auth

package

v0.4.0 Latest Latest Go to latest Published: Jun 12, 2024 License: MIT Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/andydunstall/piko

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type Config
- func (c *Config) AuthEnabled() bool
- func (c *Config) RegisterFlags(fs *pflag.FlagSet)
type EndpointToken
- func (t *EndpointToken) EndpointPermitted(endpointID string) bool
type JWTVerifier
- func NewJWTVerifier(conf JWTVerifierConfig) *JWTVerifier
- func (v *JWTVerifier) VerifyEndpointToken(tokenString string) (EndpointToken, error)
type JWTVerifierConfig
type Verifier

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrInvalidToken = errors.New("invalid token")
	ErrExpiredToken = errors.New("expired token")
)

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	// TokenHMACSecretKey is the secret key to authenticate HMAC endpoint
	// connection JWTs.
	TokenHMACSecretKey string `json:"token_hmac_secret_key"`

	// TokenRSAPublicKey is the public key to authenticate RSA endpoint
	// connection JWTs.
	TokenRSAPublicKey string `json:"token_rsa_public_key"`

	// TokenECDSAPublicKey is the public key to authenticate ECDSA endpoint
	// connection JWTs.
	TokenECDSAPublicKey string `json:"token_ecdsa_public_key"`

	// TokenAudience is the required 'aud' claim of the authenticated JWTs.
	//
	// If not given the 'aud' claim will be ignored.
	TokenAudience string `json:"token_audience"`

	// TokenIssuer is the required 'iss' claim of the authenticated JWTs.
	//
	// If not given the 'iss' claim will be ignored.
	TokenIssuer string `json:"token_issuer"`
}

func (*Config) AuthEnabled ¶

func (c *Config) AuthEnabled() bool

func (*Config) RegisterFlags ¶

func (c *Config) RegisterFlags(fs *pflag.FlagSet)

type EndpointToken ¶

type EndpointToken struct {
	// Expiry contains the time the token expires, or zero if there is no
	// expiry.
	Expiry time.Time

	// Endpoints contains the list of endpoint IDs the connection is permitted
	// to register. If empty then all endpoints are allowed.
	Endpoints []string
}

func (*EndpointToken) EndpointPermitted ¶

func (t *EndpointToken) EndpointPermitted(endpointID string) bool

EndpointPermitted returns whether the given endpoint ID is permitted for this token.

type JWTVerifier ¶

type JWTVerifier struct {
	// contains filtered or unexported fields
}

func NewJWTVerifier ¶

func NewJWTVerifier(conf JWTVerifierConfig) *JWTVerifier

func (*JWTVerifier) VerifyEndpointToken ¶

func (v *JWTVerifier) VerifyEndpointToken(tokenString string) (EndpointToken, error)

type JWTVerifierConfig ¶

type JWTVerifierConfig struct {
	HMACSecretKey  []byte
	RSAPublicKey   *rsa.PublicKey
	ECDSAPublicKey *ecdsa.PublicKey
	Audience       string
	Issuer         string
}

type Verifier ¶

type Verifier interface {
	VerifyEndpointToken(token string) (EndpointToken, error)
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL