The highest tagged major version is v5.

request

package

v4.4.2 Latest Latest Go to latest Published: Jun 4, 2022 License: MIT Imports: 4 Imported by: 96

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/golang-jwt/jwt

Links

Open Source Insights

Documentation ¶

Overview ¶

Utility package for extracting JWT tokens from HTTP requests.

The main function is ParseFromRequest and it's WithClaims variant. See examples for how to use the various Extractor implementations or roll your own.

Index ¶

Variables
func ParseFromRequest(req *http.Request, extractor Extractor, keyFunc jwt.Keyfunc, ...) (token *jwt.Token, err error)
func ParseFromRequestWithClaims(req *http.Request, extractor Extractor, claims jwt.Claims, keyFunc jwt.Keyfunc) (token *jwt.Token, err error)deprecated
type ArgumentExtractor
- func (e ArgumentExtractor) ExtractToken(req *http.Request) (string, error)
type Extractor
type HeaderExtractor
- func (e HeaderExtractor) ExtractToken(req *http.Request) (string, error)
type MultiExtractor
- func (e MultiExtractor) ExtractToken(req *http.Request) (string, error)
type ParseFromRequestOption
- func WithClaims(claims jwt.Claims) ParseFromRequestOption
- func WithParser(parser *jwt.Parser) ParseFromRequestOption
type PostExtractionFilter
- func (e *PostExtractionFilter) ExtractToken(req *http.Request) (string, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var AuthorizationHeaderExtractor = &PostExtractionFilter{
	HeaderExtractor{"Authorization"},
	stripBearerPrefixFromTokenString,
}

AuthorizationHeaderExtractor extracts a bearer token from Authorization header Uses PostExtractionFilter to strip "Bearer " prefix from header

View Source

var (
	ErrNoTokenInRequest = errors.New("no token present in request")
)

Errors

View Source

var OAuth2Extractor = &MultiExtractor{
	AuthorizationHeaderExtractor,
	ArgumentExtractor{"access_token"},
}

OAuth2Extractor is an Extractor for OAuth2 access tokens. Looks in 'Authorization' header then 'access_token' argument for a token.

Functions ¶

func ParseFromRequest ¶

func ParseFromRequest(req *http.Request, extractor Extractor, keyFunc jwt.Keyfunc, options ...ParseFromRequestOption) (token *jwt.Token, err error)

ParseFromRequest extracts and parses a JWT token from an HTTP request. This behaves the same as Parse, but accepts a request and an extractor instead of a token string. The Extractor interface allows you to define the logic for extracting a token. Several useful implementations are provided.

You can provide options to modify parsing behavior

func ParseFromRequestWithClaims deprecated

func ParseFromRequestWithClaims(req *http.Request, extractor Extractor, claims jwt.Claims, keyFunc jwt.Keyfunc) (token *jwt.Token, err error)

ParseFromRequestWithClaims is an alias for ParseFromRequest but with custom Claims type.

Deprecated: use ParseFromRequest and the WithClaims option

Types ¶

type ArgumentExtractor ¶

type ArgumentExtractor []string

ArgumentExtractor extracts a token from request arguments. This includes a POSTed form or GET URL arguments. Argument names are tried in order until there's a match. This extractor calls `ParseMultipartForm` on the request

Example ¶

req := makeExampleRequest("GET", "/", nil, url.Values{"token": {extractorTestTokenA}})
tokenString, err := ArgumentExtractor{"token"}.ExtractToken(req)
if err == nil {
	fmt.Println(tokenString)
} else {
	fmt.Println(err)
}

Output:

A

func (ArgumentExtractor) ExtractToken ¶

func (e ArgumentExtractor) ExtractToken(req *http.Request) (string, error)

type Extractor ¶

type Extractor interface {
	ExtractToken(*http.Request) (string, error)
}

Extractor is an interface for extracting a token from an HTTP request. The ExtractToken method should return a token string or an error. If no token is present, you must return ErrNoTokenInRequest.

type HeaderExtractor ¶

type HeaderExtractor []string

HeaderExtractor is an extractor for finding a token in a header. Looks at each specified header in order until there's a match

Example ¶

req := makeExampleRequest("GET", "/", map[string]string{"Token": exampleTokenA}, nil)
tokenString, err := HeaderExtractor{"Token"}.ExtractToken(req)
if err == nil {
	fmt.Println(tokenString)
} else {
	fmt.Println(err)
}

Output:

A

func (HeaderExtractor) ExtractToken ¶

func (e HeaderExtractor) ExtractToken(req *http.Request) (string, error)

type MultiExtractor ¶

type MultiExtractor []Extractor

MultiExtractor tries Extractors in order until one returns a token string or an error occurs

func (MultiExtractor) ExtractToken ¶

func (e MultiExtractor) ExtractToken(req *http.Request) (string, error)

type ParseFromRequestOption ¶

type ParseFromRequestOption func(*fromRequestParser)

func WithClaims ¶

func WithClaims(claims jwt.Claims) ParseFromRequestOption

WithClaims parses with custom claims

func WithParser ¶

func WithParser(parser *jwt.Parser) ParseFromRequestOption

WithParser parses using a custom parser

type PostExtractionFilter ¶

type PostExtractionFilter struct {
	Extractor
	Filter func(string) (string, error)
}

PostExtractionFilter wraps an Extractor in this to post-process the value before it's handed off. See AuthorizationHeaderExtractor for an example

func (*PostExtractionFilter) ExtractToken ¶

func (e *PostExtractionFilter) ExtractToken(req *http.Request) (string, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL