Documentation
¶
Overview ¶
Package oneauth provides a unified authentication framework for Go applications.
OneAuth is organized into subpackages:
- core/ — Foundation types: User, Identity, Channel, store interfaces, tokens, credentials, scopes
- keys/ — Key storage, KID tracking, JWKS serving/fetching, encrypted key storage
- admin/ — Admin auth, app registration API, resource token minting
- apiauth/ — API token auth (JWT + API keys), validation middleware
- localauth/ — Local username/password auth: signup, login, email verify, password reset
- httpauth/ — HTTP middleware, CSRF protection, session-based auth mux
- stores/ — Storage backends: fs/, gorm/, gae/
- utils/ — Crypto helpers (PEM, JWK, key generation)
- client/ — Client SDK
- oauth2/ — OAuth2 provider implementations
- grpc/ — gRPC auth interceptors
See each subpackage's SUMMARY.md for details.
Directories
¶
| Path | Synopsis |
|---|---|
|
Package client provides client-side authentication utilities for oneauth.
|
Package client provides client-side authentication utilities for oneauth. |
|
stores/fs
Package fs provides a file system-based credential store for oneauth client.
|
Package fs provides a file system-based credential store for oneauth client. |
|
cmd
|
|
|
oneauth
module
|
|
|
Package core provides the foundation types and interfaces for the OneAuth authentication framework.
|
Package core provides the foundation types and interfaces for the OneAuth authentication framework. |
|
examples
|
|
|
01-client-credentials
command
Example 01: OAuth 2.0 Client Credentials Flow
|
Example 01: OAuth 2.0 Client Credentials Flow |
|
02-resource-token-hs256
command
Example 02: Resource Token with HS256 (Federated Auth)
|
Example 02: Resource Token with HS256 (Federated Auth) |
|
03-resource-token-rs256-jwks
command
Example 03: Resource Token with RS256 + JWKS Discovery
|
Example 03: Resource Token with RS256 + JWKS Discovery |
|
04-discovery
command
Example 04: AS Metadata Discovery (RFC 8414)
|
Example 04: AS Metadata Discovery (RFC 8414) |
|
05-introspection
command
Example 05: Token Introspection (RFC 7662)
|
Example 05: Token Introspection (RFC 7662) |
|
06-dynamic-client-registration
command
Example 06: Dynamic Client Registration (RFC 7591)
|
Example 06: Dynamic Client Registration (RFC 7591) |
|
07-client-sdk
command
Example 07: Client SDK — Production Patterns
|
Example 07: Client SDK — Production Patterns |
|
08-rich-authorization-requests
command
Example 08: Rich Authorization Requests (RFC 9396)
|
Example 08: Rich Authorization Requests (RFC 9396) |
|
09-key-rotation
command
Example 09: Key Rotation with Grace Periods
|
Example 09: Key Rotation with Grace Periods |
|
10-security
command
Example 10: Security — Attack Prevention
|
Example 10: Security — Attack Prevention |
|
refs
Package refs provides pre-defined reference constants for OneAuth examples.
|
Package refs provides pre-defined reference constants for OneAuth examples. |
|
grpc
module
|
|
|
Package keystoretest provides shared test suites for all KeyStore implementations.
|
Package keystoretest provides shared test suites for all KeyStore implementations. |
|
oauth2
module
|
|
|
saml
module
|
|
|
stores
|
|
|
gae
module
|
|
|
gorm
module
|
|
|
Package testutil provides reusable test infrastructure for oneauth integration tests.
|
Package testutil provides reusable test infrastructure for oneauth integration tests. |
Click to show internal directories.
Click to hide internal directories.