Documentation
¶
Overview ¶
Package auth defines the backend's identity model -- roles with capability checks, the TokenVerifier seam, multi-issuer dispatch, and the HTTP middleware guarding staff routes. Concrete verifiers live in subpackages: auth/oidc (external SSO issuers) and auth/local (built-in users); either or both may be configured, so a deployment can start with local users and add an IdP later without touching handlers.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( ErrForbidden = errors.New("auth: insufficient role") // 403 )
Sentinel errors mapped to HTTP statuses by the middleware.
Functions ¶
Types ¶
type Identity ¶
type Identity struct {
// Subject is the issuer-scoped stable id (OIDC sub / local user id).
Subject string
Email string
Name string
Roles []Role
// Issuer identifies which configured verifier accepted the token.
Issuer string
}
Identity is a verified caller.
func FromContext ¶
FromContext returns the verified identity a Require middleware stored.
func (Identity) CanModerate ¶
CanModerate reports queue-triage capability.
func (Identity) CanPublish ¶
CanPublish reports graph-publishing (cataloger) capability.
type Multi ¶
type Multi struct {
// contains filtered or unexported fields
}
Multi dispatches verification by the token's (unverified) issuer claim to the verifier configured for that issuer, which then performs the real signature and claim checks. Unknown issuers are rejected.
func NewMulti ¶
func NewMulti(verifiers map[string]TokenVerifier) *Multi
NewMulti maps issuer URLs to their verifiers.
type Role ¶
type Role string
Role is a caller's privilege tier. Roles are ranked; holding a role grants every capability of the ranks below it.
const ( // RolePatron is an authenticated end user with no staff capability. RolePatron Role = "patron" // RoleModerator triages the review queue but cannot publish to the // graph, add manual terms, or read the audit log. RoleModerator Role = "moderator" // RoleLibrarian catalogs: publishes, edits records, runs exports. RoleLibrarian Role = "librarian" // RoleAdmin additionally manages users, configuration, and enrichment. RoleAdmin Role = "admin" )
Directories
¶
| Path | Synopsis |
|---|---|
|
Package local is the backend's built-in user management -- the auth path for deployments without an external IdP, coexisting with auth/oidc behind auth.Multi.
|
Package local is the backend's built-in user management -- the auth path for deployments without an external IdP, coexisting with auth/oidc behind auth.Multi. |
|
Package oidc verifies bearer tokens from an external OIDC issuer -- the pluggable-SSO half of the backend's auth (auth/local is the built-in half).
|
Package oidc verifies bearer tokens from an external OIDC issuer -- the pluggable-SSO half of the backend's auth (auth/local is the built-in half). |