iammiddleware

package
v1.36.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 2, 2026 License: MIT Imports: 13 Imported by: 0

Documentation

Overview

Package iammiddleware provides Gin middleware for validating Hanzo IAM (hanzo.id) JWT tokens. It uses the existing auth.IAMClient for JWKS-based token validation and sets IAM claims in the Gin context for downstream handlers.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetIAMClaims 

func GetIAMClaims(c *gin.Context) *auth.IAMClaims

GetIAMClaims returns the IAM claims from context, or nil if not IAM-authenticated.

func IAMTokenRequired 

func IAMTokenRequired() gin.HandlerFunc

IAMTokenRequired validates hanzo.id JWT tokens via JWKS. If a valid IAM token is found, it resolves the org from the token's "owner" claim and sets both IAM context keys and the standard "organization" + "permissions" keys that downstream handlers expect.

Auth guard behavior:

  • IAM enabled but client initialization failed: 503 Service Unavailable
  • Bearer token present but invalid: 401 Unauthorized (no fallthrough)
  • No Bearer token present: fall through to legacy org-token auth

func Init 

func Init(cfg *auth.IAMConfig) error

Init initializes the IAM middleware with the given configuration. Must be called before IAMTokenRequired() middleware is used. Safe to call multiple times; last call wins.

func IsIAMAuthenticated 

func IsIAMAuthenticated(c *gin.Context) bool

IsIAMAuthenticated checks whether the current request was authenticated via IAM.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.