token

package
v0.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 2, 2025 License: MIT Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AesEncryptor 

type AesEncryptor struct {
	// contains filtered or unexported fields
}

AesEncryptor 使用AES-GCM加密

func NewAesEncryptor 

func NewAesEncryptor(key []byte) (*AesEncryptor, error)

NewAesEncryptor 创建AES加密器

func (*AesEncryptor) Encrypt 

func (e *AesEncryptor) Encrypt(data []byte) ([]byte, error)

Encrypt 使用AES-GCM对数据进行加密

func (*AesEncryptor) Verify 

func (e *AesEncryptor) Verify(data []byte, signature []byte) error

Verify AES-GCM会在解密时进行验证

type AuthenticatorFunc 

type AuthenticatorFunc func(ctx context.Context, username, password string) (*auth.User, error)

AuthenticatorFunc 定义验证用户凭证的函数类型

type CompositeEncryptor 

type CompositeEncryptor struct {
	// contains filtered or unexported fields
}

CompositeEncryptor 组合多个加密器,提供额外的安全层

func NewCompositeEncryptor 

func NewCompositeEncryptor(encryptors ...Encryptor) *CompositeEncryptor

NewCompositeEncryptor 创建组合加密器

func (*CompositeEncryptor) Encrypt 

func (e *CompositeEncryptor) Encrypt(data []byte) ([]byte, error)

Encrypt 使用所有加密器依次加密

func (*CompositeEncryptor) Verify 

func (e *CompositeEncryptor) Verify(data []byte, signature []byte) error

Verify 验证组合加密

type CustomTokenConfig 

type CustomTokenConfig struct {
	// 签名密钥
	SigningKey []byte
	// 默认有效期
	DefaultDuration time.Duration
	// 颁发者
	Issuer string
	// 加密器
	Encryptor Encryptor
	// 令牌存储
	TokenStore TokenStore
	// 令牌黑名单
	Blacklist TokenBlacklist
}

CustomTokenConfig 配置自定义令牌管理器

type CustomTokenManager 

type CustomTokenManager struct {
	// contains filtered or unexported fields
}

CustomTokenManager 实现了自定义的令牌管理

func NewCustomTokenManager 

func NewCustomTokenManager(config CustomTokenConfig) (*CustomTokenManager, error)

NewCustomTokenManager 创建自定义令牌管理器

func (*CustomTokenManager) CleanupExpired 

func (m *CustomTokenManager) CleanupExpired(ctx context.Context) error

CleanupExpired 清理过期的令牌和黑名单条目

func (*CustomTokenManager) Close 

func (m *CustomTokenManager) Close() error

Close 关闭令牌管理器

func (*CustomTokenManager) GenerateToken 

func (m *CustomTokenManager) GenerateToken(ctx context.Context, user *auth.User, duration time.Duration) (*auth.TokenInfo, error)

GenerateToken 生成自定义令牌

func (*CustomTokenManager) RefreshToken 

func (m *CustomTokenManager) RefreshToken(ctx context.Context, refreshToken string) (*auth.TokenInfo, error)

RefreshToken 刷新令牌

func (*CustomTokenManager) RevokeToken 

func (m *CustomTokenManager) RevokeToken(ctx context.Context, tokenString string) error

RevokeToken 撤销令牌

func (*CustomTokenManager) ValidateToken 

func (m *CustomTokenManager) ValidateToken(ctx context.Context, tokenString string) (*auth.User, error)

ValidateToken 验证令牌

type Encryptor 

type Encryptor interface {
	// Encrypt 对数据进行加密/签名
	Encrypt(data []byte) ([]byte, error)
	// Verify 验证数据签名
	Verify(data []byte, signature []byte) error
}

Encryptor 定义加密接口

type HmacEncryptor 

type HmacEncryptor struct {
	// contains filtered or unexported fields
}

HmacEncryptor 使用HMAC-SHA256实现签名

func NewHmacEncryptor 

func NewHmacEncryptor(key []byte) (*HmacEncryptor, error)

NewHmacEncryptor 创建HMAC加密器

func (*HmacEncryptor) Encrypt 

func (e *HmacEncryptor) Encrypt(data []byte) ([]byte, error)

Encrypt 使用HMAC-SHA256对数据进行签名

func (*HmacEncryptor) Verify 

func (e *HmacEncryptor) Verify(data []byte, signature []byte) error

Verify 验证HMAC-SHA256签名

type InMemoryBlacklist 

type InMemoryBlacklist struct {
	// contains filtered or unexported fields
}

InMemoryBlacklist 内存黑名单实现

func NewInMemoryBlacklist 

func NewInMemoryBlacklist() *InMemoryBlacklist

NewInMemoryBlacklist 创建内存黑名单

func (*InMemoryBlacklist) AddToBlacklist 

func (b *InMemoryBlacklist) AddToBlacklist(ctx context.Context, tokenID string, expiration time.Duration) error

AddToBlacklist 将令牌添加到黑名单

func (*InMemoryBlacklist) CleanupExpired 

func (b *InMemoryBlacklist) CleanupExpired(ctx context.Context) error

CleanupExpired 清理过期的黑名单条目

func (*InMemoryBlacklist) Close 

func (b *InMemoryBlacklist) Close() error

Close 关闭黑名单

func (*InMemoryBlacklist) IsBlacklisted 

func (b *InMemoryBlacklist) IsBlacklisted(ctx context.Context, tokenID string) (bool, error)

IsBlacklisted 检查令牌是否在黑名单中

func (*InMemoryBlacklist) RemoveFromBlacklist 

func (b *InMemoryBlacklist) RemoveFromBlacklist(ctx context.Context, tokenID string) error

RemoveFromBlacklist 从黑名单中移除令牌

type InMemoryTokenStore 

type InMemoryTokenStore struct {
	// contains filtered or unexported fields
}

InMemoryTokenStore 内存令牌存储实现

func NewInMemoryTokenStore 

func NewInMemoryTokenStore() *InMemoryTokenStore

NewInMemoryTokenStore 创建内存令牌存储

func (*InMemoryTokenStore) CleanupExpiredTokens 

func (s *InMemoryTokenStore) CleanupExpiredTokens(ctx context.Context) error

CleanupExpiredTokens 清理过期令牌

func (*InMemoryTokenStore) Close 

func (s *InMemoryTokenStore) Close() error

Close 关闭存储

func (*InMemoryTokenStore) GetToken 

func (s *InMemoryTokenStore) GetToken(ctx context.Context, tokenID string) (*TokenData, error)

GetToken 获取令牌

func (*InMemoryTokenStore) GetTokenByRefresh 

func (s *InMemoryTokenStore) GetTokenByRefresh(ctx context.Context, refreshToken string) (*TokenData, error)

GetTokenByRefresh 通过刷新令牌获取令牌

func (*InMemoryTokenStore) GetUserByID 

func (s *InMemoryTokenStore) GetUserByID(ctx context.Context, userID string) (*auth.User, error)

GetUserByID 获取用户信息

func (*InMemoryTokenStore) IsTokenValid 

func (s *InMemoryTokenStore) IsTokenValid(ctx context.Context, tokenID string) (bool, error)

IsTokenValid 检查令牌是否有效

func (*InMemoryTokenStore) RevokeToken 

func (s *InMemoryTokenStore) RevokeToken(ctx context.Context, tokenID string) error

RevokeToken 撤销令牌

func (*InMemoryTokenStore) StoreToken 

func (s *InMemoryTokenStore) StoreToken(ctx context.Context, token *TokenData) error

StoreToken 存储令牌

func (*InMemoryTokenStore) StoreUser 

func (s *InMemoryTokenStore) StoreUser(user *auth.User)

StoreUser 存储用户信息

type Middleware 

type Middleware interface {
	// Authenticate 认证中间件
	Authenticate(next interface{}) interface{}
	// Authorize 授权中间件
	Authorize(resource, action string, next interface{}) interface{}
}

定义鉴权中间件接口

type RedisBlacklist 

type RedisBlacklist struct {
	// contains filtered or unexported fields
}

RedisBlacklist Redis黑名单实现

func NewRedisBlacklist 

func NewRedisBlacklist(client redis.Client, keyPrefix string) *RedisBlacklist

NewRedisBlacklist 创建Redis黑名单

func (*RedisBlacklist) AddToBlacklist 

func (b *RedisBlacklist) AddToBlacklist(ctx context.Context, tokenID string, expiration time.Duration) error

AddToBlacklist 将令牌添加到黑名单

func (*RedisBlacklist) CleanupExpired 

func (b *RedisBlacklist) CleanupExpired(ctx context.Context) error

CleanupExpired 清理过期的黑名单条目

func (*RedisBlacklist) Close 

func (b *RedisBlacklist) Close() error

Close 关闭黑名单

func (*RedisBlacklist) IsBlacklisted 

func (b *RedisBlacklist) IsBlacklisted(ctx context.Context, tokenID string) (bool, error)

IsBlacklisted 检查令牌是否在黑名单中

func (*RedisBlacklist) RemoveFromBlacklist 

func (b *RedisBlacklist) RemoveFromBlacklist(ctx context.Context, tokenID string) error

RemoveFromBlacklist 从黑名单中移除令牌

type RedisTokenStore 

type RedisTokenStore struct {
	// contains filtered or unexported fields
}

RedisTokenStore Redis令牌存储实现

func NewRedisTokenStore 

func NewRedisTokenStore(config RedisTokenStoreConfig) (*RedisTokenStore, error)

NewRedisTokenStore 创建Redis令牌存储

func (*RedisTokenStore) CleanupExpiredTokens 

func (s *RedisTokenStore) CleanupExpiredTokens(ctx context.Context) error

CleanupExpiredTokens 清理过期的令牌

func (*RedisTokenStore) Close 

func (s *RedisTokenStore) Close() error

Close 关闭令牌存储

func (*RedisTokenStore) DeleteUser 

func (s *RedisTokenStore) DeleteUser(ctx context.Context, userID string) error

DeleteUser 删除用户

func (*RedisTokenStore) GetToken 

func (s *RedisTokenStore) GetToken(ctx context.Context, tokenID string) (*TokenData, error)

GetToken 获取令牌

func (*RedisTokenStore) GetTokenByRefresh 

func (s *RedisTokenStore) GetTokenByRefresh(ctx context.Context, refreshToken string) (*TokenData, error)

GetTokenByRefresh 通过刷新令牌获取令牌

func (*RedisTokenStore) GetUserByID 

func (s *RedisTokenStore) GetUserByID(ctx context.Context, userID string) (*auth.User, error)

GetUserByID 获取用户

func (*RedisTokenStore) IsTokenValid 

func (s *RedisTokenStore) IsTokenValid(ctx context.Context, tokenID string) (bool, error)

IsTokenValid 检查令牌是否有效

func (*RedisTokenStore) RevokeToken 

func (s *RedisTokenStore) RevokeToken(ctx context.Context, tokenID string) error

RevokeToken 撤销令牌

func (*RedisTokenStore) StoreToken 

func (s *RedisTokenStore) StoreToken(ctx context.Context, token *TokenData) error

StoreToken 存储令牌

func (*RedisTokenStore) StoreUser 

func (s *RedisTokenStore) StoreUser(ctx context.Context, user *auth.User) error

StoreUser 存储用户

type RedisTokenStoreConfig 

type RedisTokenStoreConfig struct {
	// Redis客户端
	Client redis.Client
	// 键前缀
	KeyPrefix string
	// 令牌过期时间
	Expiration time.Duration
	// 用户缓存
	UserCache UserCache
	// 是否启用缓存
	EnableCache bool
}

RedisTokenStoreConfig Redis令牌存储配置

type SimpleUserCache 

type SimpleUserCache struct {
	// contains filtered or unexported fields
}

SimpleUserCache 简单的内存用户缓存实现

func NewSimpleUserCache 

func NewSimpleUserCache() *SimpleUserCache

NewSimpleUserCache 创建简单用户缓存

func (*SimpleUserCache) DelUser 

func (c *SimpleUserCache) DelUser(userID string)

DelUser 删除用户

func (*SimpleUserCache) GetUser 

func (c *SimpleUserCache) GetUser(userID string) (*auth.User, bool)

GetUser 获取用户

func (*SimpleUserCache) SetUser 

func (c *SimpleUserCache) SetUser(user *auth.User)

SetUser 设置用户

type TokenBlacklist 

type TokenBlacklist interface {
	// AddToBlacklist 将令牌添加到黑名单
	AddToBlacklist(ctx context.Context, tokenID string, expiration time.Duration) error
	// IsBlacklisted 检查令牌是否在黑名单中
	IsBlacklisted(ctx context.Context, tokenID string) (bool, error)
	// RemoveFromBlacklist 从黑名单中移除令牌(主要用于测试)
	RemoveFromBlacklist(ctx context.Context, tokenID string) error
	// CleanupExpired 清理过期的黑名单条目
	CleanupExpired(ctx context.Context) error
	// Close 关闭黑名单
	Close() error
}

TokenBlacklist 定义令牌黑名单接口

type TokenClaims 

type TokenClaims struct {
	// 用户ID
	UserID string `json:"uid"`
	// 用户名
	Username string `json:"uname"`
	// 角色列表
	Roles []string `json:"roles,omitempty"`
	// 权限列表
	Permissions []string `json:"perms,omitempty"`
	// 元数据
	Metadata map[string]string `json:"meta,omitempty"`
	// 令牌ID
	TokenID string `json:"jti"`
	// 颁发时间
	IssuedAt int64 `json:"iat"`
	// 过期时间
	ExpiresAt int64 `json:"exp"`
	// 颁发者
	Issuer string `json:"iss,omitempty"`
}

TokenClaims 定义令牌的声明

type TokenData 

type TokenData struct {
	// 访问令牌
	AccessToken string
	// 刷新令牌
	RefreshToken string
	// 用户ID
	UserID string
	// 过期时间
	ExpiresAt int64
	// 令牌ID
	TokenID string
	// 是否被撤销
	Revoked bool
	// 创建时间
	CreatedAt int64
}

TokenData 表示存储的令牌数据

type TokenService 

type TokenService struct {
	// contains filtered or unexported fields
}

TokenService 提供完整的令牌服务

func NewTokenService 

func NewTokenService(
	tokenManager auth.TokenManager,
	authenticator AuthenticatorFunc,
	extractor auth.TokenExtractor,
	options TokenServiceOptions,
) *TokenService

NewTokenService 创建令牌服务

func (*TokenService) CheckPermission 

func (s *TokenService) CheckPermission(ctx context.Context, resource, action string) error

CheckPermission 检查用户权限

func (*TokenService) GenerateAPIKey 

func (s *TokenService) GenerateAPIKey(ctx context.Context, userID string, duration time.Duration) (string, error)

GenerateAPIKey 生成API密钥

func (*TokenService) GetTokenManager 

func (s *TokenService) GetTokenManager() auth.TokenManager

添加一个GetTokenManager方法,让外部代码可以访问tokenManager

func (*TokenService) Login 

func (s *TokenService) Login(ctx context.Context, username, password string) (*auth.TokenInfo, error)

Login 用户登录并生成令牌

func (*TokenService) Logout 

func (s *TokenService) Logout(ctx context.Context) error

Logout 用户登出并撤销令牌

func (*TokenService) Refresh 

func (s *TokenService) Refresh(ctx context.Context, refreshToken string) (*auth.TokenInfo, error)

Refresh 刷新令牌

func (*TokenService) SetAuthorizer 

func (s *TokenService) SetAuthorizer(authorizer auth.Authorizer)

SetAuthorizer 设置授权器

func (*TokenService) Validate 

func (s *TokenService) Validate(ctx context.Context) (*auth.User, error)

Validate 验证令牌

type TokenServiceOptions 

type TokenServiceOptions struct {
	// 访问令牌有效期
	AccessTokenDuration time.Duration
	// 刷新令牌有效期
	RefreshTokenDuration time.Duration
	// 是否启用刷新令牌轮换
	EnableRefreshTokenRotation bool
	// 是否启用令牌撤销
	EnableTokenRevocation bool
	// 令牌类型
	TokenType string
}

TokenServiceOptions 令牌服务选项

type TokenStore 

type TokenStore interface {
	// StoreToken 存储令牌
	StoreToken(ctx context.Context, token *TokenData) error
	// GetToken 获取令牌
	GetToken(ctx context.Context, tokenID string) (*TokenData, error)
	// GetTokenByRefresh 通过刷新令牌获取令牌
	GetTokenByRefresh(ctx context.Context, refreshToken string) (*TokenData, error)
	// RevokeToken 撤销令牌
	RevokeToken(ctx context.Context, tokenID string) error
	// IsTokenValid 检查令牌是否有效
	IsTokenValid(ctx context.Context, tokenID string) (bool, error)
	// CleanupExpiredTokens 清理过期令牌
	CleanupExpiredTokens(ctx context.Context) error
	// GetUserByID 获取用户信息
	GetUserByID(ctx context.Context, userID string) (*auth.User, error)
	// Close 关闭存储
	Close() error
}

TokenStore 定义令牌存储接口

type UserCache 

type UserCache interface {
	// GetUser 获取用户
	GetUser(userID string) (*auth.User, bool)
	// SetUser 设置用户
	SetUser(user *auth.User)
	// DelUser 删除用户
	DelUser(userID string)
}

UserCache 提供用户缓存功能

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.