Documentation
¶
Index ¶
Constants ¶
const ( // AccessProviderTypeConfigAPIKey is the built-in provider validating inline API keys. AccessProviderTypeConfigAPIKey = "config-api-key" // DefaultAccessProviderName is applied when no provider name is supplied. DefaultAccessProviderName = "config-inline" )
Variables ¶
This section is empty.
Functions ¶
func IsAuthErrorCode ¶ added in v6.8.9
func IsAuthErrorCode(authErr *AuthError, code AuthErrorCode) bool
func RegisterProvider ¶
RegisterProvider registers a pre-built provider instance for a given type identifier.
func UnregisterProvider ¶ added in v6.8.9
func UnregisterProvider(typ string)
UnregisterProvider removes a provider by type identifier.
Types ¶
type AccessConfig ¶ added in v6.8.9
type AccessConfig struct {
// Providers lists configured authentication providers.
Providers []AccessProvider `yaml:"providers,omitempty" json:"providers,omitempty"`
}
AccessConfig groups request authentication providers.
type AccessProvider ¶ added in v6.8.9
type AccessProvider struct {
// Name is the instance identifier for the provider.
Name string `yaml:"name" json:"name"`
// Type selects the provider implementation registered via the SDK.
Type string `yaml:"type" json:"type"`
// SDK optionally names a third-party SDK module providing this provider.
SDK string `yaml:"sdk,omitempty" json:"sdk,omitempty"`
// APIKeys lists inline keys for providers that require them.
APIKeys []string `yaml:"api-keys,omitempty" json:"api-keys,omitempty"`
// Config passes provider-specific options to the implementation.
Config map[string]any `yaml:"config,omitempty" json:"config,omitempty"`
}
AccessProvider describes a request authentication provider entry.
func MakeInlineAPIKeyProvider ¶ added in v6.8.9
func MakeInlineAPIKeyProvider(keys []string) *AccessProvider
MakeInlineAPIKeyProvider constructs an inline API key provider configuration. It returns nil when no keys are supplied.
type AuthError ¶ added in v6.8.9
type AuthError struct {
Code AuthErrorCode
Message string
StatusCode int
Cause error
}
AuthError carries authentication failure details and HTTP status.
func NewInternalAuthError ¶ added in v6.8.9
func NewInvalidCredentialError ¶ added in v6.8.9
func NewInvalidCredentialError() *AuthError
func NewNoCredentialsError ¶ added in v6.8.9
func NewNoCredentialsError() *AuthError
func NewNotHandledError ¶ added in v6.8.9
func NewNotHandledError() *AuthError
func (*AuthError) HTTPStatusCode ¶ added in v6.8.9
HTTPStatusCode returns a safe fallback for missing status codes.
type AuthErrorCode ¶ added in v6.8.9
type AuthErrorCode string
AuthErrorCode classifies authentication failures.
const ( AuthErrorCodeNoCredentials AuthErrorCode = "no_credentials" AuthErrorCodeInvalidCredential AuthErrorCode = "invalid_credential" AuthErrorCodeNotHandled AuthErrorCode = "not_handled" AuthErrorCodeInternal AuthErrorCode = "internal_error" )
type Manager ¶
type Manager struct {
// contains filtered or unexported fields
}
Manager coordinates authentication providers.
func (*Manager) Authenticate ¶
Authenticate evaluates providers until one succeeds.
func (*Manager) SetProviders ¶
SetProviders replaces the active provider list.
type Provider ¶
type Provider interface {
Identifier() string
Authenticate(ctx context.Context, r *http.Request) (*Result, *AuthError)
}
Provider validates credentials for incoming requests.
func RegisteredProviders ¶ added in v6.8.9
func RegisteredProviders() []Provider
RegisteredProviders returns the global provider instances in registration order.
Source Files