auth

package

v0.9.0 Latest Latest Go to latest Published: Jul 22, 2025 License: MIT Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/schumann-it/dehydrated-api-go

Links

Open Source Insights

Documentation ¶

Index ¶

func Middleware(cfg *Config, logger *zap.Logger) fiber.Handler
type Config
- func NewConfig() *Config
type JWK
type JWKSet
type KeyManager
- func NewKeyManager(tenantID string, logger *zap.Logger, cacheTTL string) *KeyManager
- func (km *KeyManager) GetKey(kid string) (*rsa.PublicKey, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Middleware ¶

func Middleware(cfg *Config, logger *zap.Logger) fiber.Handler

Middleware creates new authentication middleware

Types ¶

type Config ¶

type Config struct {
	// TenantID is the Azure AD tenant ID
	TenantID string `yaml:"tenantId"`

	// ClientID is the Azure AD application (client) ID
	ClientID string `yaml:"clientId"`

	// Authority is the Azure AD authority URL (e.g., https://login.microsoftonline.com/{tenantId})
	Authority string `yaml:"authority"`

	// AllowedAudiences is a list of allowed audience values in the token
	AllowedAudiences []string `yaml:"allowedAudiences"`

	// EnableManagedIdentity enables managed identity authentication
	EnableManagedIdentity bool `yaml:"enableManagedIdentity"`

	// EnableServicePrincipal enables service principal authentication
	EnableServicePrincipal bool `yaml:"enableServicePrincipal"`

	// EnableUserAuthentication enables user authentication
	EnableUserAuthentication bool `yaml:"enableUserAuthentication"`

	// EnableSignatureValidation enables JWT signature validation
	// When enabled, the middleware will fetch and validate Azure AD public keys
	EnableSignatureValidation bool `yaml:"enableSignatureValidation"`

	// KeyCacheTTL is the time-to-live for the public key cache (e.g., "24h", "1h")
	// Defaults to 24 hours if not specified
	KeyCacheTTL string `yaml:"keyCacheTTL"`
}

Config holds the configuration for Azure AD authentication middleware

func NewConfig ¶

func NewConfig() *Config

NewConfig creates a new Config instance with default values This function initializes the configuration with reasonable defaults for Azure AD authentication, including enabling managed identity, service principal, user authentication, and signature validation.

type JWK ¶ added in v0.9.0

type JWK struct {
	Kid string `json:"kid"`
	Kty string `json:"kty"`
	Use string `json:"use"`
	Alg string `json:"alg"`
	N   string `json:"n"`
	E   string `json:"e"`
}

JWK represents a JSON Web Key containing information about a cryptographic key in JSON format.

type JWKSet ¶ added in v0.9.0

type JWKSet struct {
	Keys []JWK `json:"keys"`
}

JWKSet represents a set of JSON Web Keys, typically used to expose public keys for token verification.

type KeyManager ¶ added in v0.9.0

type KeyManager struct {
	// contains filtered or unexported fields
}

KeyManager handles fetching and caching of Azure AD public keys

func NewKeyManager ¶ added in v0.9.0

func NewKeyManager(tenantID string, logger *zap.Logger, cacheTTL string) *KeyManager

NewKeyManager creates a new KeyManager instance

func (*KeyManager) GetKey ¶ added in v0.9.0

func (km *KeyManager) GetKey(kid string) (*rsa.PublicKey, error)

GetKey retrieves a public key by its key ID

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL