iris/_examples/miscellaneous/jwt/main.go

package main

import (
	"time"

	"github.com/kataras/iris/v12"
	"github.com/kataras/iris/v12/middleware/jwt"
)

// UserClaims a custom claims structure. You can just use jwt.Claims too.
type UserClaims struct {
	jwt.Claims
	Username string
}

func main() {
	// hmac
	key := []byte("secret")
	j, err := jwt.New(1*time.Minute, jwt.HS256, key)
	if err != nil {
		panic(err)
	}

	// OPTIONAL encryption:
	encryptionKey := []byte("itsa16bytesecret")
	err = j.WithEncryption(jwt.A128GCM, jwt.DIRECT, encryptionKey)
	if err != nil {
		panic(err)
	}

	app := iris.New()
	app.Logger().SetLevel("debug")

	app.Get("/authenticate", func(ctx iris.Context) {
		standardClaims := jwt.Claims{Issuer: "an-issuer", Audience: jwt.Audience{"an-audience"}}
		// NOTE: if custom claims then the `j.Expiry(claims)` (or jwt.Expiry(duration, claims))
		// MUST be called in order to set the expiration time.
		customClaims := UserClaims{
			Claims:   j.Expiry(standardClaims),
			Username: "kataras",
		}

		j.WriteToken(ctx, customClaims)
	})

	userRouter := app.Party("/user")
	{
		// userRouter.Use(j.Verify)
		// userRouter.Get("/", func(ctx iris.Context) {
		// 	var claims UserClaims
		// 	if err := jwt.ReadClaims(ctx, &claims); err != nil {
		//      // Validation-only errors, the rest are already
		//      // checked on `j.Verify` middleware.
		// 		ctx.StopWithStatus(iris.StatusUnauthorized)
		// 		return
		// 	}
		//
		// 	ctx.Writef("Claims: %#+v\n", claims)
		// })
		//
		// OR:
		userRouter.Get("/", func(ctx iris.Context) {
			var claims UserClaims
			if err := j.VerifyToken(ctx, &claims); err != nil {
				ctx.StopWithStatus(iris.StatusUnauthorized)
				return
			}

			ctx.Writef("Claims: %#+v\n", claims)
		})
	}

	app.Listen(":8080")
}

/*
func load_From_File_Example() {
	b, err := ioutil.ReadFile("./private_rsa.pem")
	if err != nil {
		panic(err)
	}
	signKey := jwt.MustParseRSAPrivateKey(b, []byte("pass"))

	j, err := jwt.New(15*time.Minute, jwt.RS256, signKey)
	if err != nil {
		panic(err)
	}
}
*/

/*
func random_RSA_Sign_And_Encrypt_Example() {
	j := jwt.Random(1 * time.Minute)
}
*/

/*
func random_manually_generate_RSA_Example() {
	signey, err := rsa.GenerateKey(rand.Reader, 2048)
	if err != nil {
		panic(err)
	}
	encryptionKey, err := rsa.GenerateKey(rand.Reader, 2048)
	if err != nil {
		panic(err)
	}

	j, err := jwt.New(1*time.Minute, jwt.RS256, signey)
	if err != nil {
		panic(err)
	}
	err = j.WithEncryption(jwt.A128CBCHS256, jwt.RSA15, encryptionKey)
	if err != nil {
		panic(err)
	}
}
*/
New builtin JWT middleware - this one supports encryption and ed25519 Former-commit-id: ca20d256b766e3e8717e91de7a3f3b5f213af0bc 2020-05-27 11:02:17 +02:00			`package main`

			`import (`
			`"time"`

			`"github.com/kataras/iris/v12"`
			`"github.com/kataras/iris/v12/middleware/jwt"`
			`)`

			`// UserClaims a custom claims structure. You can just use jwt.Claims too.`
			`type UserClaims struct {`
			`jwt.Claims`
			`Username string`
			`}`

			`func main() {`
			`// hmac`
			`key := []byte("secret")`
			`j, err := jwt.New(1*time.Minute, jwt.HS256, key)`
			`if err != nil {`
			`panic(err)`
			`}`

			`// OPTIONAL encryption:`
			`encryptionKey := []byte("itsa16bytesecret")`
			`err = j.WithEncryption(jwt.A128GCM, jwt.DIRECT, encryptionKey)`
			`if err != nil {`
			`panic(err)`
			`}`

			`app := iris.New()`
			`app.Logger().SetLevel("debug")`

			`app.Get("/authenticate", func(ctx iris.Context) {`
			`standardClaims := jwt.Claims{Issuer: "an-issuer", Audience: jwt.Audience{"an-audience"}}`
			// NOTE: if custom claims then the `j.Expiry(claims)` (or jwt.Expiry(duration, claims))
			`// MUST be called in order to set the expiration time.`
			`customClaims := UserClaims{`
			`Claims: j.Expiry(standardClaims),`
			`Username: "kataras",`
			`}`

			`j.WriteToken(ctx, customClaims)`
			`})`

			`userRouter := app.Party("/user")`
			`{`
			`// userRouter.Use(j.Verify)`
			`// userRouter.Get("/", func(ctx iris.Context) {`
			`// var claims UserClaims`
			`// if err := jwt.ReadClaims(ctx, &claims); err != nil {`
			`// // Validation-only errors, the rest are already`
			// // checked on `j.Verify` middleware.
			`// ctx.StopWithStatus(iris.StatusUnauthorized)`
			`// return`
			`// }`
			`//`
			`// ctx.Writef("Claims: %#+v\n", claims)`
			`// })`
			`//`
			`// OR:`
			`userRouter.Get("/", func(ctx iris.Context) {`
			`var claims UserClaims`
			`if err := j.VerifyToken(ctx, &claims); err != nil {`
			`ctx.StopWithStatus(iris.StatusUnauthorized)`
			`return`
			`}`

			`ctx.Writef("Claims: %#+v\n", claims)`
			`})`
			`}`

			`app.Listen(":8080")`
			`}`

			`/*`
			`func load_From_File_Example() {`
			`b, err := ioutil.ReadFile("./private_rsa.pem")`
			`if err != nil {`
			`panic(err)`
			`}`
			`signKey := jwt.MustParseRSAPrivateKey(b, []byte("pass"))`

			`j, err := jwt.New(15*time.Minute, jwt.RS256, signKey)`
			`if err != nil {`
			`panic(err)`
			`}`
			`}`
			`*/`

			`/*`
			`func random_RSA_Sign_And_Encrypt_Example() {`
			`j := jwt.Random(1 * time.Minute)`
			`}`
			`*/`

			`/*`
			`func random_manually_generate_RSA_Example() {`
			`signey, err := rsa.GenerateKey(rand.Reader, 2048)`
			`if err != nil {`
			`panic(err)`
			`}`
			`encryptionKey, err := rsa.GenerateKey(rand.Reader, 2048)`
			`if err != nil {`
			`panic(err)`
			`}`

			`j, err := jwt.New(1*time.Minute, jwt.RS256, signey)`
			`if err != nil {`
			`panic(err)`
			`}`
			`err = j.WithEncryption(jwt.A128CBCHS256, jwt.RSA15, encryptionKey)`
			`if err != nil {`
			`panic(err)`
			`}`
			`}`
			`*/`