Documentation
¶
Overview ¶
Copyright 2023 Northern.tech AS
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Copyright 2023 Northern.tech AS
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ExtractJWTFromHeader ¶
ExtractJWTFromHeader inspect the Authorization header for a Bearer token and if not present looks for a "JWT" cookie.
func Middleware ¶
func Middleware(opts ...*MiddlewareOptions) gin.HandlerFunc
Types ¶
type Identity ¶
type Identity struct {
Subject string `json:"sub" valid:"required"`
Tenant string `json:"mender.tenant,omitempty"`
IsUser bool `json:"mender.user,omitempty"`
IsDevice bool `json:"mender.device,omitempty"`
Plan string `json:"mender.plan,omitempty"`
Addons []addons.Addon `json:"mender.addons,omitempty"`
Trial bool `json:"mender.trial"`
}
func ExtractIdentity ¶
Generate identity information from given JWT by extracting subject and tenant claims. Note that this function does not perform any form of token signature verification.
func FromContext ¶
FromContext extracts current identity from context.Context
type IdentityMiddleware ¶
type IdentityMiddleware struct {
// If set to true, the middleware will update context logger setting
// 'user_id' or 'device_id' to the value of subject field, if the token
// is not a user or a device token, the middelware will add a 'sub'
// field to the logger
UpdateLogger bool
}
IdentityMiddleware adds the identity extracted from JWT token to the request's context. IdentityMiddleware does not perform any form of token signature verification. If it is not possible to extract identity from header error log will be generated. IdentityMiddleware will not stop control propagating through the chain in any case. It is recommended to use IdentityMiddleware with RequestLogMiddleware and RequestLogMiddleware should be placed before IdentityMiddleware. Otherwise, log generated by IdentityMiddleware will not contain "request_id" field.
func (*IdentityMiddleware) MiddlewareFunc ¶
func (mw *IdentityMiddleware) MiddlewareFunc(h rest.HandlerFunc) rest.HandlerFunc
MiddlewareFunc makes IdentityMiddleware implement the Middleware interface.
type MiddlewareOptions ¶
type MiddlewareOptions struct {
// PathRegex sets the regex for the path for which this middleware
// applies. Defaults to "^/api/management/v[0-9.]{1,6}/.+".
PathRegex *string
// UpdateLogger adds the decoded identity to the log context.
UpdateLogger *bool
}
func NewMiddlewareOptions ¶
func NewMiddlewareOptions() *MiddlewareOptions
func (*MiddlewareOptions) SetPathRegex ¶
func (opts *MiddlewareOptions) SetPathRegex(regex string) *MiddlewareOptions
func (*MiddlewareOptions) SetUpdateLogger ¶
func (opts *MiddlewareOptions) SetUpdateLogger(updateLogger bool) *MiddlewareOptions
Source Files
Directories