Middleware wraps the request with auth middleware.

ParseAPIKey parse api key from gin context looks for x-api-key in header, query params, cookie.

ParseToken parse jwt token from gin context looks for token in header, query params, cookie.

APIKeyHeader The API key header name.

APIKeyLookup is a string in the form of "<source>:<name>" that is used to extract token from the request.

ErrEmptyAPIKeyHeader can be thrown if authing with a HTTP header, the Auth header needs to be set.

ErrEmptyAuthHeader can be thrown if authing with a HTTP header, the Auth header needs to be set.

ErrEmptyCookieToken can be thrown if authing with a cookie, the token cokie is empty.

ErrEmptyParamToken can be thrown if authing with parameter in path, the parameter in path is empty.

ErrEmptyQueryToken can be thrown if authing with URL Query, the query token variable is empty.

ErrExpiredToken indicates JWT token has expired.

ErrForbidden when HTTP status 403 is given.

ErrInvalidAuthHeader indicates auth header is invalid, could for example have the wrong Realm name.

ErrInvalidSigningAlgorithm indicates signing algorithm is invalid, needs to be HS256, HS384, HS512, RS256, RS384 or RS512.

ErrMissingExpField missing exp field in token.

ErrNoClaims when HTTP status 403 is given.

TokenHeadName is a string in the header.

TokenLookup is a string in the form of "<source>:<name>" that is used to extract token from the request.