auth

package
v2.8.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 5, 2026 License: Apache-2.0 Imports: 25 Imported by: 0

Documentation

Index

Examples

Constants

View Source 
const (
	ScopeOpenID   = "openid"
	ScopeProfile  = "profile"
	ScopeEmail    = "email"
	ScopeGroups   = "groups"
	ScopeInternal = "internal"
)
View Source 
const ServiceAccountPrefix = "@oauth2"

ServiceAccountPrefix email domain for service accounts.

View Source 
const SignAlgo = "RS256"

SignAlgo const.

Variables

View Source 
var AllScopes = []string{ScopeOpenID, ScopeProfile, ScopeEmail, ScopeGroups, ScopeInternal}

Functions

func Base64decode 

func Base64decode(v string) (string, error)

Base64decode decodes base64 input to string.

func BasicAuth 

func BasicAuth(user, password string) string

BasicAuth returns a base64 encoded string of the user and password.

Example 
package main

import (
	"encoding/base64"
	"fmt"

	"github.com/elisasre/go-common/v2/auth"
)

func main() {
	encoded := auth.BasicAuth("username", "password")
	out, err := base64.StdEncoding.DecodeString(encoded)
	if err != nil {
		fmt.Println(err)
		return
	}
	fmt.Println(string(out))
}

Output:

username:password

func BuildPKISerial 

func BuildPKISerial() (*big.Int, error)

BuildPKISerial generates random big.Int.

func Decrypt 

func Decrypt(data []byte, passphrase string) ([]byte, error)

Decrypt the encrypted secret with passphrase.

Example 
package main

import (
	"fmt"

	"github.com/elisasre/go-common/v2/auth"
)

func main() {
	encrypted, _ := auth.Encrypt([]byte("supersecret"), "testpassword")
	data, _ := auth.Decrypt(encrypted, "testpassword")
	fmt.Println(string(data))
}

Output:

supersecret

func EncodePrivateKeyToPEM 

func EncodePrivateKeyToPEM(privateKey *rsa.PrivateKey) []byte

func EncodePublicKeyToPEM 

func EncodePublicKeyToPEM(publicKey *rsa.PublicKey) []byte

func Encrypt 

func Encrypt(data []byte, passphrase string) ([]byte, error)

Encrypt the secret input with passphrase source https://www.thepolyglotdeveloper.com/2018/02/encrypt-decrypt-data-golang-application-crypto-packages/

Example 
package main

import (
	"fmt"

	"github.com/elisasre/go-common/v2/auth"
)

func main() {
	encrypted, _ := auth.Encrypt([]byte("supersecret"), "testpassword")
	data, _ := auth.Decrypt(encrypted, "testpassword")
	fmt.Println(string(data))
}

Output:

supersecret

func NewClient 

func NewClient(ctx context.Context, conf *ClientConfiguration) *http.Client

Types

type ClientConfiguration 

type ClientConfiguration struct {
	OAuth2
}

type Internal 

type Internal struct {
	Cluster     *string `json:"cluster,omitempty"`
	ChangeLimit *int    `json:"limit,omitempty"`
	MFA         *bool   `json:"mfa"`
	EmployeeID  string  `json:"employeeid,omitempty"`
}

Internal contains struct for internal non standard variables.

type JWTKey 

type JWTKey struct {
	CreatedAt  time.Time       `yaml:"created_at" json:"created_at"`
	KID        string          `yaml:"kid" json:"kid"`
	PrivateKey *rsa.PrivateKey `yaml:"-" json:"-"`
	PublicKey  *rsa.PublicKey  `yaml:"-" json:"-"`
}

JWTKey is struct for storing auth private keys.

func GenerateNewKeyPair 

func GenerateNewKeyPair() (JWTKey, error)

GenerateNewKeyPair generates new private and public keys.

type OAuth2 

type OAuth2 struct {
	ClientID         string
	ClientSecret     string
	ClientSecretFile string
	Scopes           []string
	TokenURL         string
	EndpointParams   url.Values
}

type SignClaims 

type SignClaims struct {
	Aud    string
	Exp    int64
	Iat    int64
	Issuer string
	Nonce  string
	Scopes []string
}

SignClaims contains claims that are passed to SignExpires func.

type Token 

type Token struct {
	User *User
}

Token struct.

func NewToken 

func NewToken(user *User) *Token

NewToken constructs new token which is passed for application.

func (*Token) SignExpires 

func (t *Token) SignExpires(key JWTKey, claim SignClaims) (string, error)

SignExpires makes new jwt token using expiration time and secret.

type User 

type User struct {
	Groups        []string  `json:"groups,omitempty"`
	Eid           string    `json:"custom:employeeid,omitempty"`
	Department    string    `json:"custom:department,omitempty"`
	JobTitle      string    `json:"custom:jobtitle,omitempty"`
	ImportGroups  []string  `json:"cognito:groups,omitempty"`
	Email         *string   `json:"email,omitempty"`
	EmailVerified *bool     `json:"email_verified,omitempty"`
	Name          *string   `json:"name,omitempty"`
	Internal      *Internal `json:"internal,omitempty"`
}

User contains struct for single user.

func (User) IsServiceAccount 

func (u User) IsServiceAccount() bool

IsServiceAccount returns boolean is the account service account.

func (*User) MakeSub 

func (u *User) MakeSub() string

MakeSub returns sub value for user.

func (User) TokenMFA 

func (u User) TokenMFA() bool

TokenMFA returns state does user has MFA used in current JWT.

type UserJWTClaims 

type UserJWTClaims struct {
	*User
	jwt.RegisteredClaims
	Nonce string `json:"nonce,omitempty"`
}

UserJWTClaims contains struct for making and parsing jwt tokens.

func ParseToken 

func ParseToken(raw string, keys []JWTKey, options ...jwt.ParserOption) (*UserJWTClaims, error)

ParseToken will validate jwt token and return user with jwt claims.

Source Files

View all Source files

Directories

Path Synopsis
cachetest
store
memory
postgres

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.