jwt

package

v1.4.0 Latest Latest Go to latest Published: Jul 16, 2018 License: MIT Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/NewMillennialGames/goa

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func ContextJWT(ctx context.Context) *jwt.Token
func New(validationKeys interface{}, validationFunc goa.Middleware, ...) goa.Middleware
func WithJWT(ctx context.Context, t *jwt.Token) context.Context

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrJWTError = goa.NewErrorClass("jwt_security_error", 401)

ErrJWTError is the error returned by this middleware when any sort of validation or assertion fails during processing.

Functions ¶

func ContextJWT ¶

func ContextJWT(ctx context.Context) *jwt.Token

ContextJWT retrieves the JWT token from a `context` that went through our security middleware.

func New ¶

func New(validationKeys interface{}, validationFunc goa.Middleware, scheme *goa.JWTSecurity) goa.Middleware

New returns a middleware to be used with the JWTSecurity DSL definitions of goa. It supports the scopes claim in the JWT and ensures goa-defined Security DSLs are properly validated.

The steps taken by the middleware are:

Extract the "Bearer" token from the Authorization header or query parameter
Validate the "Bearer" token against the key(s) given to New
If scopes are defined in the design for the action, validate them against the scopes presented by the JWT in the claim "scope", or if that's not defined, "scopes".

The `exp` (expiration) and `nbf` (not before) date checks are validated by the JWT library.

validationKeys can be one of these:

a string (for HMAC)
a []byte (for HMAC)
an rsa.PublicKey
an ecdsa.PublicKey
a slice of any of the above

The type of the keys determine the algorithm that will be used to do the check. The goal of having lists of keys is to allow for key rotation, still check the previous keys until rotation has been completed.

You can define an optional function to do additional validations on the token once the signature and the claims requirements are proven to be valid. Example:

validationHandler, _ := goa.NewMiddleware(func(ctx context.Context, w http.ResponseWriter, r *http.Request) error {
    token := jwt.ContextJWT(ctx)
    if val, ok := token.Claims["is_uncle"].(string); !ok || val != "ben" {
        return jwt.ErrJWTError("you are not uncle ben's")
    }
})

Mount the middleware with the generated UseXX function where XX is the name of the scheme as defined in the design, e.g.:

app.UseJWT(jwt.New("secret", validationHandler, app.NewJWTSecurity()))

func WithJWT ¶

func WithJWT(ctx context.Context, t *jwt.Token) context.Context

WithJWT creates a child context containing the given JWT.

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL