Documentation
¶
Overview ¶
Package server hosts the AuthKit management HTTP API — the wire contract a standalone AuthKit server exposes and the authkit/remote SDK consumes (#142).
Transport: ONE generic dispatch endpoint, POST /v1/call/{Method}, where {Method} is a method name on authkit.Client. The request body is a JSON object of the method's named arguments; the response is {"result": <value>} on success or {"error": {"code": "<sentinel-code>"}} on failure. This is the etcd "one client, two transports" model (#138): handlers are defined ONCE over any authkit.Client (the embedded engine in-process, or a test fake), and authkit/remote marshals the SAME contract — so the two transports cannot drift the way two independent client implementations would.
The method registry is assembled from per-capability slice maps (methods_*.go). Error identity survives the wire because the server emits the sentinel's code (err.Error()) and remote resolves it through authkit.ErrorForCode.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewHandler ¶ added in v0.70.0
NewHandler serves the management API over the given AuthKit client, gated by a static bearer token ("" disables the gate — dev only). The handler dispatches POST /v1/call/{Method} through generatedMethods (see methods_gen.go, produced by `go generate ./...` from the authkit.Client interface).
Types ¶
type ErrorResponse ¶
type ErrorResponse struct {
Error struct {
Code string `json:"code"`
} `json:"error"`
}
ErrorResponse is the failure wire shape. Code is the AuthKit sentinel's code (its .Error()), so remote re-derives errors.Is(err, authkit.ErrX) identity.
type MethodFunc ¶ added in v0.70.0
MethodFunc adapts one authkit.Client method to the wire: decode the JSON args, invoke the method, and return the result value (marshaled into {"result": ...}). A nil result with nil error encodes as {"result": null} (void methods).
Source Files