token

package
v1.12.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 18, 2026 License: MIT Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	TokenTypeAccess  = "access"
	TokenTypeRefresh = "refresh"
)

Variables

View Source 
var (
	ErrRevocationStoreNotConfigured = fmt.Errorf("token: revocation store not configured")
	ErrMissingTokenJTI              = fmt.Errorf("token: missing jti in token")
	ErrMissingTokenExp              = fmt.Errorf("token: missing exp in token")
	ErrTokenRevoked                 = fmt.Errorf("token: token revoked")
)
View Source 
var (
	ErrMissingSecret      = errors.New("token: missing secret")
	ErrInvalidClaims      = errors.New("token: invalid claims")
	ErrInvalidTokenType   = errors.New("token: invalid token type")
	ErrMissingTokenSub    = errors.New("token: missing subject in token")
	ErrUnexpectedTokenAlg = errors.New("token: unexpected signing method")
)
View Source 
var ErrTokenMissingInContext = errors.New("token: token missing from fiber context")

Functions

func Module 

func Module(opts ...di.Node) di.Node

func SubjectFromContext 

func SubjectFromContext(c fiber.Ctx) (string, error)

func UseDefaultAccessExtractors 

func UseDefaultAccessExtractors(exs ...Extractor) di.Node

func UseDefaultRefreshExtractors 

func UseDefaultRefreshExtractors(exs ...Extractor) di.Node

func UseRedisRevocation 

func UseRedisRevocation(opts ...RedisRevocationOption) di.Node

func UseRedisRevocationWithNamespace 

func UseRedisRevocationWithNamespace(keyPrefix string, namespace string) di.Node

func UseRefreshRoute 

func UseRefreshRoute(path string, opts ...RefreshRouteOption) di.Node

func UseRevocationStore 

func UseRevocationStore(store RevocationStore) di.Node

Types

type Claims 

type Claims struct {
	Subject   string
	TokenType string
	JTI       string
	ExpiresAt time.Time
	Values    map[string]any
}

func ClaimsFromContext 

func ClaimsFromContext(c fiber.Ctx) (Claims, error)

func (Claims) Value 

func (c Claims) Value(key string) (any, bool)

type Config 

type Config struct {
	Secret          string        `mapstructure:"secret"`
	AccessTokenTTL  time.Duration `mapstructure:"access_token_ttl"`
	RefreshTokenTTL time.Duration `mapstructure:"refresh_token_ttl"`
	Issuer          string        `mapstructure:"issuer"`
}

type CookiePairDelivererConfig 

type CookiePairDelivererConfig struct {
	AccessTokenCookieName  string
	RefreshTokenCookieName string
	AccessCookieTemplate   fiber.Cookie
	RefreshCookieTemplate  fiber.Cookie
	IncludeJSONBody        bool
	StatusCode             int
}

type Extractor 

type Extractor = fiberextractors.Extractor

func Chain 

func Chain(extractors ...Extractor) Extractor

func FromAuthHeader 

func FromAuthHeader(authScheme string) Extractor

func FromCookie 

func FromCookie(key string) Extractor

func FromCustom 

func FromCustom(key string, fn func(fiber.Ctx) (string, error)) Extractor

func FromForm 

func FromForm(param string) Extractor

func FromHeader 

func FromHeader(header string) Extractor

func FromParam 

func FromParam(param string) Extractor

func FromQuery 

func FromQuery(param string) Extractor

type HeaderPairDelivererConfig 

type HeaderPairDelivererConfig struct {
	AccessTokenHeader  string
	RefreshTokenHeader string
	IncludeJSONBody    bool
	StatusCode         int
}

type Manager 

type Manager interface {
	GenerateTokenPair(subject string, additionalAccessClaims map[string]any) (*TokenPair, error)
	RefreshTokenPair(refreshToken string, additionalAccessClaims map[string]any) (*TokenPair, error)
	ValidateToken(tokenValue string, expectedType string) (Claims, error)
	AccessMiddleware(extractors ...Extractor) fiber.Handler
	RefreshMiddleware(extractors ...Extractor) fiber.Handler
	RevokeToken(ctx context.Context, tokenValue string) error
	RevokeFromContext(c fiber.Ctx) error
}

Manager is the auth token contract used by handlers/middleware wiring. Service is the current JWT implementation; future PASETO impl can satisfy this too.

type PairDeliverFunc 

type PairDeliverFunc func(c fiber.Ctx, pair *TokenPair) error

func (PairDeliverFunc) Deliver 

func (f PairDeliverFunc) Deliver(c fiber.Ctx, pair *TokenPair) error

type PairDeliverer 

type PairDeliverer interface {
	Deliver(c fiber.Ctx, pair *TokenPair) error
}

func CookiePairDeliverer 

func CookiePairDeliverer(cfg CookiePairDelivererConfig) PairDeliverer

func HeaderPairDeliverer 

func HeaderPairDeliverer(cfg HeaderPairDelivererConfig) PairDeliverer

func JSONPairDeliverer 

func JSONPairDeliverer() PairDeliverer

type PairDelivererResolver 

type PairDelivererResolver interface {
	Resolve(c fiber.Ctx) PairDeliverer
}

func DefaultRefreshPairDelivererResolver 

func DefaultRefreshPairDelivererResolver() PairDelivererResolver

func JSONOnlyPairDelivererResolver 

func JSONOnlyPairDelivererResolver() PairDelivererResolver

func WebCookieOrJSONPairDelivererResolver 

func WebCookieOrJSONPairDelivererResolver() PairDelivererResolver

type PairDelivererResolverFunc 

type PairDelivererResolverFunc func(c fiber.Ctx) PairDeliverer

func (PairDelivererResolverFunc) Resolve 

func (f PairDelivererResolverFunc) Resolve(c fiber.Ctx) PairDeliverer

type RedisRevocationOption 

type RedisRevocationOption func(*redisRevocationOptions)

func WithRedisRevocationKeyPrefix 

func WithRedisRevocationKeyPrefix(keyPrefix string) RedisRevocationOption

func WithRedisRevocationNamespace 

func WithRedisRevocationNamespace(namespace string) RedisRevocationOption

type RedisRevocationStore 

type RedisRevocationStore struct {
	// contains filtered or unexported fields
}

func NewRedisRevocationStore 

func NewRedisRevocationStore(client rd.StringManager, keyPrefix string) *RedisRevocationStore

func NewRedisRevocationStoreWithNamespace 

func NewRedisRevocationStoreWithNamespace(client rd.StringManager, keyPrefix string, namespace string) *RedisRevocationStore

func (*RedisRevocationStore) IsRevoked 

func (r *RedisRevocationStore) IsRevoked(ctx context.Context, jti string) (bool, error)

func (*RedisRevocationStore) Revoke 

func (r *RedisRevocationStore) Revoke(ctx context.Context, jti string, expiresAt time.Time) error

type RefreshHandler 

type RefreshHandler struct {
	// contains filtered or unexported fields
}

func NewRefreshHandler 

func NewRefreshHandler(service Manager) *RefreshHandler

func (*RefreshHandler) Handle 

func (h *RefreshHandler) Handle(r web.Router)

func (*RefreshHandler) Refresh 

func (h *RefreshHandler) Refresh(c fiber.Ctx) error

func (*RefreshHandler) WithDeliverer 

func (h *RefreshHandler) WithDeliverer(deliverer PairDeliverer) *RefreshHandler

func (*RefreshHandler) WithDelivererResolver 

func (h *RefreshHandler) WithDelivererResolver(resolver PairDelivererResolver) *RefreshHandler

func (*RefreshHandler) WithPath 

func (h *RefreshHandler) WithPath(path string) *RefreshHandler

type RefreshRouteOption 

type RefreshRouteOption func(*RefreshHandler)

func WithRefreshPairDeliverer 

func WithRefreshPairDeliverer(deliverer PairDeliverer) RefreshRouteOption

func WithRefreshPairDelivererResolver 

func WithRefreshPairDelivererResolver(resolver PairDelivererResolver) RefreshRouteOption

type RevocationStore 

type RevocationStore interface {
	Revoke(ctx context.Context, jti string, expiresAt time.Time) error
	IsRevoked(ctx context.Context, jti string) (bool, error)
}

type Service 

type Service struct {
	// contains filtered or unexported fields
}

func NewService 

func NewService(config Config) (*Service, error)

func (*Service) AccessMiddleware 

func (s *Service) AccessMiddleware(exs ...Extractor) fiber.Handler

func (*Service) GenerateTokenPair 

func (s *Service) GenerateTokenPair(subject string, additionalAccessClaims map[string]any) (*TokenPair, error)

func (*Service) RefreshMiddleware 

func (s *Service) RefreshMiddleware(exs ...Extractor) fiber.Handler

func (*Service) RefreshTokenPair 

func (s *Service) RefreshTokenPair(refreshToken string, additionalAccessClaims map[string]any) (*TokenPair, error)

func (*Service) RevokeClaims 

func (s *Service) RevokeClaims(ctx context.Context, claims Claims) error

func (*Service) RevokeFromContext 

func (s *Service) RevokeFromContext(c fiber.Ctx) error

func (*Service) RevokeToken 

func (s *Service) RevokeToken(ctx context.Context, tokenValue string) error

func (*Service) SetDefaultAccessExtractors 

func (s *Service) SetDefaultAccessExtractors(exs ...Extractor)

func (*Service) SetDefaultRefreshExtractors 

func (s *Service) SetDefaultRefreshExtractors(exs ...Extractor)

func (*Service) SetRevocationStore 

func (s *Service) SetRevocationStore(store RevocationStore)

func (*Service) ValidateToken 

func (s *Service) ValidateToken(tokenValue string, expectedType string) (Claims, error)

type ServiceOption 

type ServiceOption func(*Service)

type TokenPair 

type TokenPair struct {
	AccessToken      string    `json:"access_token"`
	RefreshToken     string    `json:"refresh_token"`
	AccessExpiresAt  time.Time `json:"access_expires_at"`
	RefreshExpiresAt time.Time `json:"refresh_expires_at"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.