MCPcopy
hub / github.com/dgraph-io/dgraph / getAccessJwt

Function getAccessJwt

edgraph/access.go:243–257  ·  view source on GitHub ↗

getAccessJwt constructs an access jwt with the given user id, groupIds, namespace and expiration TTL specified by worker.Config.AccessJwtTtl

(userId string, groups []acl.Group, namespace uint64)

Source from the content-addressed store, hash-verified

241// getAccessJwt constructs an access jwt with the given user id, groupIds, namespace
242// and expiration TTL specified by worker.Config.AccessJwtTtl
243func getAccessJwt(userId string, groups []acl.Group, namespace uint64) (string, error) {
244 token := jwt.NewWithClaims(worker.Config.AclJwtAlg, jwt.MapClaims{
245 "userid": userId,
246 "groups": acl.GetGroupIDs(groups),
247 "namespace": namespace,
248 // set the jwt exp according to the ttl
249 "exp": time.Now().Add(worker.Config.AccessJwtTtl).Unix(),
250 })
251
252 jwtString, err := token.SignedString(x.MaybeKeyToBytes(worker.Config.AclSecretKey))
253 if err != nil {
254 return "", errors.Errorf("unable to encode jwt to string: %v", err)
255 }
256 return jwtString, nil
257}
258
259// getRefreshJwt constructs a refresh jwt with the given user id, namespace and expiration ttl
260// specified by worker.Config.RefreshJwtTtl

Callers 2

LoginMethod · 0.70
TestGetAccessJwtFunction · 0.70

Calls 4

GetGroupIDsFunction · 0.92
MaybeKeyToBytesFunction · 0.92
AddMethod · 0.45
ErrorfMethod · 0.45

Tested by 1

TestGetAccessJwtFunction · 0.56