Documentation
¶
Overview ¶
Package jwt provides JWT token handling for the auth module. It includes functionality for generating and validating JWT tokens.
Index ¶
- func ExtractTokenFromHeader(authHeader string) (string, error)
- type Claims
- type Config
- type LocalValidator
- type RemoteClient
- type RemoteConfig
- type RemoteValidator
- type Service
- func (s *Service) GenerateToken(ctx context.Context, userID string, roles []string, scopes []string, ...) (string, error)
- func (s *Service) SetRemoteValidatorForTesting(validator TokenValidator)
- func (s *Service) ValidateToken(ctx context.Context, tokenString string) (*Claims, error)
- func (s *Service) WithRemoteValidator(config RemoteConfig) *Service
- type TokenValidator
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ExtractTokenFromHeader ¶
ExtractTokenFromHeader extracts a JWT token from an Authorization header.
Types ¶
type Claims ¶
type Claims struct {
// UserID is the unique identifier of the user (stored in the 'sub' claim)
UserID string `json:"sub"`
// Roles contains the user's assigned roles for authorization
Roles []string `json:"roles"`
// Scopes contains the user's assigned permission scopes
Scopes []string `json:"scopes"`
// Resources contains the resources the user has access to
Resources []string `json:"resources"`
// RegisteredClaims contains the standard JWT claims like expiration time
jwt.RegisteredClaims
}
Claims represents the JWT claims contained in a token.
type Config ¶
type Config struct {
// SecretKey is the key used to sign and verify JWT tokens
SecretKey string
// TokenDuration is the validity period for generated tokens
TokenDuration time.Duration
// Issuer identifies the entity that issued the token
Issuer string
}
Config holds the configuration for JWT token handling.
type LocalValidator ¶
type LocalValidator struct {
// contains filtered or unexported fields
}
LocalValidator implements TokenValidator using local validation.
func NewLocalValidator ¶
func NewLocalValidator(config Config, logger *zap.Logger) *LocalValidator
NewLocalValidator creates a new local validator with the provided configuration and logger.
func (*LocalValidator) ValidateToken ¶
ValidateToken validates a JWT token locally and returns the claims if valid.
type RemoteClient ¶
type RemoteClient struct {
// contains filtered or unexported fields
}
RemoteClient handles HTTP communication with the remote validation service.
func NewRemoteClient ¶
func NewRemoteClient(config RemoteConfig) *RemoteClient
NewRemoteClient creates a new remote client with the provided configuration.
func (*RemoteClient) ValidateToken ¶
ValidateToken sends a validation request to the remote service.
type RemoteConfig ¶
type RemoteConfig struct {
// ValidationURL is the URL of the remote validation endpoint
ValidationURL string
// ClientID is the client ID for the remote validation service
ClientID string
// ClientSecret is the client secret for the remote validation service
ClientSecret string
// Timeout is the timeout for remote validation operations
Timeout time.Duration
}
RemoteConfig holds the configuration for remote JWT token validation.
type RemoteValidator ¶
type RemoteValidator struct {
// contains filtered or unexported fields
}
RemoteValidator implements TokenValidator using remote validation.
func NewRemoteValidator ¶
func NewRemoteValidator(config RemoteConfig, logger *zap.Logger) *RemoteValidator
NewRemoteValidator creates a new remote validator with the provided configuration and logger.
func (*RemoteValidator) ValidateToken ¶
ValidateToken validates a JWT token remotely and returns the claims if valid.
type Service ¶
type Service struct {
// contains filtered or unexported fields
}
Service handles JWT token operations including generation and validation.
func NewService ¶
NewService creates a new JWT service with the provided configuration and logger.
func (*Service) GenerateToken ¶
func (s *Service) GenerateToken(ctx context.Context, userID string, roles []string, scopes []string, resources []string) (string, error)
GenerateToken generates a new JWT token for a user with the specified roles, scopes, and resources.
func (*Service) SetRemoteValidatorForTesting ¶
func (s *Service) SetRemoteValidatorForTesting(validator TokenValidator)
SetRemoteValidatorForTesting sets the remote validator for testing purposes. This method should only be used in tests.
func (*Service) ValidateToken ¶
ValidateToken validates a JWT token and returns the claims if valid.
func (*Service) WithRemoteValidator ¶
func (s *Service) WithRemoteValidator(config RemoteConfig) *Service
WithRemoteValidator adds a remote validator to the JWT service.
type TokenValidator ¶
type TokenValidator interface {
// ValidateToken validates a JWT token and returns the claims if valid.
ValidateToken(ctx context.Context, tokenString string) (*Claims, error)
}
TokenValidator is an interface for validating JWT tokens. It allows for different validation strategies (local, remote, etc.)
Source Files