iris/_examples/miscellaneous/jwt/main.go
Gerasimos (Makis) Maropoulos d556cfc39a New builtin JWT middleware - this one supports encryption and ed25519
Former-commit-id: ca20d256b766e3e8717e91de7a3f3b5f213af0bc
2020-05-27 12:02:17 +03:00

118 lines
2.5 KiB
Go

package main
import (
"time"
"github.com/kataras/iris/v12"
"github.com/kataras/iris/v12/middleware/jwt"
)
// UserClaims a custom claims structure. You can just use jwt.Claims too.
type UserClaims struct {
jwt.Claims
Username string
}
func main() {
// hmac
key := []byte("secret")
j, err := jwt.New(1*time.Minute, jwt.HS256, key)
if err != nil {
panic(err)
}
// OPTIONAL encryption:
encryptionKey := []byte("itsa16bytesecret")
err = j.WithEncryption(jwt.A128GCM, jwt.DIRECT, encryptionKey)
if err != nil {
panic(err)
}
app := iris.New()
app.Logger().SetLevel("debug")
app.Get("/authenticate", func(ctx iris.Context) {
standardClaims := jwt.Claims{Issuer: "an-issuer", Audience: jwt.Audience{"an-audience"}}
// NOTE: if custom claims then the `j.Expiry(claims)` (or jwt.Expiry(duration, claims))
// MUST be called in order to set the expiration time.
customClaims := UserClaims{
Claims: j.Expiry(standardClaims),
Username: "kataras",
}
j.WriteToken(ctx, customClaims)
})
userRouter := app.Party("/user")
{
// userRouter.Use(j.Verify)
// userRouter.Get("/", func(ctx iris.Context) {
// var claims UserClaims
// if err := jwt.ReadClaims(ctx, &claims); err != nil {
// // Validation-only errors, the rest are already
// // checked on `j.Verify` middleware.
// ctx.StopWithStatus(iris.StatusUnauthorized)
// return
// }
//
// ctx.Writef("Claims: %#+v\n", claims)
// })
//
// OR:
userRouter.Get("/", func(ctx iris.Context) {
var claims UserClaims
if err := j.VerifyToken(ctx, &claims); err != nil {
ctx.StopWithStatus(iris.StatusUnauthorized)
return
}
ctx.Writef("Claims: %#+v\n", claims)
})
}
app.Listen(":8080")
}
/*
func load_From_File_Example() {
b, err := ioutil.ReadFile("./private_rsa.pem")
if err != nil {
panic(err)
}
signKey := jwt.MustParseRSAPrivateKey(b, []byte("pass"))
j, err := jwt.New(15*time.Minute, jwt.RS256, signKey)
if err != nil {
panic(err)
}
}
*/
/*
func random_RSA_Sign_And_Encrypt_Example() {
j := jwt.Random(1 * time.Minute)
}
*/
/*
func random_manually_generate_RSA_Example() {
signey, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
panic(err)
}
encryptionKey, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
panic(err)
}
j, err := jwt.New(1*time.Minute, jwt.RS256, signey)
if err != nil {
panic(err)
}
err = j.WithEncryption(jwt.A128CBCHS256, jwt.RSA15, encryptionKey)
if err != nil {
panic(err)
}
}
*/