Documentation ¶
Index ¶
Constants ¶
const (
AlgorithmHS256 = "HS256"
)
Algorithms
Variables ¶
var ( // DefaultJWTConfig is the default JWT auth middleware config. DefaultJWTConfig = JWTConfig{ Skipper: DefaultSkipper, SigningMethod: AlgorithmHS256, ContextKey: "user", TokenLookup: "header:" + server.HeaderAuthorization, AuthScheme: "Bearer", Claims: jwt.MapClaims{}, } )
Functions ¶
func DefaultSkipper ¶
DefaultSkipper returns false which processes the middleware.
func NegroniLoggerHandler ¶
NegroniLoggerHandler returns a logging handler.
func NegroniRecoverHandler ¶
NegroniRecoverHandler returns a handler for recover from a http request.
Types ¶
type CORS ¶
type CORS struct {
// contains filtered or unexported fields
}
CORS represents a CORS HTTP handler.
func CORSAllowAll ¶
func CORSAllowAll() *CORS
CORSAllowAll create a new CORS handler with permissive configuration allowing all origins with all standard methods with any header and credentials.
func CORSDefault ¶
func CORSDefault() *CORS
CORSDefault creates a new CORS handler with default config.
func CORSWithConfig ¶
func CORSWithConfig(config CORSConfig) *CORS
CORSWithConfig creates a new CORS handler with the provided config.
func (*CORS) Handler ¶
Handler apply the CORS specification on the request, and add relevant CORS headers as necessary.
func (*CORS) HandlerFunc ¶
func (c *CORS) HandlerFunc(w http.ResponseWriter, r *http.Request)
HandlerFunc provides Martini compatible handler.
func (*CORS) ServeHTTP ¶
func (c *CORS) ServeHTTP(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)
Negroni compatible interface.
type CORSConfig ¶
type CORSConfig struct { // Skipper defines a function to skip middleware. Skipper Skipper // AllowedOrigins is a list of origins a cross-domain request can be executed from. // If the special "*" value is present in the list, all origins will be allowed. // An origin may contain a wildcard (*) to replace 0 or more characters // (i.e.: http://*.domain.com). Usage of wildcards implies a small performance penalty. // Only one wildcard can be used per origin. // Default value is ["*"] AllowedOrigins []string // AllowOriginFunc is a custom function to validate the origin. It take the origin // as argument and returns true if allowed or false otherwise. If this option is // set, the content of AllowedOrigins is ignored. AllowOriginFunc func(origin string) bool // AllowedMethods is a list of methods the client is allowed to use with // cross-domain requests. Default value is simple methods (HEAD, GET and POST). AllowedMethods []string // AllowedHeaders is list of non simple headers the client is allowed to use with // cross-domain requests. // If the special "*" value is present in the list, all headers will be allowed. // Default value is [] but "Origin" is always appended to the list. AllowedHeaders []string // ExposedHeaders indicates which headers are safe to expose to the API of a CORS // API specification ExposedHeaders []string // AllowCredentials indicates whether the request can include user credentials like // cookies, HTTP authentication or client side SSL certificates. AllowCredentials bool // MaxAge indicates how long (in seconds) the results of a preflight request // can be cached MaxAge int // OptionsPassthrough instructs preflight to let other potential next handlers to // process the OPTIONS method. Turn this on if your application handles OPTIONS. OptionsPassthrough bool }
CORSConfig is a configuration container to setup the CORS middleware.
type JWT ¶
type JWT struct {
// contains filtered or unexported fields
}
JWT represents a JWT HTTP handler.
func JWTWithConfig ¶
JWTWithConfig returns a JWT with specified config.
func JWTWithKey ¶
func JWTWithKey(key interface{}) *JWT
JWTWithKey returns a JWT with the specified key and other default configuration.
func (*JWT) ServeHTTP ¶
func (j *JWT) ServeHTTP(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)
ServeHTTP implements negroni compatible interface.
type JWTConfig ¶
type JWTConfig struct { // Skipper defines a function to skip middleware. Skipper Skipper // Signing key to validate token. // Required. // Note: if SigningMethod is AlgorithmHS256, SigningKey type must be []byte. SigningKey interface{} // Signing method, used to check token signing method. // Optional. Default value HS256. SigningMethod string // Context key to store user information from the token into context. // Optional. Default value "user". ContextKey string // Claims are extendable claims data defining token content. // Optional. Default value jwt.MapClaims Claims jwt.Claims // TokenLookup is a string in the form of "<source>:<name>" that is used // to extract token from the request. // Optional. Default value "header:Authorization". // Possible values: // - "header:<name>" // - "query:<name>" // - "cookie:<name>" TokenLookup string // AuthScheme to be used in the Authorization header. // Optional. Default value "Bearer". AuthScheme string // contains filtered or unexported fields }
JWTConfig is a configuration container to setup the JWT middleware.