commonhttp

package

v1.12.0 Latest Latest Go to latest Published: Feb 10, 2026 License: Apache-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/openkcm/common-sdk

Links

Open Source Insights

Documentation ¶

Overview ¶

Package commonhttp provides utilities to create HTTP clients configured with OAuth2 credentials and optional mutual TLS (mTLS).

Index ¶

func NewClient(cfg *commoncfg.HTTPClient) (*http.Client, error)
func NewClientFromOAuth2(clientAuth *commoncfg.OAuth2) (*http.Client, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewClient ¶

func NewClient(cfg *commoncfg.HTTPClient) (*http.Client, error)

NewClient creates an *http.Client configured with optional TLS/mTLS and custom settings.

Supports:

Timeout
TLS minimum version (default TLS1.2)
InsecureSkipVerify
Custom root CAs
Optional client certificates (mTLS)

func NewClientFromOAuth2 ¶ added in v1.6.2

func NewClientFromOAuth2(clientAuth *commoncfg.OAuth2) (*http.Client, error)

NewClientFromOAuth2 creates a new HTTP client configured with OAuth2 credentials and optional mutual TLS (mTLS) transport.

This function prepares an *http.Client that automatically injects OAuth2 credentials into outgoing requests using a custom RoundTripper. The client can use multiple OAuth2 authentication methods and optionally mTLS.

Supported authentication methods:

post (client_secret_post): injects "client_id" and "client_secret" into the request query parameters (or POST body, depending on usage).
basic (client_secret_basic): sets the HTTP Basic Authorization header with clientID and clientSecret.
jwt (client_secret_jwt): generates a JWT signed with a shared secret, injected as "client_assertion" with type "urn:ietf:params:oauth:client-assertion-type:jwt-bearer".
private (private_key_jwt): uses a JWT assertion provided in ClientAssertion along with ClientAssertionType, injected as query parameters.
none: PKCE flow (no client_secret required)

Only one authentication method may be configured at a time. If multiple conflicting credentials are provided, this function returns an error.

If mTLS configuration is provided, the client's transport will use the specified TLS certificates for client authentication.

Parameters:

clientAuth: pointer to an OAuth2 configuration containing credentials, optional mTLS, and the authentication method to use.

Returns:

*http.Client: an HTTP client that automatically applies the specified OAuth2 credentials and mTLS configuration to requests.
error: if the configuration is invalid, required fields are missing, or mTLS loading fails.

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL