auth

package

v0.23.0 Latest Latest Go to latest Published: Mar 25, 2026 License: MIT Imports: 15 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/agentserver/agentserver

Links

Open Source Insights

Documentation ¶

Index ¶

func SetTokenCookie(w http.ResponseWriter, token string)
func UserIDFromContext(ctx context.Context) string
type Auth
- func New(database *db.DB) *Auth
type GenericOIDCProvider
- func NewGenericOIDCProvider(ctx context.Context, issuerURL, clientID, clientSecret, redirectURL string) (*GenericOIDCProvider, error)
type GitHubProvider
- func NewGitHubProvider(clientID, clientSecret, redirectURL string) *GitHubProvider
type OIDCManager
- func NewOIDCManager(baseURL string, authSvc *Auth) *OIDCManager
type Provider

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func SetTokenCookie ¶

func SetTokenCookie(w http.ResponseWriter, token string)

func UserIDFromContext ¶

func UserIDFromContext(ctx context.Context) string

UserIDFromContext extracts the user ID set by Middleware.

Types ¶

type Auth ¶

type Auth struct {
	// contains filtered or unexported fields
}

func New ¶

func New(database *db.DB) *Auth

func (*Auth) DB ¶

func (a *Auth) DB() *db.DB

DB returns the underlying database for use by other auth subsystems.

func (*Auth) GetUserByEmail ¶ added in v0.23.0

func (a *Auth) GetUserByEmail(email string) (*db.User, error)

GetUserByEmail returns user info by email.

func (*Auth) GetUserByID ¶

func (a *Auth) GetUserByID(id string) (*db.User, error)

GetUserByID returns user info by ID.

func (*Auth) IssueToken ¶

func (a *Auth) IssueToken(userID string) (string, error)

IssueToken generates a random token, stores it, and returns it.

func (a *Auth) Login(email, password string) (string, string, bool)

Login verifies credentials by email and returns a token.

func (*Auth) Middleware ¶

func (a *Auth) Middleware(next http.Handler) http.Handler

Middleware enforces authentication and injects user ID into context.

func (*Auth) Register ¶

func (a *Auth) Register(id, email, password string) error

Register creates a new user with a bcrypt-hashed password.

func (*Auth) ValidateRequest ¶

func (a *Auth) ValidateRequest(r *http.Request) (string, bool)

ValidateRequest checks whether a request has a valid auth cookie and returns the user ID.

func (*Auth) ValidateToken ¶

func (a *Auth) ValidateToken(token string) (string, bool)

ValidateToken checks the token against the database and returns the user ID.

type GenericOIDCProvider ¶

type GenericOIDCProvider struct {
	// contains filtered or unexported fields
}

func NewGenericOIDCProvider ¶

func NewGenericOIDCProvider(ctx context.Context, issuerURL, clientID, clientSecret, redirectURL string) (*GenericOIDCProvider, error)

func (*GenericOIDCProvider) GetIdentity ¶

func (g *GenericOIDCProvider) GetIdentity(ctx context.Context, token *oauth2.Token) (string, string, string, string, string, error)

func (*GenericOIDCProvider) Name ¶

func (g *GenericOIDCProvider) Name() string

func (*GenericOIDCProvider) OAuth2Config ¶

func (g *GenericOIDCProvider) OAuth2Config() *oauth2.Config

type GitHubProvider ¶

type GitHubProvider struct {
	// contains filtered or unexported fields
}

func NewGitHubProvider ¶

func NewGitHubProvider(clientID, clientSecret, redirectURL string) *GitHubProvider

func (*GitHubProvider) GetIdentity ¶

func (g *GitHubProvider) GetIdentity(ctx context.Context, token *oauth2.Token) (string, string, string, string, string, error)

func (*GitHubProvider) Name ¶

func (g *GitHubProvider) Name() string

func (*GitHubProvider) OAuth2Config ¶

func (g *GitHubProvider) OAuth2Config() *oauth2.Config

type OIDCManager ¶

type OIDCManager struct {
	OnUserCreated func(userID string) // called when a brand-new user is created via OIDC
	// contains filtered or unexported fields
}

OIDCManager orchestrates multiple OIDC/OAuth2 providers.

func NewOIDCManager ¶

func NewOIDCManager(baseURL string, authSvc *Auth) *OIDCManager

NewOIDCManager creates a new manager. baseURL is the external redirect base (e.g. "https://app.example.com").

func (*OIDCManager) HandleCallback ¶

func (m *OIDCManager) HandleCallback(w http.ResponseWriter, r *http.Request, providerName string)

HandleCallback processes the IdP callback, resolves/creates the user, and sets the auth cookie.

func (*OIDCManager) HandleLogin ¶

func (m *OIDCManager) HandleLogin(w http.ResponseWriter, r *http.Request, providerName string)

HandleLogin redirects the user to the IdP authorization endpoint.

func (*OIDCManager) HandleProviders ¶

func (m *OIDCManager) HandleProviders(w http.ResponseWriter, r *http.Request)

HandleProviders returns the list of available providers as JSON.

func (*OIDCManager) ProviderNames ¶

func (m *OIDCManager) ProviderNames() []string

ProviderNames returns the list of registered provider names.

func (*OIDCManager) RegisterProvider ¶

func (m *OIDCManager) RegisterProvider(p Provider)

RegisterProvider adds a provider.

type Provider ¶

type Provider interface {
	Name() string
	OAuth2Config() *oauth2.Config
	// GetIdentity returns the identity from the provider.
	// Returns: subject, email, displayName, login (preferred username), avatarURL, error.
	// login and avatarURL may be empty if the provider doesn't support them.
	GetIdentity(ctx context.Context, token *oauth2.Token) (subject, email, displayName, login, avatarURL string, err error)
}

Provider abstracts an OAuth2/OIDC identity provider.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL