auth

module

v0.1.0 Latest Latest Go to latest Published: Mar 1, 2026 License: Apache-2.0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/dioad/auth

Links

Open Source Insights

README ¶

dioad/auth

Authentication and authorization helpers for Go services, including OIDC client utilities, JWT validation helpers, HTTP middleware, and TLS configuration helpers.

Packages

oidc: OpenID Connect client, token sources, and validation helpers (Keycloak, GitHub Actions, AWS, Fly.io).
jwt: Token validation helpers and claim predicates, plus composable multi-validator support.
http: HTTP authentication middleware for Basic, GitHub App, and HMAC signatures, plus JWT/OIDC wiring helpers.
tls: TLS configuration helpers for clients and servers (cert loading, client auth).

OIDC quick start (token validation)

endpoint, _ := oidc.NewEndpoint("https://issuer.example")
client := oidc.NewClient(
    endpoint,
    oidc.WithKeyFunc(func(ctx context.Context) (interface{}, error) {
        return &publicKey, nil
    }),
)

claims, err := client.ValidateToken(ctx, tokenString, []string{"audience"})

HTTP middleware quick start

handler, _ := authhttp.NewHandler(&authhttp.ServerConfig{
    HMACAuthConfig: hmac.Config{Secret: "shared-secret"},
})

http.Handle("/secure", handler.Wrap(myHandler))

Testability seams

The OIDC package provides explicit seams for fast, deterministic tests:

WithHTTPClient to inject a custom HTTPDoer for outbound requests.
WithClock to control time-dependent behavior.
WithKeyFunc/WithJWKSProvider to control verification keys without live JWKS endpoints.
NewTokenSourceFromConfigWithFactories to inject token source factories and a TokenStore implementation.

Directories ¶

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

Path	Synopsis
http Package http provides HTTP authentication utilities and interfaces.	Package http provides HTTP authentication utilities and interfaces.
basic Package basic provides HTTP Basic authentication middleware and utilities.	Package basic provides HTTP Basic authentication middleware and utilities.
context
github Package github provides GitHub-based authentication middleware.	Package github provides GitHub-based authentication middleware.
hmac Package hmac provides HMAC-based authentication middleware.	Package hmac provides HMAC-based authentication middleware.
middleware/jwt
middleware/oidc
oidc Package oidc provides HTTP authentication using OpenID Connect via goth.	Package oidc provides HTTP authentication using OpenID Connect via goth.
jwt Package jwt provides helpers for validating JSON Web Tokens (JWT) and composing claim predicates.	Package jwt provides helpers for validating JSON Web Tokens (JWT) and composing claim predicates.
oidc Package oidc provides an OpenID Connect (OIDC) client and utilities for token validation and management.	Package oidc provides an OpenID Connect (OIDC) client and utilities for token validation and management.
aws Package aws provides functionality to retrieve OIDC tokens from AWS STS GetWebIdentityToken API.	Package aws provides functionality to retrieve OIDC tokens from AWS STS GetWebIdentityToken API.
flyio
githubactions
testutil
tls Package tls provides helper functions for building client and server TLS configurations.	Package tls provides helper functions for building client and server TLS configurations.