Documentation
¶
Overview ¶
Package runner provides integration between the proxy runner and the auth server.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type EmbeddedAuthServer ¶
type EmbeddedAuthServer struct {
// contains filtered or unexported fields
}
EmbeddedAuthServer wraps the authorization server for integration with the proxy runner. It handles configuration transformation from authserver.RunConfig to authserver.Config, manages resource lifecycle, and provides HTTP handlers for OAuth/OIDC endpoints.
func NewEmbeddedAuthServer ¶
func NewEmbeddedAuthServer(ctx context.Context, cfg *authserver.RunConfig) (*EmbeddedAuthServer, error)
NewEmbeddedAuthServer creates an EmbeddedAuthServer from authserver.RunConfig. It loads signing keys from files, reads HMAC secrets from files, resolves the upstream client secret from file or environment variable, and initializes all auth server components.
The cfg parameter contains file paths and environment variable names that are resolved at runtime to build the underlying authserver.Config.
func (*EmbeddedAuthServer) Close ¶
func (e *EmbeddedAuthServer) Close() error
Close releases resources held by the EmbeddedAuthServer. This method is idempotent - subsequent calls after the first will return the same error (if any) without attempting to close resources again. Should be called during runner shutdown.
func (*EmbeddedAuthServer) Handler ¶
func (e *EmbeddedAuthServer) Handler() http.Handler
Handler returns the HTTP handler for OAuth/OIDC endpoints. The handler uses internal chi routing and serves all endpoints:
- /oauth/authorize, /oauth/callback, /oauth/token, /oauth/register
- /.well-known/jwks.json, /.well-known/oauth-authorization-server, /.well-known/openid-configuration
Source Files