auth

package

v0.8.0 Latest Latest Go to latest Published: Nov 25, 2020 License: MIT Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/gidyon/services

Links

Open Source Insights

Documentation ¶

Index ¶

func AccountIDCookie() string
func AddMD(ctx context.Context, actorID, group string) context.Context
func AddTokenMD(ctx context.Context, token string) context.Context
func AdminGroup() string
func Admins() []string
func AuthenticateRequest(ctx context.Context) error
func GenToken(ctx context.Context, payload *Payload, expirationTime time.Time) (string, error)
func Groups() []string
func Header() string
func JWTCookie() string
func RefreshCookie() string
func Scheme() string
func SessionIDCookie() string
func SuperAdminGroup() string
func User() string
type Claims
- func ParseFromCtx(ctx context.Context) (*Claims, error)
- func ParseToken(tokenString string) (claims *Claims, err error)
type Interface
- func NewAPI(signingKey []byte, issuer, audience string) (Interface, error)
type Payload
- func AuthenticateActor(ctx context.Context, actorID string) (*Payload, error)
- func AuthorizeActorOrGroup(ctx context.Context, actorID string, allowedGroups ...string) (*Payload, error)
- func AuthorizeGroup(ctx context.Context, allowedGroups ...string) (*Payload, error)
- func AuthorizeStrict(ctx context.Context, actorID string, allowedGroups ...string) (*Payload, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func AccountIDCookie ¶

func AccountIDCookie() string

AccountIDCookie is name of cookie holding account ID of signed in user

func AddMD ¶

func AddMD(ctx context.Context, actorID, group string) context.Context

AddMD adds metadata to token

func AddTokenMD ¶

func AddTokenMD(ctx context.Context, token string) context.Context

AddTokenMD adds token as authorization metadata to context and returns the updated context object

func AdminGroup ¶

func AdminGroup() string

AdminGroup is group for admin users

func Admins ¶ added in v0.7.0

func Admins() []string

Admins returns the administrators group

func AuthenticateRequest ¶

func AuthenticateRequest(ctx context.Context) error

AuthenticateRequest authenticates a request whether it contains valid jwt in metadata

func GenToken ¶

func GenToken(ctx context.Context, payload *Payload, expirationTime time.Time) (string, error)

GenToken generates jwt

func Groups ¶

func Groups() []string

Groups returns the accociated account groups

func Header ¶

func Header() string

Header returns authentication header

func JWTCookie ¶

func JWTCookie() string

JWTCookie is name of cookie holding jwt

func RefreshCookie ¶

func RefreshCookie() string

RefreshCookie is name of cookie holding jwt refresh token

func Scheme ¶

func Scheme() string

Scheme returns authentication scheme

func SessionIDCookie ¶

func SessionIDCookie() string

SessionIDCookie is name of cookie holding session ID of signed in user

func SuperAdminGroup ¶

func SuperAdminGroup() string

SuperAdminGroup is group for super admin users

func User ¶

func User() string

User are ordinary app users

Types ¶

type Claims ¶

type Claims struct {
	*Payload
	jwt.StandardClaims
}

Claims contains JWT claims information

func ParseFromCtx ¶

func ParseFromCtx(ctx context.Context) (*Claims, error)

ParseFromCtx jwt token from context

func ParseToken ¶

func ParseToken(tokenString string) (claims *Claims, err error)

ParseToken parses a jwt token and return claims

type Interface ¶

type Interface interface {
	AuthenticateRequest(context.Context) error
	AuthenticateRequestV2(context.Context) (*Payload, error)
	AuthorizeActor(ctx context.Context, actorID string) (*Payload, error)
	AuthorizeGroups(ctx context.Context, allowedGroups ...string) (*Payload, error)
	AuthorizeStrict(ctx context.Context, actorID string, allowedGroups ...string) (*Payload, error)
	AuthorizeActorOrGroups(ctx context.Context, actorID string, allowedGroups ...string) (*Payload, error)
	GenToken(context.Context, *Payload, time.Time) (string, error)
}

Interface is a generic authentication and authorization API

func NewAPI ¶

func NewAPI(signingKey []byte, issuer, audience string) (Interface, error)

NewAPI creates new auth API with given signing key

type Payload ¶

type Payload struct {
	ID           string
	ProjectID    string
	Names        string
	PhoneNumber  string
	EmailAddress string
	Group        string
}

Payload contains jwt payload

func AuthenticateActor ¶

func AuthenticateActor(ctx context.Context, actorID string) (*Payload, error)

AuthenticateActor authenticates actor

func AuthorizeActorOrGroup ¶

func AuthorizeActorOrGroup(ctx context.Context, actorID string, allowedGroups ...string) (*Payload, error)

AuthorizeActorOrGroup authorizes the actor or whether they belong to list of allowed groups

func AuthorizeGroup ¶

func AuthorizeGroup(ctx context.Context, allowedGroups ...string) (*Payload, error)

AuthorizeGroup authorizes an actor group against allowed groups

func AuthorizeStrict ¶

func AuthorizeStrict(ctx context.Context, actorID string, allowedGroups ...string) (*Payload, error)

AuthorizeStrict authenticates and authorizes an actor and group against allowed groups

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL