mapper

package
v0.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 6, 2026 License: Apache-2.0 Imports: 0 Imported by: 0

Documentation

Overview

Package mapper provides claim-based role mapping for PrincipalSource implementations. It allows applications to configure rules that grant internal roles to service identities based on JWT claim values, without requiring the IdP to support custom role claims.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ClaimRoleMapping 

type ClaimRoleMapping struct {
	// Claims maps claim key → required value.
	// Keys may be canonical attribute names (e.g. "primary_email", "username")
	// or raw JWT claim names specific to the IdP (e.g. "repository", "app_name").
	// A value of "*" matches any non-empty string.
	Claims map[string]string

	// Role is the role string granted when all claim predicates match.
	Role string
}

ClaimRoleMapping maps a set of claim predicates to an internal role. All claim predicates must match (AND semantics).

type Mapper 

type Mapper interface {
	MapRoles(claims map[string]any) []string
}

Mapper maps a claims map to a list of roles.

func New 

func New(mappings []ClaimRoleMapping) Mapper

New creates a Mapper from a list of ClaimRoleMapping rules. Each rule is evaluated independently; all matching roles are returned. Returns nil if mappings is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.