branca alternatives and similar packages
Based on the "Authentication and OAuth" category.
Alternatively, view branca alternatives based on common mentions on social networks and blogs.
-
keto
Open Source (Go) implementation of "Zanzibar: Google's Consistent, Global Authorization System". Ships gRPC, REST APIs, newSQL, and an easy and granular permission language. Supports ACL, RBAC, and other access models. -
oidc
Easy to use OpenID Connect client and server library written for Go and certified by the OpenID Foundation -
go-guardian
Go-Guardian is a golang library that provides a simple, clean, and idiomatic way to create powerful modern API and web authentication. -
sessiongate-go
A driver for the SessionGate Redis module - easy session management using the Go language. -
signedvalue
DISCONTINUED. Compatibility layer for tornado's signed values (and secure cookies consequently) -
gosession
This is quick session for net/http in GoLang. This package is perhaps the best implementation of the session mechanism, at least it tries to become one.
WorkOS - The modern identity platform for B2B SaaS
Do you think we are missing an alternative of branca or a related project?
README
branca
branca is a secure alternative to JWT, This implementation is written in pure Go (no cgo dependencies) and implements the branca token specification.
Requirements
Go 1.13+
Install
go get -u github.com/hako/branca
Example
package main
import (
"fmt"
"github.com/hako/branca"
)
func main() {
b := branca.NewBranca("supersecretkeyyoushouldnotcommit") // This key must be exactly 32 bytes long.
// Encode String to Branca Token.
token, err := b.EncodeToString("Hello world!")
if err != nil {
fmt.Println(err)
}
//b.SetTTL(3600) // Uncomment this to set an expiration (or ttl) of the token (in seconds).
//token = "87y8daMzSkn7PA7JsvrTT0JUq1OhCjw9K8w2eyY99DKru9FrVKMfeXWW8yB42C7u0I6jNhOdL5ZqL" // This token will be not allowed if a ttl is set.
// Decode Branca Token.
message, err := b.DecodeToString(token)
if err != nil {
fmt.Println(err) // token is expired.
return
}
fmt.Println(token) // 87y8da....
fmt.Println(message) // Hello world!
}
Todo
Here are a few things that need to be done:
- [x] Remove cgo dependencies.
- [x] Move to a pure XChaCha20 algorithm in Go.
- [x] Add more tests than just acceptance tests.
- [x] Increase test coverage.
- [ ] Additional Methods. (Encode, Decode []byte)
- [ ] Performance benchmarks.
- [ ] More comments, examples and documentation.
Contributing
Contributions are welcome! Fork this repo and add your changes and submit a PR.
If you would like to fix a bug, add a feature or provide feedback you can do so in the issues section.
You can run tests by runnning go test
. Running go test; go vet; golint
is recommended.
License
MIT
*Note that all licence references and agreements mentioned in the branca README section above
are relevant to that project's source code only.