auth

package
v0.0.0-...-6dc5a59 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 26, 2026 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

View Source 
const DefaultMaxBodySizeBytes int64 = 102_400 // 100kb
View Source 
const DefaultMaxTimeout = 15 * time.Second

Variables

View Source 
var ErrUnauthorized = errors.New("not authorized")

Functions

func HashBody 

func HashBody(body []byte) string

HashBody returns the SHA-256 hash of the body.

Types

type ExpiredTokenError 

type ExpiredTokenError struct {
	ExpiredBy time.Duration
	InnerErr  error
}

func (*ExpiredTokenError) Error 

func (e *ExpiredTokenError) Error() string

func (*ExpiredTokenError) Unwrap 

func (e *ExpiredTokenError) Unwrap() error

type HTTPRequestSigner 

type HTTPRequestSigner interface {
	SignHTTPRequest(req *http.Request, timeout time.Duration) error
}

HTTPRequestSigner is responsible for signing HTTP requests using JWTs.

func NewHTTPRequestSigner 

func NewHTTPRequestSigner(generator JWTTokenGenerator) HTTPRequestSigner

NewHTTPRequestSigner creates a new HTTPRequestSigner with the given JWTTokenGenerator.

type HTTPRequestVerifier 

type HTTPRequestVerifier interface {
	VerifyHTTPRequest(req *http.Request) error
}

HTTPRequestVerifier is responsible for verifying HTTP requests using JWTs.

func NewHTTPRequestVerifier 

func NewHTTPRequestVerifier(parser JWTTokenParser, maxBodySizeBytes int64) HTTPRequestVerifier

NewHTTPRequestVerifier creates a new HTTPRequestVerifier with the given JWTTokenParser.

type JWTHTTPSignerVerifier 

type JWTHTTPSignerVerifier struct {
	// contains filtered or unexported fields
}

JWTHTTPSignerVerifier implements both signing and verifying of HTTP requests.

func (*JWTHTTPSignerVerifier) MaxBodySizeBytes 

func (s *JWTHTTPSignerVerifier) MaxBodySizeBytes() int64

func (*JWTHTTPSignerVerifier) SignHTTPRequest 

func (s *JWTHTTPSignerVerifier) SignHTTPRequest(req *http.Request, timeout time.Duration) error

SignHTTPRequest signs an HTTP request with a JWT.

func (*JWTHTTPSignerVerifier) VerifyHTTPRequest 

func (s *JWTHTTPSignerVerifier) VerifyHTTPRequest(req *http.Request) error

VerifyHTTPRequest verifies the JWT in an HTTP request.

type JWTManager 

type JWTManager struct {
	PrivateKey string
	PublicKey  string
	MaxTimeout time.Duration
}

func NewJWTManager 

func NewJWTManager(stellarPrivateKey string, stellarPublicKey string, maxTimeout time.Duration) (*JWTManager, error)

NewJWTManager creates a new JWT token manager that can generate and parse JWT tokens.

func (*JWTManager) GenerateJWT 

func (m *JWTManager) GenerateJWT(methodAndPath string, body []byte, expiresAt time.Time) (string, error)

GenerateJWT generates a JWT token with the given body and expiration time.

func (*JWTManager) ParseJWT 

func (m *JWTManager) ParseJWT(tokenString, methodAndPath string, body []byte) (*jwtgo.Token, *customClaims, error)

ParseJWT parses a JWT token and returns it with the claims. It also checks if the token expiration is within [now, now+MaxTimeout], and if the claims' hashed_body matches the requestBody's hash.

type JWTTokenGenerator 

type JWTTokenGenerator interface {
	// GenerateJWT generates a JWT token with the given body and expiration time.
	GenerateJWT(methodAndPath string, body []byte, expiresAt time.Time) (string, error)
}

func NewJWTTokenGenerator 

func NewJWTTokenGenerator(stellarPrivateKey string) (JWTTokenGenerator, error)

type JWTTokenParser 

type JWTTokenParser interface {
	// ParseJWT parses a JWT token and returns it with the claims.
	ParseJWT(tokenString, methodAndPath string, body []byte) (*jwtgo.Token, *customClaims, error)
}

func NewJWTTokenParser 

func NewJWTTokenParser(maxTimeout time.Duration, stellarPublicKey string) (JWTTokenParser, error)

NewJWTTokenParser creates a new JWT token parser that can parse a JWT token as long as it has been signed by the provided Stellar public key.

func NewMultiJWTTokenParser 

func NewMultiJWTTokenParser(maxTimeout time.Duration, stellarPublicKeys ...string) (JWTTokenParser, error)

NewMultiJWTTokenParser creates a new JWT token parser that can parse a JWT token as long as it has been signed by an least one of the provided Stellar public keys.

type MultiJWTTokenParser 

type MultiJWTTokenParser struct {
	// contains filtered or unexported fields
}

func (MultiJWTTokenParser) ParseJWT 

func (m MultiJWTTokenParser) ParseJWT(tokenString, methodAndPath string, body []byte) (*jwtgo.Token, *customClaims, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.