blocklist

package

v0.0.1-alpha9 Latest Latest Go to latest Published: May 27, 2023 License: MIT Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/divergentcodes/jwt-block

Documentation ¶

Overview ¶

Package blocklist manages inspecting tokens and interacting with the cache

Includes JWT parsing, validation, and verification. Also includes cache management and lookup functions.

Index ¶

Variables
func Size(redisDB *redis.Client) (int64, error)
type BlockResult
- func Block(redisDB *redis.Client, tokenString string) (*BlockResult, error)
- func BlockWithTTL(redisDB *redis.Client, tokenString string, explicitTTLSeconds int) (*BlockResult, error)
type CheckResult
- func CheckByJwt(redisDB *redis.Client, tokenString string) (CheckResult, error)
- func CheckBySha256(redisDB *redis.Client, sha256 string) (CheckResult, error)
type FlushResult
- func Flush(redisDB *redis.Client) (*FlushResult, error)
type ListResult
- func List(redisDB *redis.Client) (*ListResult, error)
type UnblockResult
- func UnblockByJwt(redisDB *redis.Client, tokenString string) (*UnblockResult, error)
- func UnblockBySha256(redisDB *redis.Client, sha256 string) (*UnblockResult, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	SuccessTokenBlocked   = "Token blocked"
	SuccessTokenUnblocked = "Token unblocked"
	SuccessTokenExists    = "Token already blocked"
	SuccessTokenNotExists = "Token is not blocked"
	SuccessTokenIsAllowed = "JWT is allowed"
	SuccessTokenIsBlocked = "JWT is blocked"

	ErrMisconfiguredCache = errors.New("server cache configuration error")
	ErrNoExpForTTL        = errors.New("token has no set expiration")
)

Functions ¶

func Size ¶

func Size(redisDB *redis.Client) (int64, error)

Size will return the number of token hashes in the blocklist.

Types ¶

type BlockResult ¶

type BlockResult struct {
	Message   string `json:"message"`       // message summarizing the result.
	TTL       int    `json:"block_ttl_sec"` // remaining time-to-live of the token in the blocklist.
	TTLString string `json:"block_ttl_str"` // human readable remaining time-to-live.
	IsNew     bool   `json:"is_new"`        // whether or not the token is newly added to the blocklist.
	IsError   bool   `json:"error"`         // whether or not the result was an error.
}

A BlockResult contains the result of trying to block a token.

func Block ¶

func Block(redisDB *redis.Client, tokenString string) (*BlockResult, error)

Block adds a token to the blocklist without an explicit TTL, and returns whether the added value is new or not..

func BlockWithTTL ¶

func BlockWithTTL(redisDB *redis.Client, tokenString string, explicitTTLSeconds int) (*BlockResult, error)

Block adds a token to the blocklist with an explicit TTL, and returns whether the added value is new or not.

explicitTTLSeconds behavior:

<0: Default TTL.
0: Infinite TTL.
>0: Expiring TTL.

type CheckResult ¶

type CheckResult struct {
	Message   string `json:"message"`       // message summarizing the result.
	IsBlocked bool   `json:"blocked"`       // whether or not the token is blocked (present in the blocklist).
	TTL       int    `json:"block_ttl_sec"` // remaining time-to-live of the token in the blocklist.
	TTLString string `json:"block_ttl_str"` // human readable remaining time-to-live.
	IsError   bool   `json:"error"`         // whether or not the result was an error.
}

A CheckResult contains the result of checking for a token in the blocklist.

func CheckByJwt ¶

func CheckByJwt(redisDB *redis.Client, tokenString string) (CheckResult, error)

CheckByJwt checks if a token's hash value is in the blocklist.

The passed tokenString will be hashed and looked up.

func CheckBySha256 ¶

func CheckBySha256(redisDB *redis.Client, sha256 string) (CheckResult, error)

CheckBySha256 checks if the hash value of a token is in the blocklist.

type FlushResult ¶

type FlushResult struct {
	Message string `json:"message"` // message summarizing the result.
	Count   int64  `json:"count"`   // number of records flushed from the blocklist.
	IsError bool   `json:"error"`   // whether or not the result was an error.
}

A FlushResult contains the result of checking for a token in the blocklist.

func Flush ¶

func Flush(redisDB *redis.Client) (*FlushResult, error)

Flush empties the blocklist cache of all tokens, so none are blocked.

type ListResult ¶

type ListResult struct {
	TokenHashes []string `json:"token_hashes"` // hashes of blocked tokens.
	Size        int64    `json:"size"`         // the number of blocked tokens.
	IsError     bool     `json:"error"`        // whether or not the result was an error.
}

A ListResult contains the result of listing token hashes in the blocklist.

func List ¶

func List(redisDB *redis.Client) (*ListResult, error)

List will dump all token hashes in the cache.

type UnblockResult ¶

type UnblockResult struct {
	Message     string `json:"message"`   // message summarizing the result.
	IsUnblocked bool   `json:"unblocked"` // whether or not the token was unblocked (removed from the blocklist).
	IsError     bool   `json:"error"`     // whether or not the result was an error.
}

A UnblockResult contains the result of unblocking a token in the blocklist.

func UnblockByJwt ¶

func UnblockByJwt(redisDB *redis.Client, tokenString string) (*UnblockResult, error)

UnblockByJwt removes a token's hash from the blocklist by first hashing the passed token.

func UnblockBySha256 ¶

func UnblockBySha256(redisDB *redis.Client, sha256 string) (*UnblockResult, error)

UnblockBySha256 removes the passed token hash from the blocklist.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL