jwtmiddleware

package

v0.7.0 Latest Latest Go to latest Published: Jul 8, 2018 License: GPL-3.0 Imports: 6 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/Ghvstcode/daptin

Links

Open Source Insights

Documentation ¶

Index ¶

func FromAuthHeader(r *http.Request) (string, error)
func OnError(w http.ResponseWriter, r *http.Request, err string)
type JWTMiddleware
- func New(options ...Options) *JWTMiddleware
type Options
type TokenExtractor
- func FromFirst(extractors ...TokenExtractor) TokenExtractor
- func FromParameter(param string) TokenExtractor

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func FromAuthHeader ¶

func FromAuthHeader(r *http.Request) (string, error)

FromAuthHeader is a "TokenExtractor" that takes a give request and extracts the JWT token from the Authorization header.

func OnError ¶

func OnError(w http.ResponseWriter, r *http.Request, err string)

Types ¶

type JWTMiddleware ¶

type JWTMiddleware struct {
	Options Options
}

func New ¶

func New(options ...Options) *JWTMiddleware

New constructs a new Secure instance with supplied options.

func (*JWTMiddleware) CheckJWT ¶

func (m *JWTMiddleware) CheckJWT(w http.ResponseWriter, r *http.Request) (*jwt.Token, error)

func (*JWTMiddleware) Handler ¶

func (m *JWTMiddleware) Handler(h http.Handler) http.Handler

func (*JWTMiddleware) HandlerWithNext ¶

func (m *JWTMiddleware) HandlerWithNext(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)

Special implementation for Negroni, but could be used elsewhere.

type Options ¶

type Options struct {
	Issuer string
	// The function that will return the Key to validate the JWT.
	// It can be either a shared secret or a public key.
	// Default value: nil
	ValidationKeyGetter jwt.Keyfunc
	// The name of the property in the request where the user information
	// from the JWT will be stored.
	// Default value: "user"
	UserProperty string
	// The function that will be called when there's an error validating the token
	// Default value:
	ErrorHandler errorHandler
	// A boolean indicating if the credentials are required or not
	// Default value: false
	CredentialsOptional bool
	// A function that extracts the token from the request
	// Default: FromAuthHeader (i.e., from Authorization header as bearer token)
	Extractor TokenExtractor
	// Debug flag turns on debugging output
	// Default: false
	Debug bool
	// When set, all requests with the OPTIONS method will use authentication
	// Default: false
	EnableAuthOnOptions bool
	// When set, the middelware verifies that tokens are signed with the specific signing algorithm
	// If the signing method is not constant the ValidationKeyGetter callback can be used to implement additional checks
	// Important to avoid security issues described here: https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/
	// Default: nil
	SigningMethod jwt.SigningMethod
}

Options is a struct for specifying configuration options for the middleware.

type TokenExtractor ¶

type TokenExtractor func(r *http.Request) (string, error)

TokenExtractor is a function that takes a request as input and returns either a token or an error. An error should only be returned if an attempt to specify a token was found, but the information was somehow incorrectly formed. In the case where a token is simply not present, this should not be treated as an error. An empty string should be returned in that case.

func FromFirst ¶

func FromFirst(extractors ...TokenExtractor) TokenExtractor

FromFirst returns a function that runs multiple token extractors and takes the first token it finds

func FromParameter ¶

func FromParameter(param string) TokenExtractor

FromParameter returns a function that extracts the token from the specified query string parameter

Source Files ¶

View all Source files

jwtmiddleware.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL