The highest tagged major version is
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // DataStoreClaims used for setting the service itself as an author of a record DataStoreClaims = Claims{ UserID: uuid.Nil.String(), UserName: "datastore", } )
Functions ¶
func NewMiddleware ¶
func NewMiddleware(headerName string, publicKey interface{}) goserverhttp.Option
NewMiddleware creates a new authrorization middleware to set the claims in the context
Types ¶
type Claims ¶
type Claims struct {
ID string `json:"id"`
IssuedAt Timestamp `json:"iat"`
NotBefore Timestamp `json:"nbf"`
Expires Timestamp `json:"exp"`
Issuer string `json:"iss"`
UserID string `json:"sub"`
UserName string `json:"name"`
TenantID string `json:"tenantID"`
Email string `json:"email"`
RealmIDs []string `json:"realmIDs"`
GroupIDs []string `json:"groupIDs"`
ResourceTokenIDs []string `json:"resourceTokenIDs"`
AllowedIPs []string `json:"allowedIPs"`
IsTenantAdmin bool `json:"isTenantAdmin"`
AdminRealmIDs []string `json:"adminRealmIDs"`
SourceToken string `json:"-"`
AuthenticationMethodReferences []string `json:"amr"`
}
Claims represents the expected claims that should be in a JWT sent to labs
The IDP defined the token as
type RequestToken struct {
ID string `protobuf:"bytes,1,opt,name=ID,json=id,proto3" json:"ID,omitempty"`
IssuedAt float64 `protobuf:"fixed64,2,opt,name=IssuedAt,json=iat,proto3" json:"IssuedAt,omitempty"`
NotBefore float64 `protobuf:"fixed64,3,opt,name=NotBefore,json=nbf,proto3" json:"NotBefore,omitempty"`
Expires float64 `protobuf:"fixed64,4,opt,name=Expires,json=exp,proto3" json:"Expires,omitempty"`
Issuer string `protobuf:"bytes,5,opt,name=Issuer,json=iss,proto3" json:"Issuer,omitempty"`
UserID string `protobuf:"bytes,6,opt,name=UserID,json=sub,proto3" json:"UserID,omitempty"`
UserName string `protobuf:"bytes,7,opt,name=UserName,json=name,proto3" json:"UserName,omitempty"`
TenantID string `protobuf:"bytes,8,opt,name=TenantID,json=tenantID,proto3" json:"TenantID,omitempty"`
Email string `protobuf:"bytes,9,opt,name=Email,json=email,proto3" json:"Email,omitempty"`
RealmIDs []string `protobuf:"bytes,10,rep,name=RealmIDs,json=realmIDs,proto3" json:"RealmIDs,omitempty"`
GroupIDs []string `protobuf:"bytes,11,rep,name=GroupIDs,json=groupIDs,proto3" json:"GroupIDs,omitempty"`
ResourceTokenIDs []string `protobuf:"bytes,12,rep,name=ResourceTokenIDs,json=resourceTokenIDs,proto3" json:"ResourceTokenIDs,omitempty"`
AllowedIPs []string `protobuf:"bytes,13,rep,name=AllowedIPs,json=allowedIPs,proto3" json:"AllowedIPs,omitempty"`
IsTenantAdmin bool `protobuf:"varint,14,opt,name=IsTenantAdmin,json=isTenantAdmin,proto3" json:"IsTenantAdmin,omitempty"`
AdminRealmIDs []string `protobuf:"bytes,15,rep,name=AdminRealmIDs,json=adminRealmIDs,proto3" json:"AdminRealmIDs,omitempty"`
AuthenticationMethodReferences []string `protobuf:"bytes,16,rep,name=AuthenticationMethodReferences,json=amr,proto3" json:"AuthenticationMethodReferences,omitempty"`
}
func GetClaimsFromCtx ¶
GetClaimsFromCtx retrieves the Claims object from the given context
func (*Claims) Entities ¶
Entities returns a slice of the entity ids that the auth claims contains. These are ids that permissions may be assigned to. Currently, this is the UserID, GroupIDs, and ResourceTokenIDs
func (*Claims) FromClaimsMap ¶
FromClaimsMap loads the claim information from a jwt.Claims object, this is a simple map[string]interface{}
type Timestamp ¶
type Timestamp struct {
// contains filtered or unexported fields
}
Timestamp provides a timestamp value that can handle JSON strings and numeric values
func (Timestamp) MarshalJSON ¶
MarshalJSON implements the JSON marshal interface, returning
t as a Unix time, the number of seconds elapsed since
January 1, 1970 UTC.
func (*Timestamp) UnmarshalJSON ¶
UnmarshalJSON implements json.Unmarshaler. It supports string and null input.
Source Files