remote

package

v0.70.0 Latest Latest Go to latest Published: Jun 26, 2026 License: MIT Imports: 11 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/open-rails/authkit

Links

Open Source Insights

Documentation ¶

Overview ¶

Package remote is the AuthKit remote SDK: a Go client that talks to a standalone AuthKit server's management API over HTTP and satisfies the SAME authkit.Client contract an in-process embedded.Client does (#142), so a host swaps embedded↔remote with one construction line:

var c authkit.Client
c, _ = embedded.New(cfg, pg)        // in-process
c, _ = remote.New(baseURL, token)   // standalone, over HTTP
c.CreateUser(ctx, "a@b.com", "alice")

Transport: every method marshals its arguments to the management API's generic POST /v1/call/{Method} contract (see authkit/server) and decodes {"result": ...}. Argument/result structs are shared with the server package (etcd's api/v3 model), so the two transports cannot drift. AuthKit sentinel errors are re-derived from the wire via authkit.ErrorForCode, so errors.Is(err, authkit.ErrX) holds across the network. Lean: net/http + encoding/json + the authkit contract only — no engine, no pgx.

Index ¶

type Client
- func New(baseURL, token string) *Client

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Client ¶

type Client struct {
	// contains filtered or unexported fields
}

Client is a remote-backed AuthKit client. It satisfies authkit.Client; the compile-time assertion lives in conformance.go.

func New ¶

func New(baseURL, token string) *Client

New builds a remote client for the management API at baseURL, authenticating with a static bearer token (the app→server credential; "" = none).

func (*Client) AdminCountUsers ¶ added in v0.70.0

func (c *Client) AdminCountUsers(ctx context.Context, opts authkit.AdminUserListOptions) (int64, error)

func (*Client) AdminGetUser ¶ added in v0.70.0

func (c *Client) AdminGetUser(ctx context.Context, id string) (*authkit.AdminUser, error)

func (*Client) AdminListUserSessions ¶ added in v0.70.0

func (c *Client) AdminListUserSessions(ctx context.Context, userID string) ([]authkit.Session, error)

func (*Client) AdminListUsers ¶ added in v0.70.0

func (c *Client) AdminListUsers(ctx context.Context, opts authkit.AdminUserListOptions) (*authkit.AdminListUsersResult, error)

func (*Client) AdminRevokeUserSessions ¶ added in v0.70.0

func (c *Client) AdminRevokeUserSessions(ctx context.Context, userID string) error

func (*Client) AdminSetPassword ¶ added in v0.70.0

func (c *Client) AdminSetPassword(ctx context.Context, userID string, new string) error

func (*Client) ApplyBootstrapManifest ¶ added in v0.70.0

func (c *Client) ApplyBootstrapManifest(ctx context.Context, manifest authkit.BootstrapManifest, opts authkit.BootstrapReconcileOptions) (authkit.BootstrapManifestResult, error)

func (*Client) AssignGroupRole ¶ added in v0.70.0

func (c *Client) AssignGroupRole(ctx context.Context, persona string, instanceSlug string, subjectID string, subjectKind string, role string) error

func (*Client) AssignGroupRoleAs ¶ added in v0.70.0

func (c *Client) AssignGroupRoleAs(ctx context.Context, actorUserID string, persona string, instanceSlug string, subjectID string, subjectKind string, role string) error

func (*Client) AssignRoleBySlug ¶ added in v0.70.0

func (c *Client) AssignRoleBySlug(ctx context.Context, userID string, slug string) error

func (*Client) AssignRoleBySlugAs ¶ added in v0.70.0

func (c *Client) AssignRoleBySlugAs(ctx context.Context, actorUserID string, userID string, slug string) error

func (*Client) BanUser ¶ added in v0.70.0

func (c *Client) BanUser(ctx context.Context, userID string, reason *string, until *time.Time, bannedBy string) error

func (*Client) Can ¶

func (c *Client) Can(ctx context.Context, subjectID string, subjectKind string, persona string, instanceSlug string, perm string) (bool, error)

func (*Client) ChangePassword ¶ added in v0.70.0

func (c *Client) ChangePassword(ctx context.Context, userID string, current string, new string, keepSessionID *string) error

func (*Client) CheckSMSHealth ¶ added in v0.70.0

func (c *Client) CheckSMSHealth(ctx context.Context) error

func (*Client) CleanupExpiredAuthState ¶ added in v0.70.0

func (c *Client) CleanupExpiredAuthState(ctx context.Context) error

func (*Client) ClearPasswordlessCodeAttempts ¶ added in v0.70.0

func (c *Client) ClearPasswordlessCodeAttempts(ctx context.Context, identifier string)

func (*Client) ConfirmPasswordlessCode ¶ added in v0.70.0

func (c *Client) ConfirmPasswordlessCode(ctx context.Context, identifier string, code string) (authkit.PasswordlessConfirmResult, error)

func (*Client) ConfirmPasswordlessToken ¶ added in v0.70.0

func (c *Client) ConfirmPasswordlessToken(ctx context.Context, token string) (authkit.PasswordlessConfirmResult, error)

func (*Client) CreateGroupInviteLink ¶ added in v0.70.0

func (c *Client) CreateGroupInviteLink(ctx context.Context, req authkit.CreateGroupInviteLinkRequest) (authkit.GroupInviteLinkCreated, error)

func (*Client) CreatePermissionGroup ¶ added in v0.70.0

func (c *Client) CreatePermissionGroup(ctx context.Context, req authkit.CreatePermissionGroupRequest) (string, error)

func (*Client) CreateUser ¶ added in v0.70.0

func (c *Client) CreateUser(ctx context.Context, email string, username string) (*authkit.User, error)

func (*Client) DeleteRemoteApplication ¶ added in v0.70.0

func (c *Client) DeleteRemoteApplication(ctx context.Context, issuer string) error

func (*Client) EnsureRootGroup ¶ added in v0.70.0

func (c *Client) EnsureRootGroup(ctx context.Context) (string, error)

func (*Client) ExchangeRefreshToken ¶ added in v0.70.0

func (c *Client) ExchangeRefreshToken(ctx context.Context, refreshToken string, ua string, ip net.IP) (string, time.Time, string, error)

func (*Client) ExternalInvitesEnabled ¶ added in v0.70.0

func (c *Client) ExternalInvitesEnabled() bool

func (*Client) GetEmailByUserID ¶ added in v0.70.0

func (c *Client) GetEmailByUserID(ctx context.Context, id string) (string, error)

func (*Client) GetProviderUsername ¶ added in v0.70.0

func (c *Client) GetProviderUsername(ctx context.Context, userID string, provider string) (string, error)

func (*Client) GetRemoteApplication ¶ added in v0.70.0

func (c *Client) GetRemoteApplication(ctx context.Context, issuer string) (*authkit.RemoteApplication, error)

func (*Client) GetUserByEmail ¶ added in v0.70.0

func (c *Client) GetUserByEmail(ctx context.Context, email string) (*authkit.User, error)

func (*Client) GetUserByPhone ¶ added in v0.70.0

func (c *Client) GetUserByPhone(ctx context.Context, phone string) (*authkit.User, error)

func (*Client) GetUserBySolanaAddress ¶ added in v0.70.0

func (c *Client) GetUserBySolanaAddress(ctx context.Context, address string) (*authkit.User, error)

func (*Client) GetUserByUsername ¶ added in v0.70.0

func (c *Client) GetUserByUsername(ctx context.Context, username string) (*authkit.User, error)

func (*Client) GetUserMetadata ¶ added in v0.70.0

func (c *Client) GetUserMetadata(ctx context.Context, userID string) (map[string]any, error)

func (*Client) HardDeleteUser ¶ added in v0.70.0

func (c *Client) HardDeleteUser(ctx context.Context, userID string) error

func (*Client) HasEmailSender ¶ added in v0.70.0

func (c *Client) HasEmailSender() bool

func (*Client) HasSMSSender ¶ added in v0.70.0

func (c *Client) HasSMSSender() bool

func (*Client) ImportUsers ¶ added in v0.70.0

func (c *Client) ImportUsers(ctx context.Context, inputs []authkit.ImportUserInput) (authkit.ImportUsersResult, error)

func (*Client) IsUserAllowed ¶

func (c *Client) IsUserAllowed(ctx context.Context, userID string) (bool, error)

func (*Client) IssueAccessToken ¶ added in v0.70.0

func (c *Client) IssueAccessToken(ctx context.Context, userID string, email string, extra map[string]any) (string, time.Time, error)

func (*Client) LinkProvider ¶ added in v0.70.0

func (c *Client) LinkProvider(ctx context.Context, userID string, provider string, subject string, email *string) error

func (*Client) LinkProviderByIssuer ¶ added in v0.70.0

func (c *Client) LinkProviderByIssuer(ctx context.Context, userID string, issuer string, providerSlug string, subject string, email *string) error

func (*Client) ListAPIKeys ¶ added in v0.70.0

func (c *Client) ListAPIKeys(ctx context.Context, persona string, instanceSlug string) ([]authkit.APIKey, error)

func (*Client) ListEffectivePermissions ¶

func (c *Client) ListEffectivePermissions(ctx context.Context, subjectID string, subjectKind string, persona string, instanceSlug string) ([]string, error)

func (*Client) ListEntitlements ¶ added in v0.70.0

func (c *Client) ListEntitlements(ctx context.Context, userID string) []string

func (*Client) ListGroupInviteLinks ¶ added in v0.70.0

func (c *Client) ListGroupInviteLinks(ctx context.Context, persona string, instanceSlug string) ([]authkit.GroupInviteLink, error)

func (*Client) ListGroupMembers ¶ added in v0.70.0

func (c *Client) ListGroupMembers(ctx context.Context, persona string, instanceSlug string) ([]authkit.GroupMember, error)

func (*Client) ListRemoteApplications ¶ added in v0.70.0

func (c *Client) ListRemoteApplications(ctx context.Context, activeOnly bool) ([]authkit.RemoteApplication, error)

func (*Client) ListRoleSlugsByUser ¶ added in v0.70.0

func (c *Client) ListRoleSlugsByUser(ctx context.Context, userID string) []string

func (*Client) ListRoleSlugsByUserErr ¶

func (c *Client) ListRoleSlugsByUserErr(ctx context.Context, userID string) ([]string, error)

func (*Client) ListSubjectGroups ¶ added in v0.70.0

func (c *Client) ListSubjectGroups(ctx context.Context, subjectID string, subjectKind string) ([]authkit.SubjectGroupMembership, error)

func (*Client) ListUserSessions ¶ added in v0.70.0

func (c *Client) ListUserSessions(ctx context.Context, userID string) ([]authkit.Session, error)

func (*Client) ListUsersDeletedBefore ¶ added in v0.70.0

func (c *Client) ListUsersDeletedBefore(ctx context.Context, cutoff time.Time, limit int) ([]string, error)

func (*Client) MintAPIKey ¶ added in v0.70.0

func (c *Client) MintAPIKey(ctx context.Context, persona string, instanceSlug string, name string, role string, createdBy string, expiresAt *time.Time) (authkit.APIKey, string, error)

func (*Client) MintAPIKeyWithOptions ¶ added in v0.70.0

func (c *Client) MintAPIKeyWithOptions(ctx context.Context, persona string, instanceSlug string, opts authkit.APIKeyMintOptions) (authkit.APIKey, string, error)

func (*Client) MintCustomJWT ¶ added in v0.70.0

func (c *Client) MintCustomJWT(ctx context.Context, opts authkit.CustomJWTMintOptions) (string, error)

func (*Client) MintDelegatedAccessToken ¶ added in v0.70.0

func (c *Client) MintDelegatedAccessToken(ctx context.Context, p authkit.DelegatedAccessParams) (string, error)

func (*Client) MintRemoteApplicationAccessToken ¶ added in v0.70.0

func (c *Client) MintRemoteApplicationAccessToken(ctx context.Context, p authkit.RemoteApplicationAccessParams) (string, error)

func (*Client) MintServiceJWT ¶ added in v0.70.0

func (c *Client) MintServiceJWT(ctx context.Context, opts authkit.ServiceJWTMintOptions) (string, authkit.ServiceJWTClaims, error)

func (*Client) PatchUserMetadata ¶ added in v0.70.0

func (c *Client) PatchUserMetadata(ctx context.Context, userID string, patch map[string]any) error

func (*Client) RecordFailedPasswordlessCode ¶ added in v0.70.0

func (c *Client) RecordFailedPasswordlessCode(ctx context.Context, identifier string)

func (*Client) RedeemGroupInviteLink ¶ added in v0.70.0

func (c *Client) RedeemGroupInviteLink(ctx context.Context, code string, redeemerUserID string) (authkit.RedeemGroupInviteLinkResult, error)

func (*Client) RemoveGroupSubjectAs ¶ added in v0.70.0

func (c *Client) RemoveGroupSubjectAs(ctx context.Context, actorUserID string, persona string, instanceSlug string, subjectID string, subjectKind string) error

func (*Client) RemoveRoleBySlug ¶ added in v0.70.0

func (c *Client) RemoveRoleBySlug(ctx context.Context, userID string, slug string) error

func (*Client) RemoveRoleBySlugAs ¶ added in v0.70.0

func (c *Client) RemoveRoleBySlugAs(ctx context.Context, actorUserID string, userID string, slug string) error

func (*Client) ResolveAPIKey ¶ added in v0.70.0

func (c *Client) ResolveAPIKey(ctx context.Context, keyID string, secret string) (string, []string, error)

func (*Client) ResolveAPIKeyWithResources ¶ added in v0.70.0

func (c *Client) ResolveAPIKeyWithResources(ctx context.Context, keyID string, secret string) (authkit.ResolvedAPIKey, error)

func (*Client) ResolveGroupIDForSlug ¶ added in v0.70.0

func (c *Client) ResolveGroupIDForSlug(ctx context.Context, persona string, instanceSlug string) (string, error)

func (*Client) ResolveRemoteAppAttributeDef ¶ added in v0.70.0

func (c *Client) ResolveRemoteAppAttributeDef(ctx context.Context, appID string, key string, version int32) (*authkit.RemoteAppAttributeDef, error)

func (*Client) ResolveRemoteApplicationAuthority ¶ added in v0.70.0

func (c *Client) ResolveRemoteApplicationAuthority(ctx context.Context, appID string) ([]string, error)

func (*Client) RestoreUser ¶ added in v0.70.0

func (c *Client) RestoreUser(ctx context.Context, id string) error

func (*Client) RevokeAPIKey ¶ added in v0.70.0

func (c *Client) RevokeAPIKey(ctx context.Context, persona string, instanceSlug string, tokenID string) (bool, error)

func (*Client) RevokeAllSessions ¶ added in v0.70.0

func (c *Client) RevokeAllSessions(ctx context.Context, userID string, keepSessionID *string) error

func (*Client) RevokeGroupInviteLink ¶ added in v0.70.0

func (c *Client) RevokeGroupInviteLink(ctx context.Context, persona string, instanceSlug string, linkID string) error

func (*Client) SMSAvailable ¶ added in v0.70.0

func (c *Client) SMSAvailable() bool

func (*Client) SeedPermissionGroupContainment ¶ added in v0.70.0

func (c *Client) SeedPermissionGroupContainment(ctx context.Context) error

func (*Client) SetEmailVerified ¶ added in v0.70.0

func (c *Client) SetEmailVerified(ctx context.Context, id string, v bool) error

func (*Client) SoftDeleteUser ¶ added in v0.70.0

func (c *Client) SoftDeleteUser(ctx context.Context, id string) error

func (*Client) StartPasswordless ¶ added in v0.70.0

func (c *Client) StartPasswordless(ctx context.Context, req authkit.PasswordlessStartRequest) (authkit.PasswordlessStartResult, error)

func (*Client) TimeUntilUsernameRenameAvailable ¶ added in v0.70.0

func (c *Client) TimeUntilUsernameRenameAvailable(ctx context.Context, userID string, now time.Time) (int64, error)

func (*Client) UnassignGroupRoleAs ¶ added in v0.70.0

func (c *Client) UnassignGroupRoleAs(ctx context.Context, actorUserID string, persona string, instanceSlug string, subjectID string, subjectKind string, role string) error

func (*Client) UnbanUser ¶ added in v0.70.0

func (c *Client) UnbanUser(ctx context.Context, userID string) error

func (*Client) UnlinkProvider ¶ added in v0.70.0

func (c *Client) UnlinkProvider(ctx context.Context, userID string, provider string) error

func (*Client) UpdateBiography ¶ added in v0.70.0

func (c *Client) UpdateBiography(ctx context.Context, id string, bio *string) error

func (*Client) UpdateEmail ¶ added in v0.70.0

func (c *Client) UpdateEmail(ctx context.Context, id string, email string) error

func (*Client) UpdateImportedUser ¶ added in v0.70.0

func (c *Client) UpdateImportedUser(ctx context.Context, userID string, input authkit.ImportUserInput) (*authkit.User, error)

func (*Client) UpdateUsername ¶ added in v0.70.0

func (c *Client) UpdateUsername(ctx context.Context, id string, username string) error

func (*Client) UpsertPasswordHash ¶ added in v0.70.0

func (c *Client) UpsertPasswordHash(ctx context.Context, userID string, hash string, algo string, params []byte) error

func (*Client) UpsertRemoteApplication ¶ added in v0.70.0

func (c *Client) UpsertRemoteApplication(ctx context.Context, in authkit.RemoteApplication) (*authkit.RemoteApplication, error)

func (*Client) UpsertRoleBySlug ¶ added in v0.70.0

func (c *Client) UpsertRoleBySlug(ctx context.Context, name string, slug string, description *string) error

func (*Client) UsersByIDs ¶ added in v0.70.0

func (c *Client) UsersByIDs(ctx context.Context, ids []string) ([]authkit.UserRef, error)

func (*Client) ValidateVerificationConfiguration ¶ added in v0.70.0

func (c *Client) ValidateVerificationConfiguration() error

func (*Client) VerifyUserPassword ¶ added in v0.70.0

func (c *Client) VerifyUserPassword(ctx context.Context, userID string, pass string) bool

func (*Client) WithHTTPClient ¶ added in v0.70.0

func (c *Client) WithHTTPClient(hc *http.Client) *Client

WithHTTPClient overrides the underlying *http.Client (timeouts, transport, mTLS).

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL