permission

Documentation

Index

• func HasRequiredClaims(token Token) bool
• func SetAlertHost(token *Token, alertHost bool)
• func SetTopicSalt(token *Token, salt string)
• type Token
  • func NewToken(audience, connectionType, topic string, scopes []string, iat, nbf, exp int64) Token

Functions

func HasRequiredClaims

func HasRequiredClaims(token Token) bool

HasRequiredClaims returns false if the Token is missing any required elements

func SetAlertHost

func SetAlertHost(token *Token, alertHost bool)

SetAlertHost sets the boolean value of AlertHost

func SetTopicSalt

func SetTopicSalt(token *Token, salt string)

SetTopicSalt sets the salt for token topic

Types

type Token

type Token struct {

	// Topic identifies the communication channel;
	// think of it as a session_id, or room (webrtc)
	// Don't reuse standard claim Subject as that is for a
	// usually for a user and is reserved for later usage.
	Topic string `json:"topic"`

	// Determines the type of communication channel
	// and hence required scopes + hub/client implementation
	// e.g. "session" or "shell"
	ConnectionType string `json:"prefix"`

	// Scopes controlling access to relay;
	// either ["read"],["write"], or ["read","write"] for session, or ["host"]/["client"] for shell
	Scopes []string `json:"scopes"`

	// ConnectionIDSalt remains hidden within a relay
	// and is used to obscure the actual topic used in a hub
	// from visibility in access logs e.g. in shellbar
	TopicSalt string `json:"topicSalt,omitempty"  yaml:",omitempty"`

	// AlertHost controls whether making _this_
	// particular connection should alert the host
	// This is needed for ssh hosts in shellbar
	AlertHost bool `json:"alertHost,omitempty" yaml:",omitempty"`

	jwt.RegisteredClaims `yaml:",omitempty"`
}

Token represents a JWT token

func NewToken

func NewToken(audience, connectionType, topic string, scopes []string, iat, nbf, exp int64) Token

NewToken returns a Token populated with the supplied information