jwt

package
v1.36.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 21, 2026 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	MetricTokensIssuedTotal    = "jwt_tokens_issued_total"    //nolint:gosec // false positive
	MetricTokensValidatedTotal = "jwt_tokens_validated_total" //nolint:gosec // false positive
	MetricTokensRevokedTotal   = "jwt_tokens_revoked_total"   //nolint:gosec // false positive
	MetricTokensRefreshedTotal = "jwt_tokens_refreshed_total" //nolint:gosec // false positive

	MetricIssuanceDurationSeconds   = "jwt_issuance_duration_seconds"
	MetricValidationDurationSeconds = "jwt_validation_duration_seconds"
	MetricRevocationDurationSeconds = "jwt_revocation_duration_seconds"
	MetricRefreshDurationSeconds    = "jwt_refresh_duration_seconds"

	StatusSuccess = "success"
	StatusError   = "error"
)

Metric constants.

Variables

View Source 
var (
	ErrDisabled        = errors.New("jwt disabled")
	ErrInitFailed      = errors.New("failed to initialize jwt")
	ErrInvalidConfig   = errors.New("invalid config")
	ErrInvalidParams   = errors.New("invalid params")
	ErrInvalidToken    = errors.New("invalid token")
	ErrInvalidTokenUse = errors.New("invalid token use")
	ErrTokenRevoked    = errors.New("token revoked")
	ErrTokenReplay     = errors.New("token replay detected")
)

Functions

func Migrate 

func Migrate(db *gorm.DB) error

func Module 

func Module() fx.Option

Types

type Claims 

type Claims struct {
	jwt.RegisteredClaims

	UserID string   `json:"user_id"`
	Scopes []string `json:"scopes"`
}

type Config 

type Config struct {
	Secret     string
	AccessTTL  time.Duration
	RefreshTTL time.Duration
	Issuer     string
}

func (Config) Validate 

func (c Config) Validate() error

type Metrics 

type Metrics struct {
	// contains filtered or unexported fields
}

Metrics contains all Prometheus Metrics for the JWT module.

func NewMetrics 

func NewMetrics() *Metrics

NewMetrics creates and initializes all JWT metrics.

func (*Metrics) IncrementTokensIssued 

func (m *Metrics) IncrementTokensIssued(status string)

IncrementTokensIssued increments the tokens issued counter.

func (*Metrics) IncrementTokensRefreshed added in v1.36.0 

func (m *Metrics) IncrementTokensRefreshed(status string)

IncrementTokensRefreshed increments the tokens refreshed counter.

func (*Metrics) IncrementTokensRevoked 

func (m *Metrics) IncrementTokensRevoked(status string, value ...int)

IncrementTokensRevoked increments the tokens revoked counter.

func (*Metrics) IncrementTokensValidated 

func (m *Metrics) IncrementTokensValidated(status string)

IncrementTokensValidated increments the tokens validated counter.

func (*Metrics) ObserveIssuance 

func (m *Metrics) ObserveIssuance(f func())

ObserveIssuance observes issuance duration.

func (*Metrics) ObserveRefresh added in v1.36.0 

func (m *Metrics) ObserveRefresh(f func())

ObserveRefresh observes refresh duration.

func (*Metrics) ObserveRevocation 

func (m *Metrics) ObserveRevocation(f func())

ObserveRevocation observes revocation duration.

func (*Metrics) ObserveValidation 

func (m *Metrics) ObserveValidation(f func())

ObserveValidation observes validation duration.

type Options added in v1.36.0 

type Options struct {
	RefreshScope string
}

func (Options) Validate added in v1.36.0 

func (o Options) Validate() error

type RefreshClaims added in v1.36.0 

type RefreshClaims struct {
	Claims

	OriginalScopes []string `json:"original_scopes"`
}

type Repository 

type Repository struct {
	// contains filtered or unexported fields
}

func NewRepository 

func NewRepository(db *gorm.DB) *Repository

func (*Repository) Insert 

func (r *Repository) Insert(ctx context.Context, tokens ...tokenModel) error

func (*Repository) IsRevoked 

func (r *Repository) IsRevoked(ctx context.Context, jti string) (bool, error)

func (*Repository) Revoke 

func (r *Repository) Revoke(ctx context.Context, jti, userID string) error

func (*Repository) RevokeByUser added in v1.36.1 

func (r *Repository) RevokeByUser(ctx context.Context, userID string) (int64, error)

func (*Repository) RotateRefreshToken added in v1.36.0 

func (r *Repository) RotateRefreshToken(
	ctx context.Context,
	currentJTI string,
	nextRefresh, nextAccess tokenModel,
) error

type Service 

type Service interface {
	GenerateTokenPair(
		ctx context.Context,
		userID string,
		scopes []string,
		accessTTL time.Duration,
	) (*TokenPairInfo, error)
	RefreshTokenPair(ctx context.Context, refreshToken string) (*TokenPairInfo, error)
	ParseToken(ctx context.Context, token string) (*Claims, error)
	RevokeToken(ctx context.Context, userID, jti string) error
	RevokeByUser(ctx context.Context, userID string) error
}

func New 

func New(config Config, options Options, tokens *Repository, metrics *Metrics) (Service, error)

type TokenInfo 

type TokenInfo struct {
	ID        string
	Token     string
	ExpiresAt time.Time
}

type TokenPairInfo added in v1.36.0 

type TokenPairInfo struct {
	Access  TokenInfo
	Refresh TokenInfo
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.