Categorygithub.com/lidstromberg/session
modulepackage
0.3.0
Repository: https://github.com/lidstromberg/session.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
13
Dependents
0
Files
510 SLOC

# README

Session - Go JWT wrapper

A Go JWT wrapper which bundles common operations for JWT tokens. Makes pervasive use of the jwt Go implementation of JSON Web Tokens (JWT).

What?

This provides functionality to create custom map claims, new JWTs, validity checks, refresh JWTs and check JWT content. It was built and intended for use with auth but can be used as a standalone.

Why?

This was part of a learning exercise to create auth which is a very rough Go equivalent of dotnet core Identity services.

How?

See the tests for usage examples.

Examples

See [examples] for a http/appengine implementations which uses session and auth. This is written for appengine standard 2nd gen, but also works as a standalone.

Dependencies and services

This utilises the following fine pieces of work:

Also uses:

  • lidstromberg packages log, keypair and config. Please note that log and config do not require environment variables to be set, but keypair requires encryption keys to be set. Refer to the keypair package for further details. The easiest way to ensure all of these things are configured, is to refer to the auth package itself.

Installation

Install using go get.

$ go get -u github.com/lidstromberg/session

Environment Variables

You will also need to export (linux/macOS) or create (Windows) some environment variables.

################################
# SESSION
################################
export JWT_DEBUGON="false"
export JWT_ISSUER="{{DOMAINNAME}}"
export JWT_EXTMIN="15"
export JWT_APPROLEDELIM=":"

################################
# GCP CREDENTIALS
################################
export GOOGLE_APPLICATION_CREDENTIALS="/PATH/TO/GCPCREDENTIALS.JSON"

(See Google Application Credentials)

Private/Public Certs for JWT

If you want to run the authcore tests or the example implementations, then you will also require RSA certs for the jwt tokens. See keypair for details on how these are used.

Google Cloud Platform Requirements

If you intend to use GCP datastore as your backend, then you will require:

  • A GCP project
  • A GCP storage bucket (private) to store the jwt private/public keys (in the root of the bucket). See keypair for further details.
  • Your GOOGLE_APPLICATION_CREDENTIALS json credentials key should be created with the following IAM scopes: 'Storage Object Viewer' and 'Storage Object Creator', or 'Storage Object Admin'.

Main Files

FilePurpose
sessmgr.goLogic manager
sessmgr_test.goTests

Ancillary Files

FilePurpose
config.goBoot package parameters, environment var collection
entity.goPackage structs
errors.goPackage error definitions
envPackage environment variables for local/dev installation
gogetsStatements for go-getting required packages

# Functions

DrainFn drains a channel until it is closed.
NewMgr creates a new credential manager.
PollFn processes either the error or the new session token.

# Constants

ConstJwtAccID account id.
ConstJwtEml email.
ConstJwtID id (session) element.
ConstJwtRole roletoken id.

# Variables

EnvDebugOn controls verbose logging.
ErrClaimElementNotExist error message.
ErrJwtCouldNotParseToken error message.
ErrJwtInvalidSession error message.
ErrKeyPairNotExist occurs if the key pair cannot be read.
ErrLoginSessionNotCreated failed to create session error.

# Structs

LoginCandidate is a record of a login attempt.
SessMgr handles jwts.

# Interfaces

SessProvider defines the public operations of a session manager.