authn

package

v1.3.0 Latest Latest Go to latest Published: Jan 13, 2026 License: MIT Imports: 8 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/origadmin/contrib

Links

Open Source Insights

Documentation ¶

Overview ¶

Package authn provides interfaces and implementations for authentication.

Index ¶

Constants
func NewCredentialCreator(cfg *authnv1.Authenticator, opts ...options.Option) (credential.Creator, error)
func NewCredentialRevoker(cfg *authnv1.Authenticator, opts ...options.Option) (credential.Revoker, error)
func Register(name string, factory Factory)
type Authenticator
- func New(cfg *authnv1.Authenticator, opts ...options.Option) (Authenticator, error)
- func NewCompositeAuthenticator(authenticators ...Authenticator) Authenticator
type CompositeAuthenticator
- func (c *CompositeAuthenticator) Authenticate(ctx context.Context, cred security.Credential) (security.Principal, error)
- func (c *CompositeAuthenticator) Supports(cred security.Credential) bool
type Factory
type FactoryFunc
- func (f FactoryFunc) NewAuthenticator(cfg *authnv1.Authenticator, opts ...options.Option) (Authenticator, error)

Constants ¶

View Source

const (
	DefaultAuthenticator = "jwt"
	Noop                 = "noop"
	JWT                  = "jwt"
)

Variables ¶

This section is empty.

Functions ¶

func NewCredentialCreator ¶

func NewCredentialCreator(cfg *authnv1.Authenticator, opts ...options.Option) (credential.Creator, error)

NewCredentialCreator is a convenience helper that creates a provider instance and directly returns its CredentialCreator capability. It returns an error if the specified provider does not support the CredentialCreator interface.

func NewCredentialRevoker ¶

func NewCredentialRevoker(cfg *authnv1.Authenticator, opts ...options.Option) (credential.Revoker, error)

NewCredentialRevoker is a convenience helper that creates a provider instance and directly returns its CredentialRevoker capability. It returns an error if the specified provider does not support the CredentialRevoker interface.

func Register ¶

func Register(name string, factory Factory)

Register registers a new authenticator provider blueprint. This function is intended to be called from the init() function of each provider implementation.

Types ¶

type Authenticator ¶

type Authenticator interface {
	// Authenticate validates the provided credential and returns a Principal object if successful.
	Authenticate(ctx context.Context, cred security.Credential) (security.Principal, error)

	// Supports returns true if this authenticator can handle the given credential.
	// For example, a JWTAuthenticator would return true for a credential where cred.Type() == "jwt".
	Supports(cred security.Credential) bool
}

Authenticator is responsible for validating the identity of the request initiator. It receives credential data and returns a Principal object.

func New ¶

func New(cfg *authnv1.Authenticator, opts ...options.Option) (Authenticator, error)

New creates a new authenticator provider instance based on the given configuration. It looks up the appropriate factory using the type specified in the config and invokes it. The returned Provider instance is NOT stored globally; it is the caller's responsibility to manage its lifecycle and inject it where needed.

func NewCompositeAuthenticator ¶

func NewCompositeAuthenticator(authenticators ...Authenticator) Authenticator

NewCompositeAuthenticator creates a new CompositeAuthenticator. It takes a variadic list of authenticators to be tried in order.

type CompositeAuthenticator ¶

type CompositeAuthenticator struct {
	// contains filtered or unexported fields
}

CompositeAuthenticator is an authenticator that delegates to a list of other authenticators. It tries each authenticator in order until one of them successfully authenticates the credential.

func (*CompositeAuthenticator) Authenticate ¶

func (c *CompositeAuthenticator) Authenticate(ctx context.Context, cred security.Credential) (security.Principal,
	error)

Authenticate iterates through the list of authenticators and calls the first one that supports the credential. If no authenticator supports the credential, it returns an "authenticator not found" error.

func (*CompositeAuthenticator) Supports ¶

func (c *CompositeAuthenticator) Supports(cred security.Credential) bool

Supports returns true if any of the underlying authenticators supports the credential.

type Factory ¶

type Factory interface {
	// NewAuthenticator creates a new Provider instance using the provided configuration.
	NewAuthenticator(cfg *authnv1.Authenticator, opts ...options.Option) (Authenticator, error)
}

Factory is an interface for a provider factory that can create a Provider instance when given a runtime configuration. It's a stateless object intended to be registered at init time.

type FactoryFunc ¶

type FactoryFunc func(config *authnv1.Authenticator, opts ...options.Option) (Authenticator, error)

FactoryFunc is a function type that creates a Provider instance.

func (FactoryFunc) NewAuthenticator ¶

func (f FactoryFunc) NewAuthenticator(cfg *authnv1.Authenticator, opts ...options.Option) (Authenticator, error)

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cache Package cache provides token caching functionality for security module	Package cache provides token caching functionality for security module
jwt Package jwt provides a JWT-based implementation of the security interfaces.	Package jwt provides a JWT-based implementation of the security interfaces.
noop Package noop implements the functions, types, and interfaces for the module.	Package noop implements the functions, types, and interfaces for the module.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL