browserauth

package
v1.100.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 9, 2026 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Overview

Package browserauth builds the browser-facing authentication stack for the portal and admin web UI: the OIDC login/callback flow and the cookie authenticator, held together behind one Session handle.

New takes an explicit Config so the stack can be built and tested on its own; the package imports only pkg/browsersession, not pkg/platform.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Config

type Config struct {
	// Cookie settings.
	CookieName string
	Domain     string
	SameSite   string
	Secure     bool
	TTL        time.Duration
	SigningKey []byte

	// OIDC / login-flow settings.
	Issuer             string
	ClientID           string
	ClientSecret       string
	Scopes             []string
	RoleClaim          string
	RolePrefix         string
	RedirectURI        string
	PostLogoutRedirect string

	// OnLogin records a user at login; may be nil.
	OnLogin func(email, firstName, lastName string)
}

Config carries the values needed to build a Session. Callers translate their own config into it so this package stays free of platform config types.

type Session

type Session struct {
	// contains filtered or unexported fields
}

Session holds the login flow and cookie authenticator for the browser UI.

func New

func New(ctx context.Context, cfg Config) (*Session, error)

New builds the login flow and cookie authenticator from cfg.

func NewSession

func NewSession(flow *browsersession.Flow, auth *browsersession.Authenticator) *Session

NewSession wraps an already-built login flow and cookie authenticator into a Session. New uses it after constructing both; it is also the seam for wiring a pre-built authenticator (e.g. in tests) without a live OIDC flow.

func (*Session) Authenticator

func (s *Session) Authenticator() *browsersession.Authenticator

Authenticator returns the cookie authenticator, or nil when browser sessions are disabled (a nil Session).

func (*Session) Flow

func (s *Session) Flow() *browsersession.Flow

Flow returns the OIDC login flow, or nil when browser sessions are disabled (a nil Session).

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL