apiutils

package
v0.0.0-...-00d5bf9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 2, 2023 License: MIT Imports: 7 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ErrNoAuthHeader = oerrs.String("missing Authorization: Bearer header is not set")
)

errors

View Source 
const (
	// TokenContextKey is the key used to access the saved token inside an gserv.Context.
	TokenContextKey = ":JTK:"
)

Variables

View Source 
var (
	SecureHeaders = SHM{
		"X-Frame-Options":  "SAMEORIGIN",
		"X-XSS-Protection": "1; mode=block",

		"X-Download-Options": "noopen",

		"Content-Security-Policy": "default-src https:",
	}

	// https://googleblog.blogspot.com/2007/07/robots-exclusion-protocol-now-with-even.html
	NoIndexing = SHM{
		"X-Robots-Tag": "noindex",
	}

	// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
	HSTS = SHM{
		"Strict-Transport-Security": "max-age=15552000; includeSubDomains",
	}

	// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
	HSTSPreload = SHM{
		"Strict-Transport-Security": "max-age=15552000; includeSubDomains; preload",
	}
)

SimpleHeadersMaps of common headers based on https://rorsecurity.info/portfolio/new-http-headers-for-more-security

View Source 
var DefaultAuth = &Auth{
	SigningMethod: jwt.SigningMethodHS256,
	Extractor:     *jwtReq.OAuth2Extractor,

	NewClaims: func() jwt.Claims { return jwt.MapClaims{} },
}

DefaultAuth has the default values for Auth

View Source 
var DefaultParser = &jwt.Parser{
	UseJSONNumber: true,
}

Functions

func ApplyHeaders 

func ApplyHeaders(headerMaps ...SHM) gserv.Handler

ApplyHeaders is a middle to apply a static set of headers to an gserv.Context

Types

type Auth 

type Auth struct {
	SigningMethod jwt.SigningMethod
	Extractor     jwtReq.MultiExtractor

	NewClaims func() jwt.Claims

	// TokenKey is used inside the CheckAuth middleware.
	CheckToken TokenKeyFunc

	// AuthKeyFunc is used inside the SignIn middleware.
	AuthToken TokenKeyFunc

	CookieHost  string
	AuthCookies []string
	CookieHTTPS bool
}

Auth is a simple handler for authorization using JWT with a simple

func NewAuth 

func NewAuth(checkTokenFn TokenKeyFunc, authKeyFunc TokenKeyFunc, extractors ...jwtReq.Extractor) (a *Auth)

NewAuth returns a new Auth struct with the given keyForUser and the defaults from DefaultAuth

func (*Auth) CheckAuth 

func (a *Auth) CheckAuth(ctx *gserv.Context) gserv.Response

CheckAuth handles checking auth headers. If the token is valid, it is set to the ctx using the TokenContextKey.

func (*Auth) SignIn 

func (a *Auth) SignIn(ctx *gserv.Context) gserv.Response

SignIn handles signing by calling Auth.AuthKeyFunc, if the func returns a key it signs the token and sets the Authorization: Bearer header. Can be chained with SignUp if needed.

type CookieExtractor 

type CookieExtractor []string

CookieExtractor implements an Extractor to use auth token from cookies

func (CookieExtractor) ExtractToken 

func (e CookieExtractor) ExtractToken(req *http.Request) (string, error)

type MapClaims 

type MapClaims = jwt.MapClaims

MapClaims is an alias for jwt.MapClaims

type SHM 

type SHM map[string]string

SHM is a Simple Headers Map

func (SHM) Apply 

func (m SHM) Apply(hh http.Header, add bool)

Apply applies the SHM to an http.Header, if add is true, the values gets Added rather than Set if a value is empty, it gets deleted

func (SHM) Copy 

func (m SHM) Copy() SHM

Copy returns a copy of the map

func (SHM) Set 

func (m SHM) Set(k, v string) SHM

Set sets a key to a value

type StandardClaims 

type StandardClaims = jwt.StandardClaims

StandardClaims is an alias for jwt.StandardClaims

type Token 

type Token struct {
	*jwt.Token
}

func (Token) Expiry 

func (t Token) Expiry() (ts int64, ok bool)

func (Token) Get 

func (t Token) Get(key string) any

Get only works with MapClaims

func (Token) GetOk 

func (t Token) GetOk(key string) (v any, ok bool)

GetOk only works with MapClaims

func (Token) Set 

func (t Token) Set(k string, v any) (ok bool)

func (Token) SetExpiry 

func (t Token) SetExpiry(ts int64) (ok bool)

SetExpiry sets the expiry date of the token, ts is time.Time{}.Unix().

type TokenKeyFunc 

type TokenKeyFunc = func(ctx *gserv.Context, tok Token) (extra gserv.M, key any, err error)

TokenKeyFunc is a callback to return a key for the given token

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.