tokenauth

package module
Version: v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 31, 2020 License: MIT Imports: 7 Imported by: 1

README

GoDoc Build Status Go Report Card

JWT Token Authentication Middleware for Buffalo

Installation

$ go get -u github.com/gobuffalo/mw-tokenauth

Usage

For details on how to use this middleware, see the godocs.

You can also gain insight into how to use it by looking at the tests

Documentation

Overview

Package tokenauth provides jwt token authorisation middleware supports HMAC, RSA, ECDSA, RSAPSS algorithms uses github.com/dgrijalva/jwt-go for jwt implementation

Setting Up tokenauth middleware

Using tokenauth with defaults

app.Use(tokenauth.New(tokenauth.Options{}))

Specifying Signing method for JWT

app.Use(tokenauth.New(tokenauth.Options{
    SignMethod: jwt.SigningMethodRS256,
}))

By default the Key used is loaded from the JWT_SECRET or JWT_PUBLIC_KEY env variable depending on the SigningMethod used. However you can retrive the key from a different source.

app.Use(tokenauth.New(tokenauth.Options{
    GetKey: func(jwt.SigningMethod) (interface{}, error) {
         // Your Implementation here ...
    },
}))

Default authorisation scheme is Bearer, you can specify your own.

app.Use(tokenauth.New(tokenauth.Options{
    AuthScheme: "Token"
}))

Creating a new token

This can be referred from the underlying JWT package being used https://github.com/dgrijalva/jwt-go

Example

claims := jwt.MapClaims{}
claims["userid"] = "123"
claims["exp"] = time.Now().Add(time.Minute * 5).Unix()
// add more claims
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
tokenString, err := token.SignedString([]byte(SecretKey))

Getting Claims from JWT token from buffalo context

Example of retriving username from claims (this step is same regardless of the signing method used)

claims := c.Value("claims").(jwt.MapClaims)
username := claims["username"].(string)

Index

Constants

This section is empty.

Variables

View Source
var (
	// ErrTokenInvalid is returned when the token provided is invalid
	ErrTokenInvalid = errors.New("token invalid")
	// ErrNoToken is returned if no token is supplied in the request.
	ErrNoToken = errors.New("token not found in request")
	// ErrBadSigningMethod is returned if the token sign method in the request
	// does not match the signing method used
	ErrBadSigningMethod = errors.New("unexpected signing method")
)

Functions

func GetHMACKey

func GetHMACKey(jwt.SigningMethod) (interface{}, error)

GetHMACKey gets secret key from env

func GetKeyECDSA

func GetKeyECDSA(jwt.SigningMethod) (interface{}, error)

GetKeyECDSA gets the public.pem file location from env and returns ecdsa.PublicKey

func GetKeyRSA

func GetKeyRSA(jwt.SigningMethod) (interface{}, error)

GetKeyRSA gets the public key file location from env and returns rsa.PublicKey

func GetKeyRSAPSS

func GetKeyRSAPSS(signingMethod jwt.SigningMethod) (interface{}, error)

GetKeyRSAPSS uses GetKeyRSA() since both requires rsa.PublicKey

func New

func New(options Options) buffalo.MiddlewareFunc

New enables jwt token verification if no Sign method is provided, by default uses HMAC

Types

type Options

type Options struct {
	SignMethod jwt.SigningMethod
	GetKey     func(jwt.SigningMethod) (interface{}, error)
	AuthScheme string
}

Options for the JWT middleware

Source Files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
t or T : Toggle theme light dark auto
y or Y : Canonical URL