Why Go
- Case Studies
  
  Common problems companies solve with Go
- Use Cases
  
  Stories about how and why companies use Go
- Security
  
  How Go can help keep you secure by default
Learn
Docs
- Effective Go
  
  Tips for writing clear, performant, and idiomatic Go code
- Go User Manual
  
  A complete introduction to building software with Go
- Standard library
  
  Reference documentation for Go's standard library
- Release Notes
  
  Learn what's new in each Go release
Packages
Community
- Recorded Talks
  
  Videos from prior events
- Meetups
  
  Meet other local Go developers
- Conferences
  
  Learn and network with Go developers from around the world
- Go blog
  
  The Go project's official blog.
- Go project
  
  Get help and stay informed from Go
- Get connected

bff

package

Go to main page

Versions in this module

v0

v0.7.0

May 10, 2026

Changes in this version

+ const ContextKeySession

+ const ErrCodeCSRFViolation

+ const ErrCodeInvalidSession

+ const ErrCodeNoSession

+ const ErrCodeRateLimited

+ const ErrCodeSessionExpired

+ const SessionIDLength

+ var ErrCiphertextTooShort = errors.New("ciphertext too short")

+ var ErrInvalidKeySize = errors.New("encryption key must be 32 bytes for AES-256")

+ var ErrInvalidSession = errors.New("invalid session")

+ var ErrNoDPoPKeyPair = errors.New("session has no DPoP key pair")

+ var ErrOriginsRequired = errors.New("allowed origins are required for CSRF protection")

+ var ErrRefreshFailed = errors.New("token refresh failed")

+ var ErrRefreshTokenExpired = errors.New("refresh token expired")

+ var ErrSessionExpired = errors.New("session expired")

+ var ErrSessionNotFound = errors.New("session not found")

+ var ErrStoreRequired = errors.New("session store is required")

+ var ErrTokenEndpointRequired = errors.New("token endpoint required")

+ func APIProxyMiddleware(targetURL string) (func(http.Handler) http.Handler, error)

+ func AddBFFSecurityScheme(api huma.API, cookieName string)

+ func AutoRefreshMiddleware(config RefreshConfig) (func(http.Handler) http.Handler, error)

+ func GenerateSessionID() (string, error)

+ func GetCloudflareMetadata(r *http.Request) map[string]string

+ func OptionalSessionMiddleware(store Store, cookieManager *CookieManager) func(http.Handler) http.Handler

+ func OriginMiddleware(allowedOrigins ...string) func(http.Handler) http.Handler

+ func RateLimitMiddleware(requestsPerMinute, burstSize int) func(http.Handler) http.Handler

+ func RefreshHandler(config RefreshConfig) http.Handler

+ func RegisterHumaRoutes(api huma.API, config HumaConfig)

+ func RequireSessionMiddleware(store Store, cookieManager *CookieManager) func(http.Handler) http.Handler

+ func SessionMiddleware(config MiddlewareConfig) func(http.Handler) http.Handler

+ func SimpleProxy(targetURL string) (http.Handler, error)

+ type BFFErrorResponse struct

+ Error string

+ Message string

+ type ClientIPConfig struct

+ CloudflareIPRanges []string

+ TrustCloudflare bool

+ TrustProxy bool

+ TrustedProxies []string

+ func CloudflareClientIPConfig() ClientIPConfig

+ func DefaultClientIPConfig() ClientIPConfig

+ type ClientIPExtractor struct

+ func NewClientIPExtractor(config ClientIPConfig) *ClientIPExtractor

+ func (e *ClientIPExtractor) GetClientIP(r *http.Request) string

+ type CookieConfig struct

+ Domain string

+ HTTPOnly bool

+ MaxAge int

+ Name string

+ Path string

+ SameSite http.SameSite

+ Secure bool

+ func DefaultCookieConfig() CookieConfig

+ type CookieManager struct

+ func NewCookieManager(config CookieConfig) *CookieManager

+ func (m *CookieManager) ClearSessionCookie(w http.ResponseWriter)

+ func (m *CookieManager) Config() CookieConfig

+ func (m *CookieManager) GetSessionID(r *http.Request) string

+ func (m *CookieManager) SetSessionCookie(w http.ResponseWriter, sessionID string, expiry time.Time)

+ type CreateSessionParams struct

+ AccessToken string

+ AccessTokenExpiresIn time.Duration

+ DPoPKeyPairJSON []byte

+ DPoPThumbprint string

+ Metadata map[string]string

+ OrganizationID *uuid.UUID

+ RefreshToken string

+ RefreshTokenExpiresIn time.Duration

+ UserID uuid.UUID

+ type Encryptor struct

+ func NewEncryptor(key []byte) (*Encryptor, error)

+ func (e *Encryptor) Decrypt(ciphertext []byte) ([]byte, error)

+ func (e *Encryptor) DecryptString(ciphertext []byte) (string, error)

+ func (e *Encryptor) Encrypt(plaintext []byte) ([]byte, error)

+ func (e *Encryptor) EncryptString(plaintext string) ([]byte, error)

+ type EndpointLimit struct

+ BurstSize int

+ RequestsPerMinute int

+ type EntClientInterface interface

+ CleanupExpiredBFFSessions func(ctx context.Context, limit int) (int, error)

+ CreateBFFSession func(ctx context.Context, session *Session) error

+ DeleteBFFSession func(ctx context.Context, id string) error

+ DeleteBFFSessionsByUserID func(ctx context.Context, userID uuid.UUID) (int, error)

+ GetBFFSession func(ctx context.Context, id string) (*Session, error)

+ TouchBFFSession func(ctx context.Context, id string) error

+ UpdateBFFSession func(ctx context.Context, session *Session) error

+ type EntStore struct

+ func NewEntStore(config EntStoreConfig) (*EntStore, error)

+ func (s *EntStore) Cleanup(ctx context.Context) (int, error)

+ func (s *EntStore) Close() error

+ func (s *EntStore) Create(ctx context.Context, session *Session) error

+ func (s *EntStore) Delete(ctx context.Context, id string) error

+ func (s *EntStore) DeleteByUserID(ctx context.Context, userID string) (int, error)

+ func (s *EntStore) Get(ctx context.Context, id string) (*Session, error)

+ func (s *EntStore) Touch(ctx context.Context, id string) error

+ func (s *EntStore) Update(ctx context.Context, session *Session) error

+ type EntStoreConfig struct

+ CleanupBatchSize int

+ CleanupInterval time.Duration

+ Client EntClientInterface

+ EncryptionKey []byte

+ type GetSessionInput struct

+ type GetSessionOutput struct

+ Body SessionStatusResponse

+ type Handler struct

+ func NewHandler(config HandlerConfig) (*Handler, error)

+ func (h *Handler) Close() error

+ func (h *Handler) CookieManager() *CookieManager

+ func (h *Handler) CreateSession(ctx context.Context, w http.ResponseWriter, r *http.Request, ...) (*Session, error)

+ func (h *Handler) Router() chi.Router

+ func (h *Handler) Store() Store

+ type HandlerConfig struct

+ APIPathPrefix string

+ AllowedOrigins []string

+ BasePath string

+ ClientIPConfig ClientIPConfig

+ CookieConfig CookieConfig

+ EnableProxyForPublicRoutes bool

+ OnCreateSession func(ctx context.Context, session *Session) error

+ OnLogout func(ctx context.Context, session *Session) error

+ OnRefresh func(ctx context.Context, session *Session) (*TokenRefreshResult, error)

+ OnSessionLoad func(ctx context.Context, session *Session) error

+ ProxyConfig ProxyConfig

+ RateLimitConfig *RateLimitConfig

+ SessionIDGenerator func() (string, error)

+ Store Store

+ type HumaConfig struct

+ Handler *Handler

+ IncludeRateLimitDocs bool

+ PathPrefix string

+ Tags []string

+ type LogoutInput struct

+ Origin string

+ type LogoutOutput struct

+ Body LogoutResponse

+ type LogoutResponse struct

+ Message string

+ type MemoryStore struct

+ func NewMemoryStore(config StoreConfig) *MemoryStore

+ func (s *MemoryStore) Cleanup(ctx context.Context) (int, error)

+ func (s *MemoryStore) Close() error

+ func (s *MemoryStore) Count() int

+ func (s *MemoryStore) Create(ctx context.Context, session *Session) error

+ func (s *MemoryStore) Delete(ctx context.Context, id string) error

+ func (s *MemoryStore) DeleteByUserID(ctx context.Context, userID string) (int, error)

+ func (s *MemoryStore) Get(ctx context.Context, id string) (*Session, error)

+ func (s *MemoryStore) Touch(ctx context.Context, id string) error

+ func (s *MemoryStore) Update(ctx context.Context, session *Session) error

+ type MiddlewareConfig struct

+ CookieManager *CookieManager

+ OnNoSession func(w http.ResponseWriter, r *http.Request)

+ OnSessionExpired func(w http.ResponseWriter, r *http.Request)

+ OnSessionInvalid func(w http.ResponseWriter, r *http.Request)

+ OnSessionLoad func(ctx context.Context, session *Session) error

+ RefreshThreshold time.Duration

+ RequireSession bool

+ Store Store

+ TouchOnAccess bool

+ type OriginConfig struct

+ AllowMissingOrigin bool

+ AllowedHosts []string

+ AllowedOrigins []string

+ CheckReferer bool

+ OnError func(w http.ResponseWriter, r *http.Request)

+ SkipMethods []string

+ func DefaultOriginConfig() OriginConfig

+ type OriginValidator struct

+ func NewOriginValidator(config OriginConfig) *OriginValidator

+ func (v *OriginValidator) Middleware() func(http.Handler) http.Handler

+ func (v *OriginValidator) ValidateRequest(r *http.Request) bool

+ type Proxy struct

+ func NewProxy(config ProxyConfig) (*Proxy, error)

+ func (p *Proxy) Handler() http.Handler

+ func (p *Proxy) ProxyRequest(ctx context.Context, method, path string, body io.Reader) (*http.Response, error)

+ type ProxyConfig struct

+ Client *http.Client

+ HeadersToForward []string

+ HeadersToRemove []string

+ OnError func(w http.ResponseWriter, r *http.Request, err error)

+ OnRequestRewrite func(r *http.Request, session *Session)

+ PathRewrite func(path string) string

+ ResponseHeadersToRemove []string

+ StripPrefix string

+ TargetURL string

+ Timeout time.Duration

+ UseDPoP bool

+ func DefaultProxyConfig() ProxyConfig

+ type RateLimitConfig struct

+ BurstSize int

+ CleanupInterval time.Duration

+ EndpointLimits map[string]EndpointLimit

+ ExcludePaths []string

+ KeyFunc func(r *http.Request) string

+ OnLimitExceeded func(w http.ResponseWriter, r *http.Request, info RateLimitInfo)

+ RequestsPerMinute int

+ TrustCloudflare bool

+ func DefaultRateLimitConfig() RateLimitConfig

+ type RateLimitInfo struct

+ Limit int

+ Remaining int

+ ResetAt time.Time

+ RetryAfter int

+ type RateLimiter struct

+ func NewRateLimiter(config RateLimitConfig) *RateLimiter

+ func (rl *RateLimiter) Close()

+ func (rl *RateLimiter) Middleware() func(http.Handler) http.Handler

+ type RefreshConfig struct

+ Client *http.Client

+ ClientID string

+ ClientSecret string

+ CookieManager *CookieManager

+ OnRefreshError func(w http.ResponseWriter, r *http.Request, err error)

+ OnRefreshSuccess func(ctx context.Context, session *Session)

+ ParseTokenResponse func(body []byte) (*TokenResponse, error)

+ RefreshThreshold time.Duration

+ Store Store

+ Timeout time.Duration

+ TokenEndpoint string

+ UseDPoP bool

+ func DefaultRefreshConfig() RefreshConfig

+ type RefreshInput struct

+ Origin string

+ type RefreshOutput struct

+ Body RefreshResponse

+ RateLimitLimit int

+ RateLimitRemaining int

+ RateLimitReset int64

+ type RefreshResponse struct

+ ExpiresAt int64

+ Message string

+ type Refresher struct

+ func NewRefresher(config RefreshConfig) (*Refresher, error)

+ func (r *Refresher) Middleware() func(http.Handler) http.Handler

+ func (r *Refresher) RefreshSession(ctx context.Context, session *Session) error

+ type Session struct

+ AccessToken string

+ AccessTokenExpiresAt time.Time

+ CreatedAt time.Time

+ DPoPKeyPairJSON []byte

+ DPoPThumbprint string

+ ExpiresAt time.Time

+ ID string

+ IPAddress string

+ LastAccessedAt time.Time

+ Metadata map[string]string

+ OrganizationID *uuid.UUID

+ RefreshToken string

+ RefreshTokenExpiresAt time.Time

+ UpdatedAt time.Time

+ UserAgent string

+ UserID uuid.UUID

+ func GetSession(ctx context.Context) *Session

+ func NewSession(userID uuid.UUID, accessToken, refreshToken string, ...) (*Session, error)

+ func (s *Session) EncryptedAccessToken() []byte

+ func (s *Session) EncryptedDPoPKeyPair() []byte

+ func (s *Session) EncryptedRefreshToken() []byte

+ func (s *Session) GetDPoPKeyPair() (*dpop.KeyPair, error)

+ func (s *Session) HasDPoP() bool

+ func (s *Session) IsAccessTokenExpired() bool

+ func (s *Session) IsExpired() bool

+ func (s *Session) IsRefreshTokenExpired() bool

+ func (s *Session) NeedsRefresh(threshold time.Duration) bool

+ func (s *Session) SetDPoPKeyPair(kp *dpop.KeyPair) error

+ func (s *Session) SetEncryptedTokens(accessToken, refreshToken, dpopKeyPair []byte)

+ type SessionInfoResponse struct

+ Authenticated bool

+ ExpiresAt *time.Time

+ UserID *uuid.UUID

+ type SessionStatusResponse struct

+ AccessTokenExpiresAt *time.Time

+ Authenticated bool

+ ExpiresAt *time.Time

+ OrganizationID *uuid.UUID

+ UserID *uuid.UUID

+ type Store interface

+ Cleanup func(ctx context.Context) (int, error)

+ Close func() error

+ Create func(ctx context.Context, session *Session) error

+ Delete func(ctx context.Context, id string) error

+ DeleteByUserID func(ctx context.Context, userID string) (int, error)

+ Get func(ctx context.Context, id string) (*Session, error)

+ Touch func(ctx context.Context, id string) error

+ Update func(ctx context.Context, session *Session) error

+ type StoreConfig struct

+ CleanupInterval int

+ EncryptionKey []byte

+ MaxSessions int

+ func DefaultStoreConfig() StoreConfig

+ type TokenErrorResponse struct

+ Error string

+ ErrorDescription string

+ type TokenRefreshResult struct

+ AccessToken string

+ AccessTokenExpiresIn time.Duration

+ RefreshToken string

+ RefreshTokenExpiresIn time.Duration

+ type TokenResponse struct

+ AccessToken string

+ ExpiresIn int

+ RefreshToken string

+ Scope string

+ TokenType string