Mirrors/kararas_iris
1
0
Fork 0
mirror of https://github.com/kataras/iris.git synced 2025-12-18 02:17:05 +00:00
Code Releases Activity

add a jwt tutorial + go client

Browse Source
This commit is contained in:
Gerasimos (Makis) Maropoulos
2020-11-04 21:12:13 +02:00
parent ed38047385
commit 579c3878f0
22 changed files with 818 additions and 163 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
middleware/jwt/signer.go
View File

@@ -19,7 +19,8 @@ type Signer struct {
// MaxAge to set "exp" and "iat".
// Recommended value for access tokens: 15 minutes.
// Defaults to 0, no limit.
MaxAge time.Duration
MaxAge time.Duration
Options []SignOption
Encrypt func([]byte) ([]byte, error)
}
@@ -33,11 +34,24 @@ type Signer struct {
// signer := NewSigner(HS256, secret, 15*time.Minute)
// token, err := signer.Sign(userClaims{Username: "kataras"})
func NewSigner(signatureAlg Alg, signatureKey interface{}, maxAge time.Duration) *Signer {
return &Signer{
if signatureAlg == HS256 {
// A tiny helper if the end-developer uses string instead of []byte for hmac keys.
if k, ok := signatureKey.(string); ok {
signatureKey = []byte(k)
}
}
s := &Signer{
Alg: signatureAlg,
Key: signatureKey,
MaxAge: maxAge,
}
if maxAge > 0 {
s.Options = []SignOption{MaxAge(maxAge)}
}
return s
}
// WithEncryption enables AES-GCM payload-only decryption.
@@ -53,7 +67,13 @@ func (s *Signer) WithEncryption(key, additionalData []byte) *Signer {
// Sign generates a new token based on the given "claims" which is valid up to "s.MaxAge".
func (s *Signer) Sign(claims interface{}, opts ...SignOption) ([]byte, error) {
return SignEncrypted(s.Alg, s.Key, s.Encrypt, claims, append([]SignOption{MaxAge(s.MaxAge)}, opts...)...)
if len(opts) > 0 {
opts = append(opts, s.Options...)
} else {
opts = s.Options
}
return SignEncrypted(s.Alg, s.Key, s.Encrypt, claims, opts...)
}
// NewTokenPair accepts the access and refresh claims plus the life time duration for the refresh token

7
middleware/jwt/verifier.go
View File

@@ -80,6 +80,13 @@ type Verifier struct {
// Get the context user:
// username, err := ctx.User().GetUsername()
func NewVerifier(signatureAlg Alg, signatureKey interface{}, validators ...TokenValidator) *Verifier {
if signatureAlg == HS256 {
// A tiny helper if the end-developer uses string instead of []byte for hmac keys.
if k, ok := signatureKey.(string); ok {
signatureKey = []byte(k)
}
}
return &Verifier{
Alg: signatureAlg,
Key: signatureKey,