Skip to content

synadia-io/jwt-auth-builder.go

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

126 Commits
.github/workflows
.github/workflows
 
 
providers
providers
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
account_jstieredlimits.go
account_jstieredlimits.go
 
 
account_limits.go
account_limits.go
 
 
account_signingkeys.go
account_signingkeys.go
 
 
accounts.go
accounts.go
 
 
auth.go
auth.go
 
 
exports.go
exports.go
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
imports.go
imports.go
 
 
key.go
key.go
 
 
memresolver.go
memresolver.go
 
 
operator.go
operator.go
 
 
operator_signingkeys.go
operator_signingkeys.go
 
 
revocations.go
revocations.go
 
 
scope.go
scope.go
 
 
service_exports.go
service_exports.go
 
 
service_imports.go
service_imports.go
 
 
stream_exports.go
stream_exports.go
 
 
stream_imports.go
stream_imports.go
 
 
taskfile.dist.yaml
taskfile.dist.yaml
 
 
types.go
types.go
 
 
user.go
user.go
 
 
users.go
users.go
 
 

Repository files navigation

JWT Auth Builder (Work in Progress)

IMPORTANT NOTICE: This is a work in progress - it is NOT A SUPPORTED PRODUCT. You are free to try and experiment and provide feedback.

The jwt-auth-builder library is an opinionated wrapper on the NATS JWT library. It provides an API for building entities (JWTs) that is self-documenting. The configurations (JWTs) and secrets (nkeys) are persisted using an AuthProvider.

The AuthProvider is an interface for loading and storing configurations.

The NscAuth provider, is a provided implementation that uses a nsc data directory to load/store entities. Note that the NscAuth provider is not thread-safe, so it should only be used from a single thread and pointed to directories that the library manages.

Usage

Here's an example usage, more examples as this gets further along. For additional insight check the godoc and look at the tests.

auth, err := NewAuth(NewNscProvider(storeDirPath, keysDirPath))
// create an operator
o, _ := auth.Operators().Add("O")
// create an account for system purposes
sys, _ := o.AddAccount("SYS")
o.SetSystemAccount(sys)
sys.Users().Add("sys")
// generate the creds for the sys user, save the data to a file
// this is only valid for a day
data, _ := sys.Creds(time.Hour * 24)
// create an account for users
a, _ := o.Accounts().Add("A")
// add a user
u, _ := a.Users().Add("U")
// generate the creds for the user, save the data to a file
u.PubPermissions().Allow("q", "foo", "bar")
u.SubPermissions().Allow("_inbox.foo.>")
u.RespPermissions().SetMaxMessages(1)
// store the changes in the store dir/key dir
auth.Commit()

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

15 stars

Watchers

10 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages