MCPcopy Index your code
hub / github.com/authorizerdev/authorizer / CreateAccessToken

Method CreateAccessToken

internal/token/auth_token.go:226–259  ·  view source on GitHub ↗

CreateAccessToken util to create JWT token, based on user information, roles config and CUSTOM_ACCESS_TOKEN_SCRIPT

(cfg *AuthTokenConfig)

Source from the content-addressed store, hash-verified

224// CreateAccessToken util to create JWT token, based on
225// user information, roles config and CUSTOM_ACCESS_TOKEN_SCRIPT
226func (p *provider) CreateAccessToken(cfg *AuthTokenConfig) (string, int64, error) {
227 expiryBound, err := utils.ParseDurationInSeconds(cfg.ExpireTime)
228 if err != nil {
229 expiryBound = time.Minute * 30
230 }
231 expiresAt := time.Now().Add(expiryBound).Unix()
232 customClaims := jwt.MapClaims{
233 "iss": cfg.HostName,
234 "aud": p.config.ClientID,
235 "nonce": cfg.Nonce,
236 "sub": cfg.User.ID,
237 "exp": expiresAt,
238 "iat": time.Now().Unix(),
239 "token_type": constants.TokenTypeAccessToken,
240 "scope": cfg.Scope,
241 "roles": cfg.Roles,
242 "login_method": cfg.LoginMethod,
243 "allowed_roles": strings.Split(cfg.User.Roles, ","),
244 }
245 // check for the extra access token script
246 if p.config.CustomAccessTokenScript != "" {
247 resUser := cfg.User.AsAPIUser()
248 userBytes, _ := json.Marshal(&resUser)
249 var userMap map[string]interface{}
250 _ = json.Unmarshal(userBytes, &userMap)
251 p.runCustomAccessTokenScript(userBytes, customClaims)
252 }
253 token, err := p.SignJWTToken(customClaims)
254 if err != nil {
255 return "", 0, err
256 }
257
258 return token, expiresAt, nil
259}
260
261// GetAccessToken returns the access token from the request (either from header or cookie)
262func (p *provider) GetAccessToken(gc *gin.Context) (string, error) {

Callers 1

CreateAuthTokenMethod · 0.95

Calls 4

SignJWTTokenMethod · 0.95
ParseDurationInSecondsFunction · 0.92
AsAPIUserMethod · 0.80

Tested by

no test coverage detected