Documentation
¶
Overview ¶
Package authkitgin bridges AuthKit's net/http middleware to gin. Route mounting is NOT here (#250): build the whole surface with authhttp.MountHandler and mount it once via gin.WrapH.
Index ¶
- func Fallback(h http.Handler) gin.HandlerFunc
- func Optional(v *verify.Verifier) gin.HandlerFunc
- func Principal(c *gin.Context) (authkit.Principal, bool)
- func RequirePermission(checker verify.PermissionChecker, perm string, ...) gin.HandlerFunc
- func Required(v *verify.Verifier) gin.HandlerFunc
- func Use(mw ...func(http.Handler) http.Handler) gin.HandlerFunc
- type UserClaimsData
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Fallback ¶ added in v0.84.0
func Fallback(h http.Handler) gin.HandlerFunc
Fallback adapts a neutral handler (authhttp.MountHandler) for use as a gin NoRoute fallback. gin pre-sets 404 on the response before running NoRoute handlers, which silently overrides any handler that relies on the implicit 200-on-first-write; this clears the pending status so the mounted handler's own status wins (its 404s still 404).
router.NoRoute(authkitgin.Fallback(mount))
For explicit wildcard mounts (r.Any("/oidc/*path", …)) plain gin.WrapH is fine — gin only pre-sets 404 on the NoRoute path.
func Optional ¶ added in v0.78.0
func Optional(v *verify.Verifier) gin.HandlerFunc
Optional is the gin-native form of verify.Optional (#209): parses and stores claims when a valid Bearer token is present, and passes through anonymously otherwise. See Required for usage.
func RequirePermission ¶ added in v0.72.0
func RequirePermission(checker verify.PermissionChecker, perm string, resolve func(*gin.Context) verify.PermissionScope) gin.HandlerFunc
func Required ¶ added in v0.78.0
func Required(v *verify.Verifier) gin.HandlerFunc
Required is the gin-native form of verify.Required (#209): validates the Bearer token and stores claims in the request context, aborting with the verifier's 401 on failure. Use it directly on gin routes/groups instead of hand-writing an http.Handler↔gin.HandlerFunc shim:
api := r.Group("/api", authkitgin.Required(verifier))
Types ¶
type UserClaimsData ¶ added in v0.72.0
type UserClaimsData struct {
UserID string
Email string
EmailVerified bool
Username string
SessionID string
Entitlements []string
AMR []string
ACR string
AuthTime time.Time
MFAEnrolled bool
}
func UserClaims ¶ added in v0.72.0
func UserClaims(c *gin.Context) (UserClaimsData, bool)