Documentation
¶
Overview ¶
Package stdcrpcauthfx provides ConnectRPC authentication and authorization via OIDC/JWKS.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ProtoExtensionScope ¶
func ProtoExtensionScope(ext protoreflect.ExtensionType) fx.Option
ProtoExtensionScope returns an fx.Option that provides a ScopeResolver backed by the given protobuf method option extension type.
Types ¶
type AccessControl ¶
type AccessControl struct {
// contains filtered or unexported fields
}
AccessControl holds all auth state: JWKS cache, config, and the authn middleware.
func (*AccessControl) Start ¶
func (ac *AccessControl) Start(ctx context.Context) (err error)
Start initializes the JWKS cache and fetches the initial key set.
type Claims ¶
Claims holds the authentication information extracted from a JWT.
func ClaimsFromContext ¶
ClaimsFromContext retrieves the claims stored by the auth middleware.
type Config ¶
type Config struct {
TokenIssuer string `env:"TOKEN_ISSUER,required"`
TokenAudience string `env:"TOKEN_AUDIENCE,required"`
}
Config holds the OIDC configuration read from environment variables.
type Params ¶
type Params struct {
fx.In
fx.Lifecycle
Logs *zap.Logger
Config Config
ScopeResolver ScopeResolver
Clock jwt.Clock `optional:"true"`
}
Params holds the dependencies for constructing AccessControl.
type Result ¶
type Result struct {
fx.Out
AccessControl *AccessControl
}
Result holds the components produced by this module.
type ScopeResolver ¶
ScopeResolver resolves the required scope for a ConnectRPC procedure.
Source Files
Directories