branca alternatives and similar packages
Based on the "Authentication and OAuth" category.
Alternatively, view branca alternatives based on common mentions on social networks and blogs.
-
keto
The most scalable and customizable permission server on the market. Fix your slow or broken permission system with Google's proven "Zanzibar" approach. Supports ACL, RBAC, and more. Written in Go, cloud native, headless, API-first. Available as a service on Ory Network and for self-hosters. -
oidc
Easy to use OpenID Connect client and server library written for Go and certified by the OpenID Foundation -
go-guardian
Go-Guardian is a golang library that provides a simple, clean, and idiomatic way to create powerful modern API and web authentication. -
sessiongate-go
A driver for the SessionGate Redis module - easy session management using the Go language. -
signedvalue
DISCONTINUED. Compatibility layer for tornado's signed values (and secure cookies consequently) -
gosession
This is quick session for net/http in GoLang. This package is perhaps the best implementation of the session mechanism, at least it tries to become one.
SaaSHub - Software Alternatives and Reviews
Do you think we are missing an alternative of branca or a related project?
README
branca
branca is a secure alternative to JWT, This implementation is written in pure Go (no cgo dependencies) and implements the branca token specification.
Requirements
Go 1.13+
Install
go get -u github.com/hako/branca
Example
package main
import (
"fmt"
"github.com/hako/branca"
)
func main() {
b := branca.NewBranca("supersecretkeyyoushouldnotcommit") // This key must be exactly 32 bytes long.
// Encode String to Branca Token.
token, err := b.EncodeToString("Hello world!")
if err != nil {
fmt.Println(err)
}
//b.SetTTL(3600) // Uncomment this to set an expiration (or ttl) of the token (in seconds).
//token = "87y8daMzSkn7PA7JsvrTT0JUq1OhCjw9K8w2eyY99DKru9FrVKMfeXWW8yB42C7u0I6jNhOdL5ZqL" // This token will be not allowed if a ttl is set.
// Decode Branca Token.
message, err := b.DecodeToString(token)
if err != nil {
fmt.Println(err) // token is expired.
return
}
fmt.Println(token) // 87y8da....
fmt.Println(message) // Hello world!
}
Todo
Here are a few things that need to be done:
- [x] Remove cgo dependencies.
- [x] Move to a pure XChaCha20 algorithm in Go.
- [x] Add more tests than just acceptance tests.
- [x] Increase test coverage.
- [ ] Additional Methods. (Encode, Decode []byte)
- [ ] Performance benchmarks.
- [ ] More comments, examples and documentation.
Contributing
Contributions are welcome! Fork this repo and add your changes and submit a PR.
If you would like to fix a bug, add a feature or provide feedback you can do so in the issues section.
You can run tests by runnning go test
. Running go test; go vet; golint
is recommended.
License
MIT
*Note that all licence references and agreements mentioned in the branca README section above
are relevant to that project's source code only.