csrf

package

v0.14.0 Latest Latest Go to latest Published: May 6, 2024 License: Apache-2.0 Imports: 4 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/oxisto/oauth2go

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func GenerateToken() string
func Mask(sessionToken string) string
func Unmask(token string) (string, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var DoubleEncodedTokenSize = 32

View Source

var EncodedTokenSize = 24

View Source

var ErrInvalidLength = errors.New("invalid length")

View Source

var TokenSize = 18

Functions ¶

func GenerateToken ¶

func GenerateToken() string

GenerateToken generates a new random token that can be used as a CSRF token. Ideally, a unique token for each session should be generated. On can use the masking technique to generate a unique token for each request, that can still be verified against a session-unique token.

func Mask ¶

func Mask(sessionToken string) string

Mask can be used to mask a session-wide token into a unique CSRF token for each request.

func Unmask ¶

func Unmask(token string) (string, error)

Unmask extracts a potential session-wide token from a masked CSRF token. It returns an error if the token is not of the correct length or if it contains illegal base64 characters.

Types ¶

This section is empty.

Source Files ¶

View all Source files

csrf.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL