auth

package
v0.19.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 27, 2026 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrMissingToken = errors.New("missing token")
	ErrInvalidToken = errors.New("invalid token")
)
View Source 
var Module = fx.Module(
	"vef:api:auth",
	fx.Provide(
		fx.Private,
		fx.Annotate(
			NewAccessTokenAuthenticator,
			fx.ResultTags(`group:"vef:api:bearer_authenticators"`),
		),
		fx.Annotate(
			NewNone,
			fx.ResultTags(`group:"vef:api:auth_strategies"`),
		),
		fx.Annotate(
			NewBearer,
			fx.ParamTags(`group:"vef:api:bearer_authenticators"`),
			fx.ResultTags(`group:"vef:api:auth_strategies"`),
		),
		fx.Annotate(
			NewSignature,
			fx.ParamTags(`optional:"true"`),
			fx.ResultTags(`group:"vef:api:auth_strategies"`),
		),
	),
	fx.Provide(
		fx.Annotate(
			NewRegistry,
			fx.ParamTags(`group:"vef:api:auth_strategies"`),
		),
	),
)

Functions

func NewBearer 

func NewBearer(authenticators []TokenAuthenticator, opts ...BearerOption) api.AuthStrategy

NewBearer creates a new Bearer token authentication strategy.

func NewNone 

func NewNone() api.AuthStrategy

NewNone creates a new none authentication strategy.

func NewRegistry 

func NewRegistry(strategies ...api.AuthStrategy) api.AuthStrategyRegistry

NewRegistry creates a new authentication strategy registry.

func NewSignature 

func NewSignature(authManager security.AuthManager) api.AuthStrategy

NewSignature creates a new signature authentication strategy. The authManager is used to delegate the actual authentication to SignatureAuthenticator.

Types

type AccessTokenAuthenticator 

type AccessTokenAuthenticator struct {
	// contains filtered or unexported fields
}

func (*AccessTokenAuthenticator) Authenticate 

func (a *AccessTokenAuthenticator) Authenticate(ctx context.Context, token string) (*security.Principal, error)

type BearerOption 

type BearerOption func(*BearerStrategy)

BearerOption configures BearerStrategy.

func WithTokenExtractor 

func WithTokenExtractor(e extractors.Extractor) BearerOption

WithTokenExtractor sets a custom token extractor.

type BearerStrategy 

type BearerStrategy struct {
	// contains filtered or unexported fields
}

BearerStrategy implements api.AuthStrategy for Bearer token authentication.

func (*BearerStrategy) Authenticate 

func (s *BearerStrategy) Authenticate(ctx fiber.Ctx, _ map[string]any) (*security.Principal, error)

Authenticate validates the bearer token and returns the principal.

func (*BearerStrategy) Name 

func (*BearerStrategy) Name() string

Name returns the strategy name.

type NoneStrategy 

type NoneStrategy struct{}

NoneStrategy implements api.AuthStrategy for public endpoints.

func (*NoneStrategy) Authenticate 

func (*NoneStrategy) Authenticate(fiber.Ctx, map[string]any) (*security.Principal, error)

Authenticate returns anonymous principal.

func (*NoneStrategy) Name 

func (*NoneStrategy) Name() string

Name returns the strategy name.

type Registry 

type Registry struct {
	// contains filtered or unexported fields
}

Registry implements api.AuthStrategyRegistry using a concurrent map.

func (*Registry) Get 

func (r *Registry) Get(name string) (api.AuthStrategy, bool)

Get retrieves a strategy by name.

func (*Registry) Names 

func (r *Registry) Names() []string

Names returns all registered strategy names.

func (*Registry) Register 

func (r *Registry) Register(strategy api.AuthStrategy)

Register adds a strategy to the registry.

type SignatureStrategy 

type SignatureStrategy struct {
	// contains filtered or unexported fields
}

SignatureStrategy implements api.AuthStrategy for HMAC signature authentication. It extracts credentials from HTTP headers and delegates authentication to the security.AuthManager, following the Spring Security pattern.

Required headers:

  • X-App-ID: Application identifier (used as Principal)
  • X-Timestamp: Unix timestamp in seconds
  • X-Nonce: Random string for replay attack prevention
  • X-Signature: HMAC signature in hex encoding

func (*SignatureStrategy) Authenticate 

func (s *SignatureStrategy) Authenticate(ctx fiber.Ctx, _ map[string]any) (*security.Principal, error)

Authenticate extracts credentials from request headers and delegates authentication to the AuthManager. Headers are extracted and formatted as: Principal=AppID, Credentials="timestamp:nonce:signature".

func (*SignatureStrategy) Name 

func (*SignatureStrategy) Name() string

Name returns the strategy name.

type TokenAuthenticator 

type TokenAuthenticator interface {
	Authenticate(ctx context.Context, token string) (*security.Principal, error)
}

TokenAuthenticator validates a token and returns the principal.

func NewAccessTokenAuthenticator 

func NewAccessTokenAuthenticator(manager security.AuthManager) TokenAuthenticator

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.