auth

package
v0.18.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 27, 2026 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrMissingToken       = errors.New("missing token")
	ErrInvalidToken       = errors.New("invalid token")
	ErrMissingAuthHeaders = errors.New("missing authentication headers")
	ErrInvalidTimestamp   = errors.New("invalid timestamp")
	ErrRequestExpired     = errors.New("request expired")
	ErrInvalidSignature   = errors.New("invalid signature")
)
View Source 
var Module = fx.Module(
	"vef:api:auth",
	fx.Provide(
		fx.Private,
		fx.Annotate(
			NewAccessTokenAuthenticator,
			fx.ResultTags(`group:"vef:api:bearer_authenticators"`),
		),
		fx.Annotate(
			NewNone,
			fx.ResultTags(`group:"vef:api:auth_strategies"`),
		),
		fx.Annotate(
			NewBearer,
			fx.ParamTags(`group:"vef:api:bearer_authenticators"`),
			fx.ResultTags(`group:"vef:api:auth_strategies"`),
		),
		fx.Annotate(
			NewSignature,
			fx.ParamTags(`optional:"true"`),
			fx.ResultTags(`group:"vef:api:auth_strategies"`),
		),
	),
	fx.Provide(
		fx.Annotate(
			NewRegistry,
			fx.ParamTags(`group:"vef:api:auth_strategies"`),
		),
	),
)

Functions

func NewBearer 

func NewBearer(authenticators []TokenAuthenticator, opts ...BearerOption) api.AuthStrategy

NewBearer creates a new Bearer token authentication strategy.

func NewNone 

func NewNone() api.AuthStrategy

NewNone creates a new none authentication strategy.

func NewRegistry 

func NewRegistry(strategies ...api.AuthStrategy) api.AuthStrategyRegistry

NewRegistry creates a new authentication strategy registry.

func NewSignature 

func NewSignature(loader ExternalAppLoader, opts ...SignatureOption) api.AuthStrategy

NewSignature creates a new signature authentication strategy.

Types

type AccessTokenAuthenticator 

type AccessTokenAuthenticator struct {
	// contains filtered or unexported fields
}

func (*AccessTokenAuthenticator) Authenticate 

func (a *AccessTokenAuthenticator) Authenticate(ctx context.Context, token string) (*security.Principal, error)

type BearerOption 

type BearerOption func(*BearerStrategy)

BearerOption configures BearerStrategy.

func WithTokenExtractor 

func WithTokenExtractor(e extractors.Extractor) BearerOption

WithTokenExtractor sets a custom token extractor.

type BearerStrategy 

type BearerStrategy struct {
	// contains filtered or unexported fields
}

BearerStrategy implements api.AuthStrategy for Bearer token authentication.

func (*BearerStrategy) Authenticate 

func (s *BearerStrategy) Authenticate(ctx fiber.Ctx, _ map[string]any) (*security.Principal, error)

Authenticate validates the bearer token and returns the principal.

func (*BearerStrategy) Name 

func (*BearerStrategy) Name() string

Name returns the strategy name.

type ExternalApp 

type ExternalApp struct {
	ID        string
	Secret    string
	Principal *security.Principal
}

ExternalApp represents an external application for signature authentication.

type ExternalAppLoader 

type ExternalAppLoader interface {
	Load(ctx context.Context, appID string) (*ExternalApp, error)
}

ExternalAppLoader loads external app by ID.

type NoneStrategy 

type NoneStrategy struct{}

NoneStrategy implements api.AuthStrategy for public endpoints.

func (*NoneStrategy) Authenticate 

func (*NoneStrategy) Authenticate(fiber.Ctx, map[string]any) (*security.Principal, error)

Authenticate returns anonymous principal.

func (*NoneStrategy) Name 

func (*NoneStrategy) Name() string

Name returns the strategy name.

type Registry 

type Registry struct {
	// contains filtered or unexported fields
}

Registry implements api.AuthStrategyRegistry using a concurrent map.

func (*Registry) Get 

func (r *Registry) Get(name string) (api.AuthStrategy, bool)

Get retrieves a strategy by name.

func (*Registry) Names 

func (r *Registry) Names() []string

Names returns all registered strategy names.

func (*Registry) Register 

func (r *Registry) Register(strategy api.AuthStrategy)

Register adds a strategy to the registry.

type SignatureOption 

type SignatureOption func(*SignatureStrategy)

SignatureOption configures SignatureStrategy.

func WithHeaders 

func WithHeaders(appID, timestamp, signature string) SignatureOption

WithHeaders sets custom header names.

func WithTimestampTolerance 

func WithTimestampTolerance(d time.Duration) SignatureOption

WithTimestampTolerance sets the timestamp tolerance.

type SignatureStrategy 

type SignatureStrategy struct {
	// contains filtered or unexported fields
}

SignatureStrategy implements api.AuthStrategy for HMAC signature authentication.

func (*SignatureStrategy) Authenticate 

func (s *SignatureStrategy) Authenticate(ctx fiber.Ctx, _ map[string]any) (*security.Principal, error)

Authenticate validates the signature and returns the principal.

func (*SignatureStrategy) Name 

func (*SignatureStrategy) Name() string

Name returns the strategy name.

type TokenAuthenticator 

type TokenAuthenticator interface {
	Authenticate(ctx context.Context, token string) (*security.Principal, error)
}

TokenAuthenticator validates a token and returns the principal.

func NewAccessTokenAuthenticator 

func NewAccessTokenAuthenticator(manager security.AuthManager) TokenAuthenticator

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.