Documentation
¶
Index ¶
- type Argon2idHasher
- type BcryptHasher
- type JWTKeyProvider
- type JWTTokenService
- func (s *JWTTokenService) IssueAccessToken(ctx context.Context, subject string, claims map[string]any) (string, error)
- func (s *JWTTokenService) IssueRefreshToken(ctx context.Context, subject string, claims map[string]any) (string, error)
- func (s *JWTTokenService) ValidateToken(ctx context.Context, token string) (map[string]any, error)
- type PasswordHasher
- type StaticKeyProvider
- type TokenService
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Argon2idHasher ¶
type Argon2idHasher struct {
// contains filtered or unexported fields
}
Argon2idHasher implements PasswordHasher using argon2id.
func NewArgon2idHasher ¶
func NewArgon2idHasher(memory uint32, iterations uint32, parallelism uint8, saltLength int, keyLength uint32) *Argon2idHasher
NewArgon2idHasher creates a new Argon2id hasher with the given parameters. memory: memory usage in KiB. iterations: number of iterations to perform. parallelism: number of parallel threads to use. saltLength: length of the salt to use. keyLength: length of the generated key to use.
func (*Argon2idHasher) Compare ¶
func (h *Argon2idHasher) Compare(hashPassword, password string) error
Compare checks if the password matches the hash. Expects the hash to be in the format generated by Hash().
type BcryptHasher ¶
type BcryptHasher struct {
// contains filtered or unexported fields
}
BcryptHasher implements PasswordHasher using bcrypt.
func NewBcryptHasher ¶
func NewBcryptHasher(cost int) *BcryptHasher
NewBcryptHasher creates a new bcrypt hasher with the given cost. If cost is less than bcrypt.MinCost, it will be set to bcrypt.DefaultCost.
func (*BcryptHasher) Compare ¶
func (h *BcryptHasher) Compare(hash, password string) error
Compare checks if the password matches the hash.
type JWTKeyProvider ¶
type JWTKeyProvider interface {
// GetKey returns the key material for the given key ID.
GetKey(keyID string) ([]byte, error)
}
JWTKeyProvider provides signing keys for JWT tokens by key ID.
type JWTTokenService ¶
type JWTTokenService struct {
// contains filtered or unexported fields
}
JWTTokenService implements token issuance and validation using a JWTKeyProvider.
func NewJWTTokenService ¶
func NewJWTTokenService(keyProvider JWTKeyProvider, cfg config.JWTConfig) *JWTTokenService
NewJWTTokenService creates a new JWTTokenService.
func (*JWTTokenService) IssueAccessToken ¶
func (s *JWTTokenService) IssueAccessToken(ctx context.Context, subject string, claims map[string]any) (string, error)
IssueAccessToken creates a new access token. The key ID of the current signing key is placed in the "kid" header.
func (*JWTTokenService) IssueRefreshToken ¶
func (s *JWTTokenService) IssueRefreshToken(ctx context.Context, subject string, claims map[string]any) (string, error)
IssueRefreshToken creates a new refresh token.
func (*JWTTokenService) ValidateToken ¶
ValidateToken validates a token and returns its claims. It extracts the key ID from the "kid" header and uses the key provider to get the key for validation.
type PasswordHasher ¶
type StaticKeyProvider ¶
type StaticKeyProvider struct {
// contains filtered or unexported fields
}
StaticKeyProvider is a simple JWTKeyProvider that uses a static set of keys.
func NewStaticKeyProvider ¶
func NewStaticKeyProvider(keys map[string][]byte) *StaticKeyProvider
NewStaticKeyProvider creates a new StaticKeyProvider with the given keys.
Source Files