goauth

package

v1.4.0 Latest Latest Go to latest Published: Jul 15, 2023 License: Apache-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/PhilippePitzClairoux/gohttp

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func AuthProxyMethod(r *http.Request, controller *AuthenticationMiddleware) error
func CreateCertificate() tls.Certificate
func CreateDnsCertificate(commonName string, dnsName []string) tls.Certificate
func NewClaimBase(expiredAt *jwt.NumericDate, issuer, subject string, id string, ...) jwt.RegisteredClaims
type AuthenticationMiddleware
type ExtractSecurityContext
type GenerateClaims
type GenerateSignedJWT
type HttpBasicAuthController
type JwtMiddleware
- func (dbtc *JwtMiddleware) CreateSecurityContext(r *http.Request)
- func (dbtc *JwtMiddleware) HasPermission() bool
type LoginUser
type ValidateToken
type ValidateUser

Constants ¶

This section is empty.

Variables ¶

View Source

var ExtractUsernamePassword = regexp.MustCompile("username=([\\w\\-]+),password=([\\w\\-]+)")

ExtractUsernamePassword extract username and password value for Authorization

Functions ¶

func AuthProxyMethod ¶

func AuthProxyMethod(r *http.Request, controller *AuthenticationMiddleware) error

AuthProxyMethod this is the method that's called by the routing section of the code in order to validate that the user has the right's to call the endpoint (calls CreateSecurityContext and then HasPermission. Returns an error if HasPermission returns false

func CreateCertificate ¶ added in v1.4.0

func CreateCertificate() tls.Certificate

func CreateDnsCertificate ¶ added in v1.4.0

func CreateDnsCertificate(commonName string, dnsName []string) tls.Certificate

func NewClaimBase ¶

func NewClaimBase(expiredAt *jwt.NumericDate, issuer, subject string, id string, audience []string) jwt.RegisteredClaims

NewClaimBase returns a basic jwt.RegisteredClaims struct that can be inserted into your own custom claims if need be.

Types ¶

type AuthenticationMiddleware ¶ added in v1.4.0

type AuthenticationMiddleware interface {
	CreateSecurityContext(r *http.Request)
	HasPermission() bool
}

AuthenticationMiddleware defines the methods that needs to be implemented in order to have user validation every time we get a request

type ExtractSecurityContext ¶ added in v1.4.0

type ExtractSecurityContext func(req *http.Request) any

ExtractSecurityContext is used by the middleware layer to extract username, password, token, etc to perform auth

type GenerateClaims ¶ added in v1.4.0

type GenerateClaims func() jwt.Claims

type GenerateSignedJWT ¶ added in v1.4.0

type GenerateSignedJWT func(r *http.Request) (string, error)

type HttpBasicAuthController ¶

type HttpBasicAuthController struct {
	Username     string       `json:"-"`
	Password     string       `json:"-"`
	ValidateUser ValidateUser `json:"-"`
}

HttpBasicAuthController defines the fields that must be used in order to have basic auth in an application

func (*HttpBasicAuthController) CreateSecurityContext ¶

func (dhbac *HttpBasicAuthController) CreateSecurityContext(r *http.Request)

CreateSecurityContext parses the request headers for an Authorization and extracts a username/password

func (*HttpBasicAuthController) HasPermission ¶

func (dhbac *HttpBasicAuthController) HasPermission() bool

HasPermission calls the ValidateUser method with the supplied username/password from CreateSecurityContext in order to determine if the user has access

func (*HttpBasicAuthController) PostLogin ¶

func (dhbac *HttpBasicAuthController) PostLogin() interface{}

PostLogin is useless for HttpBasicAuthController since validation is done using username/password every request

type JwtMiddleware ¶ added in v1.4.0

type JwtMiddleware struct {
	Token     *jwt.Token     `json:"-"`
	HasError  bool           `json:"-"`
	GetSecret jwt.Keyfunc    `json:"-"`
	GetClaims GenerateClaims `json:"-"`
}

JwtMiddleware represents the basic fields needed to performe Jwt authentication. HasError is set to true if there's an error parsing the token.

func (*JwtMiddleware) CreateSecurityContext ¶ added in v1.4.0

func (dbtc *JwtMiddleware) CreateSecurityContext(r *http.Request)

CreateSecurityContext parses the request headers to get the bearer token.

func (*JwtMiddleware) HasPermission ¶ added in v1.4.0

func (dbtc *JwtMiddleware) HasPermission() bool

HasPermission checks if a token has been parsed, if the token is valid and if there was an error during the parsing process

type LoginUser ¶

type LoginUser func(r *http.Request) bool

LoginUser confirm user exists and return its claims

type ValidateToken ¶

type ValidateToken func(token *jwt.Token) bool

ValidateToken checks if the token is valid

type ValidateUser ¶

type ValidateUser func(data ...any) bool

ValidateUser check's if a username and password are valid

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL