Categorygithub.com/aaronland/go-http-crumb
modulepackage
1.1.1
Repository: https://github.com/aaronland/go-http-crumb.git
Documentation: pkg.go.dev
Overview
Versions
2
Dependencies
23
Dependents
7
Files
698 SLOC

# README

go-http-crumb

Go package for creating and validating (HTTP) crumbs.

Documentation

Go Reference

Example

The following are abbreviated code examples. Error handling has been omitted for the sake of brevity.

Simple (Encypted crumbs)

import (
       "context"
       "github.com/aaronland/go-http-crumb"
)

func main() {
	cr_uri := "encrypted://?extra=f3gKgLVX&key=&secret=oK5OFCjBsvAOrfJPnzAJqnkphkuDmyf9&separator=%3A&ttl=3600"
	cr, _ := crumb.NewCrumb(ctx, uri)
}

HTTP (Simple)

Use the crumb.EnsureCrumbHandler middleware handler to automatically generate a new crumb string for all requests and append it to any HTML output as a html/body@data-crumb attribute value.

For POST and PUT requests the (middleware) handler intercept the current handler and look for a crumb form value and validate it before continuing.

import (
       "context"
       "github.com/aaronland/go-http-crumb"
       "net/http"
)

func MyHandler() http.Handler {

	fn := func(rsp http.ResponseWriter, req *http.Request) {
		rsp.Write([]byte("Hello world"))
	}

	return http.HandlerFunc(fn)
}

func main() {

	ctx := context.Background()
	
	uri, _ := crumb.NewRandomEncryptedCrumbURI(ctx, 3600)
	cr, _ := crumb.NewCrumb(ctx, uri)

	mux := http.NewServeMux()
	
	my_handler, _ := MyHandler()
	my_handler = crumb.EnsureCrumbHandler(cr, my_handler)

	mux.Handle("/", my_handler)
}

HTTP (Doing it yourself)

import (
       "context"
       "github.com/aaronland/go-http-crumb"
       "net/http"
)

func CrumbHandler() (http.Handler, error) {

	ctx := context.Background()
	
	uri, _ := crumb.NewRandomEncryptedCrumbURI(ctx, 3600)
	cr, _ := crumb.NewCrumb(ctx, uri)

	fn := func(rsp http.ResponseWriter, req *http.Request) {

		if req.URL.Method == "GET" {
			cr_hash, _ := cr.Generate(req)
			// pass cr_hash to template
		} else {

			// read cr_hash from POST form here
			ok, _ := cr.Validate(req, cr_hash)	
		}
	}

	h := http.HandlerFunc(fn)
	return h, nil
}

Schemes

encrypted:///?secret={SECRET}&extra={EXTRA}&ttl={TTL}&separator={SEPARATOR}

For example:

encrypted:///?secret={SECRET}&extra={EXTRA}&ttl={TTL}&separator={SEPARATOR}
ParameterDescriptionRequired
secretA valid AES secret for encrypting the crumbyes
extraA string to include when generating crumb baseyes
separatorA string to separate crumb parts withyes
ttlTime to live (in seconds)yes
keyA string to prepend crumb base with. Default is to use the path of the current HTTP requestno

# Packages

No description provided by the author

# Functions

EnsureCrumbHandler wraps 'next_handler' with a middleware `http.Handler` for assigning and validating crumbs using the default `fomuseum/go-http-fault/v2.FaultHandler` as an error handler.
EnsureCrumbHandlerWithErrorHandler wraps 'next_handler' with a middleware a middleware `http.Handler` for assigning and validating crumbs using a custom error handler.
EnsureCrumbHandlerWithFaultWrapper wraps 'next_handler' with a middleware `http.Handler` for assigning and validating crumbs.
New returns a new `CrumbError` instance.
Returns a new `Crumb` instance for 'uri'.
NewCrumbRewriteFunc returns a `aaronland/go-http-rewrite.RewriteHTMLFunc` used to append crumb data to HTML output.
NewDebugCrumb returns a `EncryptedCrumb` instance with a randomly generated secret and salt valid for 5 minutes configured by 'uri' which should take the form of: debug://?{QUERY_PARAMETERS} Where '{QUERY_PARAMETERS}' may be: * `ttl={SECONDS}`.
NewEncryptedCrumb returns a new `Crumb` instance for 'uri'.
NewRandomEncryptedCrumbExtra returns a random extra value suitable for `encrypted://` crumb URIs.
NewRandomEncryptedCrumbSecret returns a random salt value suitable for `encrypted://` crumb URIs.
NewRandomEncryptedCrumbURI return a valid `aaronland/go-http-crumb` URI for an encrypted crumb whose key is 'key' and whose time to live is 'ttl'.
RegisterCrumb registers 'scheme' with 'f' for URIs passed to the `NewCrumb` method.
Schemes returns the list of schemes that have registered for use with the `NewCrumb` method.
SchemesAsString returns the list of schemes that have registered for use with the `NewCrumb` method as a string.

# Constants

ExpiredCrumb defines an ErrorClass for crumbs that have expired.
GenerateCrumb defines an ErrorClass for crumbs that are not able to be generated.
InvalidCrumb defines an ErrorClass for crumbs that do not validate.
MissingCrumb defines an ErrorClass for crumbs that are missing.
UnsanitizedCrumb defines an ErrorClass for crumbs that have failed input validation.

# Structs

type CrumbError implements the `error` and `fault.FaultError` interfaces for application specific errors.
type EncryptedCrumb implements the Crumb interface for crumb strings that are encrypted.

# Interfaces

type Crumb is an interface for generating and validating HTTP crumb strings.

# Type aliases

type CrumbInitializeFunc is a function used to initialize packages that implement the `Crumb` interface.
type ErrorClass defines application specific error classes (or types).