goauth

package module
v1.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 19, 2024 License: MIT Imports: 8 Imported by: 5

README

Go Auth Middleware

This library is a generic authentication middleware that implements http.Handler and can be used with any framework of choice like gin and mux (see examples).

It accepts multiple authentication "handlers" that are executed in order, and the rules are:

  • The request proceeds if any of the handlers does NOT return an error
  • The request is aborted if the last handler return an error

Handlers

The library provides the following authentication handlers:

API Key

The API Key handler can be used for authentication using a single API Key.

You must specify the Header and Key in the configuration.

JWKS

The JWKS handler is used for authentication with JWK contained in the Authorization Header of the request with the Bearer format, example:

Authorization: Bearer 123abc_any_JWK_here

You must specify the URL and CacheConfig in the configuration.

Logging

You can implement the Logger interface of the package log of this library, so that you can handle logs in your app.

Set the logger by passing your implementation to log.SetLogger(l Logger).

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Authenticate 

func Authenticate(next http.Handler) http.Handler

Authenticate executes all the authentication handlers in the order they were added. If any of the handlers does not return an error, the request proceeds to the next handler. If the last handler returns an error, the request is aborted.

func BootstrapMiddleware 

func BootstrapMiddleware(ctx context.Context)

BootstrapMiddleware sets up the authentication handlers. The context object is used to controll the life-cycle of the JWKS cache auto-refresh worker.

func SetHandlers 

func SetHandlers(handlers []AuthHandler)

SetHandlers sets the authentication handlers

Types

type APIKeyConfig added in v1.3.0 

type APIKeyConfig struct {
	// Header is the header to be used on the VerifyAPIKey handler. Defaults to X-API-Key
	Header string `mapstructure:"GOAUTH_API_KEY_HEADER"`
	// KeyList is the list of API keys to be used on the VerifyAPIKey handler, separated by comma
	KeyList []string `mapstructure:"GOAUTH_API_KEY_LIST"`
}

APIKeyConfig is the config to be used on the VerifyAPIKey handler

type AuthHandler 

type AuthHandler interface {
	Handle(h *http.Request) (request *http.Request, statusCode int, err error)
}

AuthHandler is the interface that wraps the AuthenticateFunc method and is used to authenticate the request

func GetHandlers 

func GetHandlers() []AuthHandler

GetHandlers returns the authentication handlers

type AuthMiddlewareError 

type AuthMiddlewareError struct {
	// Code is the HTTP status code
	Code int
	// Message is the error message
	Message string
}

AuthMiddlewareError is the error type returned by the middleware

func (*AuthMiddlewareError) Error 

func (e *AuthMiddlewareError) Error() string

Error implements the error interface

type Config 

type Config struct {
	// AuthHandlers is the list of authentication handlers to be used
	Handlers []string `mapstructure:"GOAUTH_HANDLERS"`

	// APIKeyConfig stores the configuration for the VerifyAPIKey handler
	APIKeyConfig APIKeyConfig `mapstructure:",squash"`

	// JWKSConfig stores the configuration for the VerifyJWKS handler
	JWKSConfig JWKSConfig `mapstructure:",squash"`

	// JWTConfig stores the configuration for the VerifyJWT handler
	JWTConfig JWTConfig `mapstructure:",squash"`
}

Config stores the configuration for the Goauth middleware

type JWKSConfig added in v1.3.0 

type JWKSConfig struct {
	// Header is the header to be used on the VerifyJWKS handler. Defaults to Authorization
	Header string `mapstructure:"GOAUTH_JWKS_HEADER"`
	// TokenType is the token type to be used on the VerifyJWKS handler. Defaults to Bearer
	TokenType string `mapstructure:"GOAUTH_JWKS_TOKEN_TYPE"`
	// URL is the JWKS endpoint to be used on the VerifyJWKS handler
	URL string `mapstructure:"GOAUTH_JWKS_URL"`
	// RefreshWindow is the time window before checking if the JWKS cache needs to be refreshed, in seconds. Defaults to 60
	RefreshWindow int `mapstructure:"GOAUTH_JWKS_REFRESH_WINDOW"`
	// MinRefreshInterval is the minimum interval between JWKS refreshes, in seconds. Defaults to 300
	MinRefreshInterval int `mapstructure:"GOAUTH_JWKS_MIN_REFRESH_INTERVAL"`
	// PayloadContextKey is the context key to store the JWT payload. Defaults to USER
	PayloadContextKey string `mapstructure:"GOAUTH_JWKS_PAYLOAD_CONTEXT_KEY"`
}

JWKSConfig is the config to be used on the VerifyJWKS handler

type JWTConfig added in v1.3.0 

type JWTConfig struct {
	// Header is the header to be used on the VerifyJWT handler. Defaults to Authorization
	Header string `mapstructure:"GOAUTH_JWT_HEADER"`
	// TokenType is the token type to be used on the VerifyJWT handler. Defaults to Bearer
	TokenType string `mapstructure:"GOAUTH_JWT_TOKEN_TYPE"`
	// SignatureKey is the signature key to be used on the VerifyJWT handler
	SignatureKey string `mapstructure:"GOAUTH_JWT_SIGNATURE_KEY"`
	// SignatureAlgorithm is the algorithm used to sign the JWT. Defaults to RS256
	SignatureAlgorithm string `mapstructure:"GOAUTH_JWT_SIGNATURE_ALGORITHM"`
	// PayloadContextKey is the context key to store the JWT payload. Defaults to USER
	PayloadContextKey string `mapstructure:"GOAUTH_JWT_PAYLOAD_CONTEXT_KEY"`
}

JWTConfig is the config to be used on the VerifyJWT handler

Source Files

View all Source files

Directories

Path Synopsis
examples module
pkg
jwks

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.