README
¶
Auth Configuration Adapter
Overview
The Auth Configuration Adapter provides adapters for integrating the auth configuration with the config package. It allows for a unified interface to access JWT, OIDC, Middleware, and Service configurations.
Features
- Configuration Adaptation: Adapt auth.Config to the config package interfaces
- Unified Interface: Access JWT, OIDC, Middleware, and Service configurations through a unified interface
- Configuration Conversion: Convert auth configuration to generic configuration
- Component Configuration: Create specific configurations for JWT, OIDC, Middleware, and Service components
Installation
go get github.com/abitofhelp/servicelib/auth/config
Quick Start
See the Auth Configuration example for a complete, runnable example of how to use the auth configuration adapter.
API Documentation
Core Types
AuthConfigAdapter
The main type that provides adaptation between auth configuration and the config package.
type AuthConfigAdapter struct {
// Fields
}
Key Methods
NewAuthConfigAdapter
Creates a new auth configuration adapter.
func NewAuthConfigAdapter(config auth.Config) *AuthConfigAdapter
GetAuth
Gets the auth configuration.
func (a *AuthConfigAdapter) GetAuth() auth.Config
CreateJWTConfig
Creates JWT configuration from auth configuration.
func CreateJWTConfig(config auth.Config) jwt.Config
Examples
For complete, runnable examples, see the following directories in the EXAMPLES directory:
- Configuration - Shows how to configure auth components
Best Practices
- Use Default Configuration: Start with the default configuration and customize as needed
- Validate Configuration: Always validate configuration before using it
- Secure Secret Keys: Store secret keys securely and never hardcode them in your application
- Use Environment Variables: Use environment variables for configuration values that change between environments
Troubleshooting
Common Issues
Configuration Validation Failures
If configuration validation fails, check that all required fields are set and that the values are valid.
Related Components
- Auth - The parent auth package
- JWT - JWT token handling
- OIDC - OpenID Connect integration
- Config - Configuration management
Contributing
Contributions to this component are welcome! Please see the Contributing Guide for more information.
License
This project is licensed under the MIT License - see the LICENSE file for details.
Documentation
¶
Overview ¶
Package config provides adapters for auth configuration.
Package config provides adapters for integrating the auth configuration with the config package.
The auth configuration adapter allows you to:
- Adapt the auth.Config to the config package interfaces
- Access JWT, OIDC, Middleware, and Service configurations through a unified interface
- Convert auth configuration to generic configuration
- Create specific configurations for JWT, OIDC, Middleware, and Service components
Basic usage:
// Create an auth configuration config := auth.DefaultConfig() config.JWT.SecretKey = "example-secret-key" // Create an auth config adapter adapter := authconfig.NewAuthConfigAdapter(config) // Get the auth configuration authCfg := adapter.GetAuth() // Use the auth configuration to create JWT configuration jwtConfig := authconfig.CreateJWTConfig(authCfg) // Create JWT service jwtService := jwt.NewService(jwtConfig, logger)
For more examples, see the example_test.go file.
Example ¶
package main
import (
"fmt"
"github.com/abitofhelp/servicelib/auth"
authconfig "github.com/abitofhelp/servicelib/auth/config"
"github.com/abitofhelp/servicelib/auth/jwt"
"github.com/abitofhelp/servicelib/auth/service"
"go.uber.org/zap"
)
func main() {
// Create a logger
logger, _ := zap.NewDevelopment()
// Create an auth configuration
config := auth.DefaultConfig()
config.JWT.SecretKey = "example-secret-key-that-is-at-least-32-chars"
config.OIDC.IssuerURL = "https://example.com/oidc"
config.OIDC.ClientID = "example-client-id"
config.OIDC.ClientSecret = "example-client-secret"
// Create an auth config adapter
adapter := authconfig.NewAuthConfigAdapter(config)
// Get the auth configuration
authCfg := adapter.GetAuth()
// Use the auth configuration to create JWT, OIDC, middleware, and service configurations
jwtConfig := authconfig.CreateJWTConfig(authCfg)
jwtRemoteConfig := authconfig.CreateJWTRemoteConfig(authCfg)
oidcConfig := authconfig.CreateOIDCConfig(authCfg)
middlewareConfig := authconfig.CreateMiddlewareConfig(authCfg)
serviceConfig := authconfig.CreateServiceConfig(authCfg)
// Create JWT service
jwtService, _ := jwt.NewService(jwtConfig, logger)
// Add remote validator if enabled
if authCfg.GetJWT().GetRemote().GetEnabled() {
jwtService.WithRemoteValidator(jwtRemoteConfig)
}
// Skip creating a real OIDC service since it requires an external provider
// Instead, just check that the configurations were created correctly
fmt.Println("JWT config created:", jwtConfig.SecretKey != "")
fmt.Println("OIDC config created:", oidcConfig.IssuerURL != "")
fmt.Println("Middleware config created:", middlewareConfig.RequireAuth)
fmt.Println("Service config created:", serviceConfig.AdminRoleName != "")
// Create JWT service
fmt.Println("JWT service created:", jwtService != nil)
// Create service
authService := service.NewService(serviceConfig, logger)
fmt.Println("Auth service created:", authService != nil)
}
Output: JWT config created: true OIDC config created: true Middleware config created: true Service config created: true JWT service created: true Auth service created: true
Index ¶
- func CreateJWTConfig(authConfig Auth) jwt.Config
- func CreateJWTRemoteConfig(authConfig Auth) jwt.RemoteConfig
- func CreateMiddlewareConfig(authConfig Auth) middleware.Config
- func CreateOIDCConfig(authConfig Auth) oidc.Config
- func CreateServiceConfig(authConfig Auth) service.Config
- type Auth
- type AuthAdapter
- type AuthConfigAdapter
- type AuthConfigProvider
- type JWT
- type JWTAdapter
- type JWTRemote
- type JWTRemoteAdapter
- type Middleware
- type MiddlewareAdapter
- type OIDC
- type OIDCAdapter
- type Service
- type ServiceAdapter
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CreateJWTConfig ¶
CreateJWTConfig creates a JWT configuration from the auth configuration
Example ¶
package main
import (
"fmt"
"time"
"github.com/abitofhelp/servicelib/auth"
authconfig "github.com/abitofhelp/servicelib/auth/config"
)
func main() {
// Create an auth configuration
config := auth.DefaultConfig()
config.JWT.SecretKey = "example-secret-key"
config.JWT.TokenDuration = 1 * time.Hour
config.JWT.Issuer = "example-issuer"
// Create an auth config adapter
adapter := authconfig.NewAuthConfigAdapter(config)
// Get the auth configuration
authCfg := adapter.GetAuth()
// Create JWT configuration
jwtConfig := authconfig.CreateJWTConfig(authCfg)
// Use the JWT configuration
fmt.Println("Secret key:", jwtConfig.SecretKey)
fmt.Println("Token duration:", jwtConfig.TokenDuration)
fmt.Println("Issuer:", jwtConfig.Issuer)
}
Output: Secret key: example-secret-key Token duration: 1h0m0s Issuer: example-issuer
func CreateJWTRemoteConfig ¶
func CreateJWTRemoteConfig(authConfig Auth) jwt.RemoteConfig
CreateJWTRemoteConfig creates a JWT remote configuration from the auth configuration
func CreateMiddlewareConfig ¶
func CreateMiddlewareConfig(authConfig Auth) middleware.Config
CreateMiddlewareConfig creates a middleware configuration from the auth configuration
func CreateOIDCConfig ¶
CreateOIDCConfig creates an OIDC configuration from the auth configuration
Example ¶
package main
import (
"fmt"
"time"
"github.com/abitofhelp/servicelib/auth"
authconfig "github.com/abitofhelp/servicelib/auth/config"
)
func main() {
// Create an auth configuration
config := auth.DefaultConfig()
config.OIDC.IssuerURL = "https://example.com/oidc"
config.OIDC.ClientID = "example-client-id"
config.OIDC.ClientSecret = "example-client-secret"
config.OIDC.RedirectURL = "https://myapp.com/callback"
config.OIDC.Scopes = []string{"openid", "profile", "email", "custom-scope"}
config.OIDC.Timeout = 30 * time.Second
// Create an auth config adapter
adapter := authconfig.NewAuthConfigAdapter(config)
// Get the auth configuration
authCfg := adapter.GetAuth()
// Create OIDC configuration
oidcConfig := authconfig.CreateOIDCConfig(authCfg)
// Use the OIDC configuration
fmt.Println("Issuer URL:", oidcConfig.IssuerURL)
fmt.Println("Client ID:", oidcConfig.ClientID)
fmt.Println("Redirect URL:", oidcConfig.RedirectURL)
fmt.Println("Timeout:", oidcConfig.Timeout)
fmt.Println("Number of scopes:", len(oidcConfig.Scopes))
}
Output: Issuer URL: https://example.com/oidc Client ID: example-client-id Redirect URL: https://myapp.com/callback Timeout: 30s Number of scopes: 4
func CreateServiceConfig ¶
CreateServiceConfig creates a service configuration from the auth configuration
Types ¶
type Auth ¶
type Auth interface {
// GetJWT returns the JWT configuration
GetJWT() JWT
// GetOIDC returns the OIDC configuration
GetOIDC() OIDC
// GetMiddleware returns the middleware configuration
GetMiddleware() Middleware
// GetService returns the service configuration
GetService() Service
}
Auth is the interface for auth configuration
type AuthAdapter ¶
type AuthAdapter struct {
// contains filtered or unexported fields
}
AuthAdapter adapts the auth.Config to the Auth interface
func (*AuthAdapter) GetJWT ¶
func (a *AuthAdapter) GetJWT() JWT
GetJWT returns the JWT configuration
func (*AuthAdapter) GetMiddleware ¶
func (a *AuthAdapter) GetMiddleware() Middleware
GetMiddleware returns the middleware configuration
func (*AuthAdapter) GetOIDC ¶
func (a *AuthAdapter) GetOIDC() OIDC
GetOIDC returns the OIDC configuration
func (*AuthAdapter) GetService ¶
func (a *AuthAdapter) GetService() Service
GetService returns the service configuration
type AuthConfigAdapter ¶
type AuthConfigAdapter struct {
// contains filtered or unexported fields
}
AuthConfigAdapter adapts the auth.Config to the config package interfaces
func NewAuthConfigAdapter ¶
func NewAuthConfigAdapter(config auth.Config) *AuthConfigAdapter
NewAuthConfigAdapter creates a new AuthConfigAdapter
func (*AuthConfigAdapter) AsGenericConfig ¶
func (a *AuthConfigAdapter) AsGenericConfig() baseconfig.Config
AsGenericConfig returns the auth configuration as a generic config
Example ¶
package main
import (
"fmt"
"github.com/abitofhelp/servicelib/auth"
authconfig "github.com/abitofhelp/servicelib/auth/config"
)
func main() {
// Create an auth configuration
config := auth.DefaultConfig()
// Create an auth config adapter
adapter := authconfig.NewAuthConfigAdapter(config)
// Convert to generic config
genericConfig := adapter.AsGenericConfig()
// Use the generic config
appConfig := genericConfig.GetApp()
fmt.Println("App name:", appConfig.GetName())
fmt.Println("App environment:", appConfig.GetEnvironment())
}
Output: App name: auth App environment: production
func (*AuthConfigAdapter) GetAuth ¶
func (a *AuthConfigAdapter) GetAuth() Auth
GetAuth returns the auth configuration
type AuthConfigProvider ¶
type AuthConfigProvider interface {
// GetJWTSecretKey returns the JWT secret key
GetJWTSecretKey() string
// GetJWTTokenDuration returns the JWT token duration
GetJWTTokenDuration() time.Duration
// GetJWTIssuer returns the JWT issuer
GetJWTIssuer() string
// GetJWTRemoteEnabled returns whether JWT remote validation is enabled
GetJWTRemoteEnabled() bool
// GetJWTRemoteValidationURL returns the JWT remote validation URL
GetJWTRemoteValidationURL() string
// GetJWTRemoteClientID returns the JWT remote client ID
GetJWTRemoteClientID() string
// GetJWTRemoteClientSecret returns the JWT remote client secret
GetJWTRemoteClientSecret() string
// GetJWTRemoteTimeout returns the JWT remote timeout
GetJWTRemoteTimeout() time.Duration
// GetOIDCIssuerURL returns the OIDC issuer URL
GetOIDCIssuerURL() string
// GetOIDCClientID returns the OIDC client ID
GetOIDCClientID() string
// GetOIDCClientSecret returns the OIDC client secret
GetOIDCClientSecret() string
// GetOIDCRedirectURL returns the OIDC redirect URL
GetOIDCRedirectURL() string
// GetOIDCScopes returns the OIDC scopes
GetOIDCScopes() []string
// GetOIDCTimeout returns the OIDC timeout
GetOIDCTimeout() time.Duration
// GetMiddlewareSkipPaths returns the middleware skip paths
GetMiddlewareSkipPaths() []string
// GetMiddlewareRequireAuth returns whether middleware requires auth
GetMiddlewareRequireAuth() bool
// GetServiceAdminRoleName returns the service admin role name
GetServiceAdminRoleName() string
// GetServiceReadOnlyRoleName returns the service read-only role name
GetServiceReadOnlyRoleName() string
// GetServiceReadOperationPrefixes returns the service read operation prefixes
GetServiceReadOperationPrefixes() []string
}
AuthConfigProvider defines the interface for accessing auth configuration
type JWT ¶
type JWT interface {
// GetSecretKey returns the JWT secret key
GetSecretKey() string
// GetTokenDuration returns the JWT token duration
GetTokenDuration() time.Duration
// GetIssuer returns the JWT issuer
GetIssuer() string
// GetRemote returns the JWT remote configuration
GetRemote() JWTRemote
}
JWT is the interface for JWT configuration
type JWTAdapter ¶
type JWTAdapter struct {
// contains filtered or unexported fields
}
JWTAdapter adapts the auth.Config.JWT to the JWT interface
func (*JWTAdapter) GetIssuer ¶
func (a *JWTAdapter) GetIssuer() string
GetIssuer returns the JWT issuer
func (*JWTAdapter) GetRemote ¶
func (a *JWTAdapter) GetRemote() JWTRemote
GetRemote returns the JWT remote configuration
func (*JWTAdapter) GetSecretKey ¶
func (a *JWTAdapter) GetSecretKey() string
GetSecretKey returns the JWT secret key
func (*JWTAdapter) GetTokenDuration ¶
func (a *JWTAdapter) GetTokenDuration() time.Duration
GetTokenDuration returns the JWT token duration
type JWTRemote ¶
type JWTRemote interface {
// GetEnabled returns whether JWT remote validation is enabled
GetEnabled() bool
// GetValidationURL returns the JWT remote validation URL
GetValidationURL() string
// GetClientID returns the JWT remote client ID
GetClientID() string
// GetClientSecret returns the JWT remote client secret
GetClientSecret() string
// GetTimeout returns the JWT remote timeout
GetTimeout() time.Duration
}
JWTRemote is the interface for JWT remote configuration
type JWTRemoteAdapter ¶
type JWTRemoteAdapter struct {
// contains filtered or unexported fields
}
JWTRemoteAdapter adapts the auth.Config.JWT.Remote to the JWTRemote interface
func (*JWTRemoteAdapter) GetClientID ¶
func (a *JWTRemoteAdapter) GetClientID() string
GetClientID returns the JWT remote client ID
func (*JWTRemoteAdapter) GetClientSecret ¶
func (a *JWTRemoteAdapter) GetClientSecret() string
GetClientSecret returns the JWT remote client secret
func (*JWTRemoteAdapter) GetEnabled ¶
func (a *JWTRemoteAdapter) GetEnabled() bool
GetEnabled returns whether JWT remote validation is enabled
func (*JWTRemoteAdapter) GetTimeout ¶
func (a *JWTRemoteAdapter) GetTimeout() time.Duration
GetTimeout returns the JWT remote timeout
func (*JWTRemoteAdapter) GetValidationURL ¶
func (a *JWTRemoteAdapter) GetValidationURL() string
GetValidationURL returns the JWT remote validation URL
type Middleware ¶
type Middleware interface {
// GetSkipPaths returns the middleware skip paths
GetSkipPaths() []string
// GetRequireAuth returns whether middleware requires auth
GetRequireAuth() bool
}
Middleware is the interface for middleware configuration
type MiddlewareAdapter ¶
type MiddlewareAdapter struct {
// contains filtered or unexported fields
}
MiddlewareAdapter adapts the auth.Config.Middleware to the Middleware interface
func (*MiddlewareAdapter) GetRequireAuth ¶
func (a *MiddlewareAdapter) GetRequireAuth() bool
GetRequireAuth returns whether middleware requires auth
func (*MiddlewareAdapter) GetSkipPaths ¶
func (a *MiddlewareAdapter) GetSkipPaths() []string
GetSkipPaths returns the middleware skip paths
type OIDC ¶
type OIDC interface {
// GetIssuerURL returns the OIDC issuer URL
GetIssuerURL() string
// GetClientID returns the OIDC client ID
GetClientID() string
// GetClientSecret returns the OIDC client secret
GetClientSecret() string
// GetRedirectURL returns the OIDC redirect URL
GetRedirectURL() string
// GetScopes returns the OIDC scopes
GetScopes() []string
// GetTimeout returns the OIDC timeout
GetTimeout() time.Duration
}
OIDC is the interface for OIDC configuration
type OIDCAdapter ¶
type OIDCAdapter struct {
// contains filtered or unexported fields
}
OIDCAdapter adapts the auth.Config.OIDC to the OIDC interface
func (*OIDCAdapter) GetClientID ¶
func (a *OIDCAdapter) GetClientID() string
GetClientID returns the OIDC client ID
func (*OIDCAdapter) GetClientSecret ¶
func (a *OIDCAdapter) GetClientSecret() string
GetClientSecret returns the OIDC client secret
func (*OIDCAdapter) GetIssuerURL ¶
func (a *OIDCAdapter) GetIssuerURL() string
GetIssuerURL returns the OIDC issuer URL
func (*OIDCAdapter) GetRedirectURL ¶
func (a *OIDCAdapter) GetRedirectURL() string
GetRedirectURL returns the OIDC redirect URL
func (*OIDCAdapter) GetScopes ¶
func (a *OIDCAdapter) GetScopes() []string
GetScopes returns the OIDC scopes
func (*OIDCAdapter) GetTimeout ¶
func (a *OIDCAdapter) GetTimeout() time.Duration
GetTimeout returns the OIDC timeout
type Service ¶
type Service interface {
// GetAdminRoleName returns the service admin role name
GetAdminRoleName() string
// GetReadOnlyRoleName returns the service read-only role name
GetReadOnlyRoleName() string
// GetReadOperationPrefixes returns the service read operation prefixes
GetReadOperationPrefixes() []string
}
Service is the interface for service configuration
type ServiceAdapter ¶
type ServiceAdapter struct {
// contains filtered or unexported fields
}
ServiceAdapter adapts the auth.Config.Service to the Service interface
func (*ServiceAdapter) GetAdminRoleName ¶
func (a *ServiceAdapter) GetAdminRoleName() string
GetAdminRoleName returns the service admin role name
func (*ServiceAdapter) GetReadOnlyRoleName ¶
func (a *ServiceAdapter) GetReadOnlyRoleName() string
GetReadOnlyRoleName returns the service read-only role name
func (*ServiceAdapter) GetReadOperationPrefixes ¶
func (a *ServiceAdapter) GetReadOperationPrefixes() []string
GetReadOperationPrefixes returns the service read operation prefixes
Source Files