerate func(http.ResponseWriter, *http.Request, Claimer, string) error
	// contains filtered or unexported fields
}

Token struct.

func New 

func New(config Config, claimer Claimer) (*Token, error)

New token instance. Error will return if the config is invalid.

func (*Token) Generate 

func (t *Token) Generate(w http.ResponseWriter, r *http.Request) (Claimer, error)

Generate a new token. Refresh cookie will be set, a new Claim generated and passed to the callback function - if defined. The JWT token gets signed and set as JTW cookie. Error will return if the token could not get signed or the callback function returns an error.

func (*Token) MW 

func (t *Token) MW(h http.HandlerFunc) http.HandlerFunc

MW will be passed to the middleware.

func (*Token) Parse 

func (t *Token) Parse(w http.ResponseWriter, r *http.Request) error

Parse the JWT cookie. The Claim will be checked if it's valid. If the Claim is expired, the refresh Callback will be called to generate a new Token. The Claim will be set as request context JWT. A refresh token will only be generated if the CookieJWT (expired) and CookieRefresh is set.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.
JackTT - Gopher 🇻🇳