3 `package auth/jwt` provides a set of interfaces for service authorization
4 through [JSON Web Tokens](https://jwt.io/).
8 NewParser takes a key function and an expected signing method and returns an
9 `endpoint.Middleware`. The middleware will parse a token passed into the
10 context via the `jwt.JWTTokenContextKey`. If the token is valid, any claims
11 will be added to the context via the `jwt.JWTClaimsContextKey`.
15 stdjwt "github.com/dgrijalva/jwt-go"
17 "github.com/go-kit/kit/auth/jwt"
18 "github.com/go-kit/kit/endpoint"
22 var exampleEndpoint endpoint.Endpoint
24 kf := func(token *stdjwt.Token) (interface{}, error) { return []byte("SigningString"), nil }
25 exampleEndpoint = MakeExampleEndpoint(service)
26 exampleEndpoint = jwt.NewParser(kf, stdjwt.SigningMethodHS256, jwt.StandardClaimsFactory)(exampleEndpoint)
31 NewSigner takes a JWT key ID header, the signing key, signing method, and a
32 claims object. It returns an `endpoint.Middleware`. The middleware will build
33 the token string and add it to the context via the `jwt.JWTTokenContextKey`.
37 stdjwt "github.com/dgrijalva/jwt-go"
39 "github.com/go-kit/kit/auth/jwt"
40 "github.com/go-kit/kit/endpoint"
44 var exampleEndpoint endpoint.Endpoint
46 exampleEndpoint = grpctransport.NewClient(...).Endpoint()
47 exampleEndpoint = jwt.NewSigner(
49 []byte("SigningString"),
50 stdjwt.SigningMethodHS256,
57 In order for the parser and the signer to work, the authorization headers need
58 to be passed between the request and the context. `ToHTTPContext()`,
59 `FromHTTPContext()`, `ToGRPCContext()`, and `FromGRPCContext()` are given as
60 helpers to do this. These functions implement the correlating transport's
61 RequestFunc interface and can be passed as ClientBefore or ServerBefore
64 Example of use in a client:
68 stdjwt "github.com/dgrijalva/jwt-go"
70 grpctransport "github.com/go-kit/kit/transport/grpc"
71 "github.com/go-kit/kit/auth/jwt"
72 "github.com/go-kit/kit/endpoint"
77 options := []httptransport.ClientOption{}
78 var exampleEndpoint endpoint.Endpoint
80 exampleEndpoint = grpctransport.NewClient(..., grpctransport.ClientBefore(jwt.FromGRPCContext())).Endpoint()
81 exampleEndpoint = jwt.NewSigner(
83 []byte("SigningString"),
84 stdjwt.SigningMethodHS256,
91 Example of use in a server:
97 "github.com/go-kit/kit/auth/jwt"
98 "github.com/go-kit/kit/log"
99 grpctransport "github.com/go-kit/kit/transport/grpc"
102 func MakeGRPCServer(ctx context.Context, endpoints Endpoints, logger log.Logger) pb.ExampleServer {
103 options := []grpctransport.ServerOption{grpctransport.ServerErrorLogger(logger)}
106 createUser: grpctransport.NewServer(
108 endpoints.CreateUserEndpoint,
109 DecodeGRPCCreateUserRequest,
110 EncodeGRPCCreateUserResponse,
111 append(options, grpctransport.ServerBefore(jwt.ToGRPCContext()))...,
113 getUser: grpctransport.NewServer(
115 endpoints.GetUserEndpoint,
116 DecodeGRPCGetUserRequest,
117 EncodeGRPCGetUserResponse,