authorize

package
v0.4.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 17, 2025 License: MIT Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ErrInvalidPubKey indicates the the given public key is invalid
	ErrInvalidPubKey = errors.New("public key invalid")
	// ErrInvalidPrivKey indicates that the given private key is invalid
	ErrInvalidPrivKey = errors.New("private key invalid")
	// ErrMissingSecretKey indicates Secret key is required
	ErrMissingSecretKey = errors.New("secret key is required")
)
View Source 
var ErrMissingValue = errors.New("no value present in request")

ErrMissingValue can be thrown by follow if value with a HTTP header, the value header needs to be set if value with URL Query, the query value variable is empty if value with a cookie, the value cookie is empty

Functions

func FromCookie 

func FromCookie(r *http.Request, key string) (string, error)

FromCookie get value from Cookie key is a cookie key

func FromHeader 

func FromHeader(r *http.Request, key, prefix string) (string, error)

FromHeader get value from header key is a header key, like "Authorization" prefix is a string in the header, like "Bearer", if it is empty, only will return value.

func FromQuery 

func FromQuery(r *http.Request, key string) (string, error)

FromQuery get value from query key is a query key

func Marshal 

func Marshal(v any) (string, error)

Marshal converts a message to a URL legal string.

func NewContext 

func NewContext[T any](ctx context.Context, claims *Claims[T]) context.Context

NewContext put auth info into context

func Unmarshal 

func Unmarshal(s string, v any) error

Unmarshal decodes a message.

Types

type ArgumentExtractor 

type ArgumentExtractor string

ArgumentExtractor extracts a value from request arguments. This includes a POSTed form or GET URL arguments. This extractor calls `ParseMultipartForm` on the request

func (ArgumentExtractor) ExtractToken 

func (e ArgumentExtractor) ExtractToken(r *http.Request) (string, error)

type Auth 

type Auth[T any] struct {
	// contains filtered or unexported fields
}

Auth provides a Json-Web-Token authentication implementation.

func New 

func New[T any](c Config) (*Auth[T], error)

New auth with Config

func (*Auth[T]) ExtractToken 

func (a *Auth[T]) ExtractToken(r *http.Request) (string, error)

ExtractToken extract token from http request

func (*Auth[T]) GenerateRefreshToken 

func (a *Auth[T]) GenerateRefreshToken(val *Claims[T]) (string, time.Time, error)

GenerateRefreshToken generate refresh token

func (*Auth[T]) GenerateToken 

func (a *Auth[T]) GenerateToken(val *Claims[T]) (string, time.Time, error)

GenerateToken generate token

func (*Auth[T]) MaxTimeout 

func (a *Auth[T]) MaxTimeout() time.Duration

MaxTimeout refresh timeout

func (*Auth[T]) Middleware 

func (sf *Auth[T]) Middleware(opts ...Option) gin.HandlerFunc

func (*Auth[T]) ParseFromRequest 

func (a *Auth[T]) ParseFromRequest(r *http.Request) (*Claims[T], error)

ParseFromRequest parse token to account from http request

func (*Auth[T]) ParseToken 

func (p *Auth[T]) ParseToken(tokenString string) (*Claims[T], error)

ParseToken parse token

func (*Auth[T]) Timeout 

func (a *Auth[T]) Timeout() time.Duration

Timeout token valid time

type Claims 

type Claims[T any] struct {
	jwt.RegisteredClaims
	Meta T `json:"meta,omitempty"`
}

Claims jwt claims

func FromContext 

func FromContext[T any](ctx context.Context) (claims *Claims[T], ok bool)

FromContext extract auth info from context

type Config 

type Config struct {
	// Timeout token valid time
	// if timeout <= refreshTimeout, refreshTimeout = timeout + 30 * time.Minute
	Timeout time.Duration
	// RefreshTimeout refresh token valid time.
	RefreshTimeout time.Duration
	// Lookup used to extract token from the http request
	// lookup is a string in the form of "<source>:<name>[:<prefix>]" that is used
	// to extract value from the request.
	// use like "header:<name>[:<prefix>],query:<name>,cookie:<name>,param:<name>"
	// Optional, Default value "header:Authorization:Bearer" for json web token.
	// Possible values:
	// - "header:<name>:<prefix>", <prefix> is a special string in the header, Possible value is "Bearer"
	// - "query:<name>"
	// - "cookie:<name>"
	Lookup string
	// 支持签名算法: HS256, HS384, HS512, RS256, RS384, RS512, EdDSA
	// Optional, Default HS256.
	Algorithm string
	// Secret key used for signing.
	// Required, if Algorithm is one of HS256, HS384, HS512.
	Key []byte
	// Private key for asymmetric algorithms,
	// Public key for asymmetric algorithms
	// Required, if Algorithm is one of RS256, RS384, RS512, EdDSA.
	PrivKey, PubKey string
	// the issuer of the jwt
	Issuer string
}

Config Auth config

type CookieExtractor 

type CookieExtractor string

CookieExtractor extracts a value from cookie.

func (CookieExtractor) ExtractToken 

func (e CookieExtractor) ExtractToken(r *http.Request) (string, error)

type Extractor 

type Extractor interface {
	ExtractToken(*http.Request) (string, error)
}

Extractor is an interface for extracting a value from an HTTP request. The ExtractToken method should return a value string or an error. If no value is present, you must return ErrMissingValue.

type HeaderExtractor 

type HeaderExtractor struct {
	// The key of the header
	// Required
	Key string
	// Strips 'Bearer ' prefix from bearer value string.
	// Possible value is "Bearer"
	// Optional
	Prefix string
}

HeaderExtractor is an extractor for finding a value in a header. Looks at each specified header in order until there's a match

func (HeaderExtractor) ExtractToken 

func (e HeaderExtractor) ExtractToken(r *http.Request) (string, error)

type Lookup 

type Lookup struct {
	// contains filtered or unexported fields
}

Lookup is a tool that looks up the value from http request, such as token

func NewLookup 

func NewLookup(lookup string) *Lookup

NewLookup new a lookup. lookup is a string in the form of "<source>:<name>[:<prefix>]" that is used to extract value from the request. use like "header:<name>[:<prefix>],query:<name>,cookie:<name>,param:<name>" Optional, Default value "header:Authorization:Bearer" for json web token. Possible values: - "header:<name>:<prefix>", <prefix> is a special string in the header, Possible value is "Bearer" - "query:<name>" - "cookie:<name>"

func (*Lookup) ExtractToken 

func (sf *Lookup) ExtractToken(r *http.Request) (string, error)

ExtractToken extract value from http request.

type MultiExtractor 

type MultiExtractor []Extractor

MultiExtractor tries Extractors in order until one returns a value string or an error occurs

func (MultiExtractor) ExtractToken 

func (e MultiExtractor) ExtractToken(req *http.Request) (string, error)

type Option 

type Option func(*options)

Option is Middleware option.

func WithSkip 

func WithSkip(f func(c *gin.Context) bool) Option

WithSkip set skip func

func WithUnauthorizedFallback 

func WithUnauthorizedFallback(f func(c *gin.Context, err error)) Option

WithUnauthorizedFallback sets the fallback handler when requests are unauthorized.

type TokenSubject 

type TokenSubject struct {
	Sub    string `json:"Sub,omitempty"`
	ConnId string `json:"connId,omitempty"`
}

TokenSubject represents both the subject and connId which is returned as the "sub" claim in the Id Token.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.