authority

package
v0.2.40 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 10, 2026 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AllowedAuthHeader 

func AllowedAuthHeader(targetOrigin string, allowlist []string) bool

AllowedAuthHeader reports whether an Authorization header can be sent to the target origin. The allowlist is compared after normalizing origins. Exact match only.

func IsLocalAuth 

func IsLocalAuth(app AuthAuthority, target AuthAuthority) bool

IsLocalAuth reports whether the target shares the same authority as the app.

func SameAuthAuthority 

func SameAuthAuthority(a, b AuthAuthority) bool

SameAuthAuthority compares two authorities. Rules: - If both have Issuer, match normalized Issuer exactly (including path). - Else, match by Origin (scheme+host+port) if both present or derivable.

Types

type AuthAuthority 

type AuthAuthority struct {
	Issuer string // e.g. https://idp.example.com/realms/acme
	Origin string // e.g. https://idp.example.com
}

AuthAuthority represents an authorization authority using issuer and/or origin. Either field may be empty if unknown. Normalize before comparing.

func (AuthAuthority) Normalize 

func (a AuthAuthority) Normalize() AuthAuthority

Normalize returns a copy of the authority with normalized Issuer and Origin. - Issuer: lowercased scheme/host, preserved path, no trailing slash - Origin: scheme://host[:port], lowercased scheme/host, default ports elided

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.