auth

package

v0.2.0 Latest Latest Go to latest Published: Dec 17, 2025 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/mirendev/runtime

Links

Open Source Insights

Documentation ¶

Index ¶

type Claims
type ExtendedClaims
- func ParseUnverifiedClaims(token string) (*ExtendedClaims, error)
type JWK
type JWKS
type JWTValidator
- func NewJWTValidator(cloudURL string, logger *slog.Logger) *JWTValidator
- func (v *JWTValidator) ValidateToken(ctx context.Context, tokenString string) (*Claims, error)
type TokenCache
- func NewTokenCache(ctx context.Context) *TokenCache
- func (tc *TokenCache) Get(token string) (*Claims, bool)
- func (tc *TokenCache) Set(token string, claims *Claims)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Claims ¶

type Claims struct {
	jwt.RegisteredClaims
	OrganizationID string   `json:"organization_id,omitempty"`
	GroupIDs       []string `json:"group_ids,omitempty"`
}

Claims represents the JWT claims from miren.cloud

type ExtendedClaims ¶

type ExtendedClaims struct {
	Claims
	UserID   string   `json:"user_id,omitempty"`
	UserName string   `json:"name,omitempty"`
	Groups   []string `json:"groups,omitempty"`
}

ExtendedClaims represents the full JWT claims from miren.cloud including custom fields

func ParseUnverifiedClaims ¶

func ParseUnverifiedClaims(token string) (*ExtendedClaims, error)

ParseUnverifiedClaims parses JWT claims without verification This is only for client-side display purposes and should NOT be used for authentication

type JWK ¶

type JWK struct {
	Kty string `json:"kty"` // Key type (OKP for Ed25519)
	Kid string `json:"kid"` // Key ID
	Use string `json:"use"` // Key use (sig)
	Alg string `json:"alg"` // Algorithm (EdDSA)
	Crv string `json:"crv"` // Curve (Ed25519)
	X   string `json:"x"`   // X coordinate (public key for Ed25519)
}

JWK represents a JSON Web Key

type JWTValidator ¶

type JWTValidator struct {
	// contains filtered or unexported fields
}

JWTValidator validates JWT tokens from miren.cloud using EdDSA signatures. It fetches public keys from the JWKS endpoint at {cloudURL}/.well-known/jwks.json and caches them for efficient validation. Only Ed25519 keys are supported.

func NewJWTValidator ¶

func NewJWTValidator(cloudURL string, logger *slog.Logger) *JWTValidator

NewJWTValidator creates a new JWT validator

func (*JWTValidator) ValidateToken ¶

func (v *JWTValidator) ValidateToken(ctx context.Context, tokenString string) (*Claims, error)

ValidateToken validates a JWT token and returns the claims

type TokenCache ¶

type TokenCache struct {
	// contains filtered or unexported fields
}

TokenCache caches validated tokens to reduce validation overhead

func NewTokenCache ¶

func NewTokenCache(ctx context.Context) *TokenCache

NewTokenCache creates a new token cache

func (*TokenCache) Get ¶

func (tc *TokenCache) Get(token string) (*Claims, bool)

Get retrieves claims from cache if valid

func (*TokenCache) Set ¶

func (tc *TokenCache) Set(token string, claims *Claims)

Set stores claims in cache

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

Documentation ¶

Index ¶

Constants ¶

Variables ¶

Functions ¶

Types ¶

type Claims ¶

type ExtendedClaims ¶

func ParseUnverifiedClaims ¶

type JWK ¶

type JWKS ¶

type JWTValidator ¶

func NewJWTValidator ¶

func (*JWTValidator) ValidateToken ¶

type TokenCache ¶

func NewTokenCache ¶

func (*TokenCache) Get ¶

func (*TokenCache) Set ¶

Source Files ¶