auth

Documentation

Overview

Package auth provides authentication and authorization support.

Index

• Constants
• type Auth
  • func New(algorithm string, keyLookup KeyLookup) (*Auth, error)
  • func (a *Auth) GenerateToken(kid string, claims Claims) (string, error)
  • func (a *Auth) ValidateToken(tokenStr string) (Claims, error)
• type Claims
  • func (c Claims) Authorized(role string) bool
• type KeyLookup
• type StandardClaims

Constants

const (
	RoleAdmin = "ADMIN"
	RoleUser  = "USER"
)

These constants represet the set of roles.

const Key ctxKey = 1

Key is used to store/retrieve a Claims value from a context.Context.

Types

type Auth

type Auth struct {
	// contains filtered or unexported fields
}

Auth is used to authenticate clients. It can generate a token for a set of user claims and recreate the claims by parsing the token.

func New

func New(algorithm string, keyLookup KeyLookup) (*Auth, error)

New creates an Auth to support authentication/authorization.

func (*Auth) GenerateToken

func (a *Auth) GenerateToken(kid string, claims Claims) (string, error)

GenerateToken generates a signed JWT token string representing the user Claims.

func (*Auth) ValidateToken

func (a *Auth) ValidateToken(tokenStr string) (Claims, error)

ValidateToken recreates the Claims that were used to generate a token. It verifies that the token was signed using our key.

type Claims

type Claims struct {
	jwt.StandardClaims
	Auth StandardClaims
}

Claims represents the authorization claims transmitted via a JWT.

func (Claims) Authorized

func (c Claims) Authorized(role string) bool

Authorized returns true if the claim matches the provided role.

type KeyLookup

type KeyLookup interface {
	PrivateKey(kid string) (*rsa.PrivateKey, error)
	PublicKey(kid string) (*rsa.PublicKey, error)
}

KeyLookup declares a method set of behavior for looking up private and public keys for JWT use.

type StandardClaims

type StandardClaims struct {
	Role string `json:"ROLE"`
}

StandardClaims represents claims for the applications.