token

package

v0.1.0 Latest Latest Go to latest Published: Jul 11, 2020 License: MIT Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/infraboard/keyauth

Links

Open Source Insights

Documentation ¶

Index ¶

func MakeBearer(lenth int) string
type DescribeTokenRequest
- func NewDescribeTokenRequest() *DescribeTokenRequest
- func (req *DescribeTokenRequest) Validate() error
type GrantType
type IssueTokenRequest
- func NewIssueTokenByPassword(clientID, clientSecret, user, pass string) *IssueTokenRequest
- func NewIssueTokenRequest() *IssueTokenRequest
- func (req *IssueTokenRequest) Validate() error
type QueryTokenRequest
- func NewQueryTokenRequest(page *request.PageRequest) *QueryTokenRequest
type RevolkTokenRequest
- func NewRevolkTokenRequest(clientID, clientSecret string) *RevolkTokenRequest
type Service
type Session
- func NewSession() *Session
- func (s *Session) GetToken() *Token
- func (s *Session) UserID() string
- func (s *Session) WithToken(tk *Token)
type Set
- func NewTokenSet(req *request.PageRequest) *Set
- func (s *Set) Add(tk *Token)
type Token
- func NewDefaultToken() *Token
- func (t *Token) CheckAccessIsExpired() bool
- func (t *Token) CheckRefreshIsExpired() bool
- func (t *Token) CheckTokenApplication(applicationID string) error
- func (t *Token) Desensitize()
type Type
type ValidateTokenRequest
- func NewValidateTokenRequest() *ValidateTokenRequest
- func (req *ValidateTokenRequest) Validate() error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func MakeBearer ¶

func MakeBearer(lenth int) string

MakeBearer https://tools.ietf.org/html/rfc6750#section-2.1 b64token = 1*( ALPHA / DIGIT /"-" / "." / "_" / "~" / "+" / "/" ) *"="

Types ¶

type DescribeTokenRequest ¶

type DescribeTokenRequest struct {
	AccessToken  string `json:"access_token,omitempty" validate:"lte=80"`  // 访问凭证
	RefreshToken string `json:"refresh_token,omitempty" validate:"lte=80"` // 访问凭证
}

DescribeTokenRequest 撤销请求

func NewDescribeTokenRequest ¶

func NewDescribeTokenRequest() *DescribeTokenRequest

NewDescribeTokenRequest 实例化

func (*DescribeTokenRequest) Validate ¶

func (req *DescribeTokenRequest) Validate() error

Validate 校验

type GrantType ¶

type GrantType string

GrantType is the type for OAuth2 param `grant_type`

const (
	// AUTHCODE oauth2 Authorization Code Grant
	AUTHCODE GrantType = "authorization_code"
	// IMPLICIT oauth2 Implicit Grant
	IMPLICIT GrantType = "implicit"
	// PASSWORD oauth2 Resource Owner Password Credentials Grant
	PASSWORD GrantType = "password"
	// CLIENT oauth2 Client Credentials Grant
	CLIENT GrantType = "client_credentials"
	// REFRESH oauth2 Refreshing an Access Token
	REFRESH GrantType = "refresh_token"
	// Access is an custom grant for use use generate personal private token
	Access GrantType = "access_token"
)

oauth2 Authorization Grant: https://tools.ietf.org/html/rfc6749#section-1.3

type IssueTokenRequest ¶

type IssueTokenRequest struct {
	ClientID     string    `json:"client_id,omitempty" validate:"required,lte=80"`     // 客户端ID
	ClientSecret string    `json:"client_secret,omitempty" validate:"required,lte=80"` // 客户端凭证
	Username     string    `json:"username,omitempty" validate:"lte=40"`               // 用户名
	Password     string    `json:"password,omitempty" validate:"lte=100"`              // 密码
	RefreshToken string    `json:"refresh_token,omitempty" validate:"lte=80"`          // 刷新凭证
	AccessToken  string    `json:"access_token,omitempty" validate:"lte=80"`           // 访问凭证
	AuthCode     string    `json:"code,omitempty" validate:"lte=40"`                   // https://tools.ietf.org/html/rfc6749#section-4.1.2
	State        string    `json:"state,omitempty" validate:"lte=40"`                  // https://tools.ietf.org/html/rfc6749#section-10.12
	GrantType    GrantType `json:"grant_type,omitempty" validate:"lte=20"`             // 授权的类型
	Type         Type      `json:"type,omitempty" validate:"lte=20"`                   // 令牌的类型 类型包含: bearer/jwt  (默认为bearer)
	Scope        string    `json:"scope,omitempty" validate:"lte=100"`                 // 令牌的作用范围: detail https://tools.ietf.org/html/rfc6749#section-3.3
}

IssueTokenRequest 颁发token请求

func NewIssueTokenByPassword ¶

func NewIssueTokenByPassword(clientID, clientSecret, user, pass string) *IssueTokenRequest

NewIssueTokenByPassword todo

func NewIssueTokenRequest ¶

func NewIssueTokenRequest() *IssueTokenRequest

NewIssueTokenRequest 默认请求

func (*IssueTokenRequest) Validate ¶

func (req *IssueTokenRequest) Validate() error

Validate 校验请求

type QueryTokenRequest ¶

type QueryTokenRequest struct {
	*request.PageRequest
	ApplicationID string    `json:"application_id,omitempty"`
	GrantType     GrantType `json:"grant_type,omitempty"`
}

QueryTokenRequest 查询Token列表

func NewQueryTokenRequest ¶

func NewQueryTokenRequest(page *request.PageRequest) *QueryTokenRequest

NewQueryTokenRequest 请求实例

type RevolkTokenRequest ¶

type RevolkTokenRequest struct {
	ClientSecret string `json:"client_secret,omitempty" validate:"required,lte=80"` // 客户端凭证
	ClientID     string `json:"client_id,omitempty" validate:"required,lte=80"`     // 客户端ID
	*DescribeTokenRequest
}

RevolkTokenRequest 撤销Token的请求

func NewRevolkTokenRequest ¶

func NewRevolkTokenRequest(clientID, clientSecret string) *RevolkTokenRequest

NewRevolkTokenRequest 撤销Token请求

type Service ¶

type Service interface {
	IssueToken(req *IssueTokenRequest) (*Token, error)
	ValidateToken(req *ValidateTokenRequest) (*Token, error)
	RevolkToken(req *RevolkTokenRequest) error
	QueryToken(req *QueryTokenRequest) (*Set, error)
}

Service token管理服务

type Session ¶

type Session struct {
	// contains filtered or unexported fields
}

Session 请求上下文信息

func NewSession ¶

func NewSession() *Session

NewSession todo

func (*Session) GetToken ¶

func (s *Session) GetToken() *Token

GetToken 获取token

func (*Session) UserID ¶

func (s *Session) UserID() string

UserID todo

func (*Session) WithToken ¶

func (s *Session) WithToken(tk *Token)

WithToken 携带token

type Set ¶

type Set struct {
	*request.PageRequest

	Total int64    `json:"total"`
	Items []*Token `json:"items"`
}

Set token列表

func NewTokenSet ¶

func NewTokenSet(req *request.PageRequest) *Set

NewTokenSet 实例化

func (*Set) Add ¶

func (s *Set) Add(tk *Token)

Add 添加

type Token ¶

type Token struct {
	AccessToken      string     `bson:"_id" json:"access_token"`                                // 服务访问令牌
	RefreshToken     string     `bson:"refresh_token" json:"refresh_token,omitempty"`           // 用于刷新访问令牌的凭证, 刷新过后, 原先令牌将会被删除
	CreatedAt        ftime.Time `bson:"create_at" json:"create_at,omitempty"`                   // 凭证创建时间
	AccessExpiredAt  ftime.Time `bson:"access_expired_at" json:"access_expires_at,omitempty"`   // 还有多久过期
	RefreshExpiredAt ftime.Time `bson:"refresh_expired_at" json:"refresh_expired_at,omitempty"` // 刷新token过期时间

	DomainID      string     `bson:"domain_id" json:"domain_id,omitempty"`           // 用户所处域ID
	UserType      types.Type `bson:"user_type" json:"user_type,omitempty"`           // 用户类型
	UserID        string     `bson:"user_id" json:"user_id,omitempty"`               // 用户ID
	Account       string     `bson:"account" json:"account,omitempty"`               // 账户名称
	ApplicationID string     `bson:"application_id" json:"application_id,omitempty"` // 用户应用ID, 如果凭证是颁发给应用的, 应用在删除时需要删除所有的令牌, 应用禁用时, 该应用令牌验证会不通过
	ClientID      string     `bson:"client_id" json:"client_id,omitempty"`           // 客户端ID
	GrantType     GrantType  `bson:"grant_type" json:"grant_type,omitempty"`         // 授权的类型
	Type          Type       `bson:"type" json:"type,omitempty"`                     // 令牌的类型 类型包含: bearer/jwt  (默认为bearer)
	Scope         string     `bson:"scope" json:"scope,omitempty"`                   // 令牌的作用范围: detail https://tools.ietf.org/html/rfc6749#section-3.3, 格式 resource-ro@k=*, resource-rw@k=*
	Description   string     `bson:"description" json:"description,omitempty"`       // 独立颁发给SDK使用时, 令牌的描述信息, 方便定位与取消
}

Token is user's access resource token

func NewDefaultToken ¶

func NewDefaultToken() *Token

NewDefaultToken todo

func (*Token) CheckAccessIsExpired ¶

func (t *Token) CheckAccessIsExpired() bool

CheckAccessIsExpired 检测token是否过期

func (*Token) CheckRefreshIsExpired ¶

func (t *Token) CheckRefreshIsExpired() bool

CheckRefreshIsExpired 检测刷新token是否过期

func (*Token) CheckTokenApplication ¶

func (t *Token) CheckTokenApplication(applicationID string) error

CheckTokenApplication 判断token是否属于该应用

func (*Token) Desensitize ¶

func (t *Token) Desensitize()

Desensitize 数据脱敏

type Type ¶

type Type string

Type token type

const (
	// Bearer detail: https://tools.ietf.org/html/rfc6750
	Bearer Type = "bearer"
	// MAC detail: https://tools.ietf.org/html/rfc6749#ref-OAuth-HTTP-MAC
	MAC Type = "mac"
	// JWT detail:  https://tools.ietf.org/html/rfc7519
	JWT Type = "jwt"
)

oauth2 Token Type: https://tools.ietf.org/html/rfc6749#section-7.1

type ValidateTokenRequest ¶

type ValidateTokenRequest struct {
	ClientID     string `json:"client_id" validate:"required,lte=80"`      // 服务ID
	ClientSecret string `json:"client_secret" validate:"required,lte=100"` // 服务秘钥
	Endpoint     string `json:"endpoint,omitempty" validate:"lte=400"`     // 接口URL
	*DescribeTokenRequest
}

ValidateTokenRequest 校验token

func NewValidateTokenRequest ¶

func NewValidateTokenRequest() *ValidateTokenRequest

NewValidateTokenRequest 实例化

func (*ValidateTokenRequest) Validate ¶

func (req *ValidateTokenRequest) Validate() error

Validate 校验参数

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
http
mongo

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL