authentication

package
v1.1.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 5, 2026 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewProvider 

func NewProvider(ctx context.Context, issuer string) (*oidc.Provider, error)

NewProvider creates an OIDC provider using the issuer's well-known configuration

func NewProviderWithJWKS 

func NewProviderWithJWKS(ctx context.Context, issuer, jwksURL string) (*oidc.IDTokenVerifier, error)

NewProviderWithJWKS creates an OIDC provider or a manual key set when JWKS URL is provided If jwksURL is provided, it creates a RemoteKeySet directly and wraps it If jwksURL is empty, it uses the standard OIDC discovery

Types

type JWTVerifier 

type JWTVerifier struct {
	// contains filtered or unexported fields
}

func NewJWTVerifier 

func NewJWTVerifier(
	provider ProviderInterface,
	issuer string,
	allowedSubjects []string,
	requiredScope string,
	tracer tracing.TracingInterface,
	monitor monitoring.MonitorInterface,
	logger logging.LoggerInterface,
) *JWTVerifier

func NewJWTVerifierDirect 

func NewJWTVerifierDirect(
	verifier *oidc.IDTokenVerifier,
	allowedSubjects []string,
	requiredScope string,
	tracer tracing.TracingInterface,
	monitor monitoring.MonitorInterface,
	logger logging.LoggerInterface,
) *JWTVerifier

func (*JWTVerifier) VerifyToken 

func (v *JWTVerifier) VerifyToken(ctx context.Context, rawToken string) (bool, error)

type Middleware 

type Middleware struct {
	// contains filtered or unexported fields
}

func NewMiddleware 

func NewMiddleware(verifier TokenVerifierInterface, tracer tracing.TracingInterface, monitor monitoring.MonitorInterface, logger logging.LoggerInterface) *Middleware

func (*Middleware) Authenticate 

func (m *Middleware) Authenticate() func(http.Handler) http.Handler

type NoopVerifier 

type NoopVerifier struct{}

func NewNoopVerifier 

func NewNoopVerifier() *NoopVerifier

NewNoopVerifier returns a no-op token verifier that allows all requests.

func (*NoopVerifier) VerifyToken 

func (n *NoopVerifier) VerifyToken(ctx context.Context, rawIDToken string) (bool, error)

VerifyToken always returns true, nil (allowing all requests).

type ProviderInterface 

type ProviderInterface interface {
	// Verifier returns the token verifier associated with the specified OIDC issuer
	Verifier(*oidc.Config) *oidc.IDTokenVerifier
}

type TokenVerifierInterface 

type TokenVerifierInterface interface {
	// VerifyToken verifies a raw JWT string and validates authorization claims
	// Returns true if the token is valid and authorized, false otherwise
	VerifyToken(ctx context.Context, rawToken string) (bool, error)
}

func NewJWTAuthenticator 

func NewJWTAuthenticator(
	ctx context.Context,
	issuer string,
	jwksURL string,
	allowedSubjects []string,
	requiredScope string,
	tracer tracing.TracingInterface,
	monitor monitoring.MonitorInterface,
	logger logging.LoggerInterface,
) (TokenVerifierInterface, error)

NewJWTAuthenticator initializes a JWT token verifier.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.