Documentation
¶
Index ¶
- Constants
- Variables
- func AppendQueryParam(originalURL string, key string, value string) string
- func BuildVerificationURL(baseURL string, basePath string, token string, callbackURL *string) string
- func CompareStringArrays(arr1 []string, arr2 []string) bool
- func ConstantTimeCompareHex(a, b string) bool
- func CreateEmailChangeVerificationBody(user models.User, newEmail string, verificationURL string) string
- func CreateMockRequest(method string, path string, query map[string]string, body io.Reader, ...) *http.Request
- func CreateResetPasswordEmailBody(user models.User, resetURL string) string
- func CreateVerificationEmailBody(user models.User, verificationURL string) string
- func DecryptToken(encryptedToken string, secret string) (string, error)
- func EncryptToken(token string, secret string) (string, error)
- func ExtractProviderName(path string) string
- func GeneratePKCE() (verifier string, challenge string, err error)
- func GenerateRandomBytes(n int) ([]byte, error)
- func GenerateRandomTokenBase64URL(n int) (string, error)
- func GenerateRandomTokenHex(n int) (string, error)
- func GenerateToken() (string, error)
- func GetCookieOptions(cfg *models.Config) (isSecure bool, sameSite http.SameSite)
- func HMACSHA256(key, data []byte) string
- func HashSHA256(data []byte) string
- func HashSHA512(data []byte) string
- func HashTokenWithSecret(token string, secret string) string
- func InitValidator()
- func IsTrustedRedirect(target string, trusted []string) bool
- func JSONResponse(w http.ResponseWriter, statusCode int, data any)
- func NewMockPlugin() *mockPlugin
- func PreserveNonSerializableFieldsOnConfig(target, source *models.Config)
- func RequiresRestart(current, updated *models.Config) bool
- type MockLogger
Constants ¶
const DefaultTokenBytes = 32
DefaultTokenBytes is the recommended default length (in bytes) for generated tokens. 32 bytes = 256 bits of entropy which is suitable for most token use-cases.
Variables ¶
var Validate *validator.Validate
Functions ¶
func AppendQueryParam ¶ added in v1.0.4
func BuildVerificationURL ¶
func CompareStringArrays ¶ added in v1.4.0
func ConstantTimeCompareHex ¶
ConstantTimeCompareHex compares two hex-encoded strings in constant time and returns true if they are equal. If either string is not valid hex, the function will fall back to a constant-time comparison of the raw strings.
func CreateEmailChangeVerificationBody ¶ added in v1.4.0
func CreateEmailChangeVerificationBody(user models.User, newEmail string, verificationURL string) string
CreateEmailChangeVerificationBody creates the HTML body for an email change verification email
func CreateMockRequest ¶ added in v1.4.0
func CreateMockRequest(method string, path string, query map[string]string, body io.Reader, headers map[string]string) *http.Request
createMockRequest creates a basic mock HTTP request for testing
func CreateResetPasswordEmailBody ¶ added in v1.4.0
CreateResetPasswordEmailBody creates the HTML body for a password reset email
func CreateVerificationEmailBody ¶ added in v1.4.0
CreateVerificationEmailBody creates the HTML body for an email verification email
func DecryptToken ¶
DecryptToken decrypts an AES-256-GCM encrypted token. Expects token in base64-encoded format.
func EncryptToken ¶
EncryptToken encrypts the token using AES-256-GCM with the provided secret. Returns the base64-encoded encrypted token.
func ExtractProviderName ¶ added in v1.0.4
func GeneratePKCE ¶ added in v1.3.0
GeneratePKCE generates a code verifier and code challenge for PKCE.
func GenerateRandomBytes ¶
GenerateRandomBytes returns n cryptographically secure random bytes. Returns an error if n <= 0 or if the random source fails.
func GenerateRandomTokenBase64URL ¶
GenerateRandomTokenBase64URL returns a URL-safe base64 (raw, no padding) encoded token produced from n random bytes. Use DefaultTokenBytes for a sensible default.
func GenerateRandomTokenHex ¶
GenerateRandomTokenHex returns a hex-encoded token produced from n random bytes. The result length will be 2*n characters.
func GenerateToken ¶
GenerateToken returns a default-sized (DefaultTokenBytes) URL-safe base64 token.
func GetCookieOptions ¶ added in v1.0.4
func HMACSHA256 ¶
HMACSHA256 returns the lowercase hex-encoded HMAC-SHA256 over data using key.
func HashSHA256 ¶
HashSHA256 returns the lowercase hex-encoded SHA-256 digest of data.
func HashSHA512 ¶
HashSHA512 returns the lowercase hex-encoded SHA-512 digest of data.
func HashTokenWithSecret ¶
HashTokenWithSecret creates an HMAC-SHA256 hash of the token using the secret. This is more secure than simple SHA256 hashing for token storage.
func InitValidator ¶
func InitValidator()
func IsTrustedRedirect ¶ added in v1.0.4
func JSONResponse ¶
func JSONResponse(w http.ResponseWriter, statusCode int, data any)
JSONResponse writes a JSON response with the given status code and data.
func NewMockPlugin ¶ added in v1.4.0
func NewMockPlugin() *mockPlugin
func PreserveNonSerializableFieldsOnConfig ¶ added in v1.4.0
PreserveNonSerializableFieldsOnConfig safely preserves all non-serializable fields from the source config into the target config.
func RequiresRestart ¶ added in v1.4.0
RequiresRestart checks if the configuration changes require a server restart. Returns true if critical fields have changed that affect routes or plugins.
Types ¶
type MockLogger ¶ added in v1.4.0
type MockLogger struct {
}
func NewMockLogger ¶ added in v1.4.0
func NewMockLogger() *MockLogger
func (*MockLogger) Debug ¶ added in v1.4.0
func (m *MockLogger) Debug(msg string, args ...any)
func (*MockLogger) Error ¶ added in v1.4.0
func (m *MockLogger) Error(msg string, args ...any)
func (*MockLogger) Info ¶ added in v1.4.0
func (m *MockLogger) Info(msg string, args ...any)
func (*MockLogger) Warn ¶ added in v1.4.0
func (m *MockLogger) Warn(msg string, args ...any)
Source Files