auth

package
v0.0.0-...-9031c82 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 4, 2026 License: MIT Imports: 13 Imported by: 0

Documentation

Overview

Package auth provides authentication primitives and middleware components. It supports token abstraction, extraction from HTTP/gRPC requests, validation via Firebase, and context injection.

Key components: - Token: Represents an authentication token with claims. - Authenticator: Validates tokens (currently supports Firebase ID tokens). - TokenExtractor: Extracts tokens from requests (HTTP headers or gRPC metadata). - ContextInjector: Injects validated tokens into the context for usage by services.

Index

Constants

View Source 
const (
	AuthorizationHeader = "Authorization"
	BearerPrefix        = "Bearer "
)
View Source 
const (
	// SystemAccountID is a fixed UUID for system-internal calls to allow easy identification
	SystemAccountID = "ffffffff-ffff-ffff-ffff-ffffffffffff"
	SystemUsername  = "system"
)

Variables

This section is empty.

Functions

func FxModule 

func FxModule() fx.Option

func InjectTokenInCtx 

func InjectTokenInCtx(ctx context.Context, token Token) context.Context

func NewBaseAuthenticator 

func NewBaseAuthenticator[R any](
	tokenExtractor TokenExtractor[R],
	contextInjector ContextInjector,
	firebaseClient firebase.Client,
	hmacValidator jwt.Validator,
) *baseAuthenticator[R]

func NewGrpcAuthenticator 

func NewGrpcAuthenticator(params GrpcAuthenticatorParams) *grpcAuthenticator

func NewGrpcTokenExtractor 

func NewGrpcTokenExtractor() *grpcTokenExtractor

func NewHTTPTokenExtractor 

func NewHTTPTokenExtractor() *httpTokenExtractor

func NewHttpAuthenticator 

func NewHttpAuthenticator(
	tokenExtractor TokenExtractor[*http.Request],
	contextInjector ContextInjector,
	firebaseClient firebase.Client,
	hmacValidator jwt.Validator,
) *httpAuthenticator

func NewToken 

func NewToken(value string, typ TokenType, claims TokenClaims) (*token, error)

func NewTokenContextInjector 

func NewTokenContextInjector() *tokenContextInjector

Types

type ContextInjector 

type ContextInjector interface {
	Inject(ctx context.Context, token Token) (context.Context, error)
}

type GrpcAuthenticatorParams 

type GrpcAuthenticatorParams struct {
	fx.In

	TokenExtractor  TokenExtractor[metadata.MD]
	ContextInjector ContextInjector
	FirebaseClient  firebase.Client `optional:"true"`
	HmacValidator   jwt.Validator
}

type HmacCredentials 

type HmacCredentials struct {
	// contains filtered or unexported fields
}

HmacCredentials implements credentials.PerRPCCredentials

func NewHmacCredentials 

func NewHmacCredentials(issuer jwt.Issuer) *HmacCredentials

func (*HmacCredentials) GetRequestMetadata 

func (c *HmacCredentials) GetRequestMetadata(ctx context.Context, uri ...string) (map[string]string, error)

func (*HmacCredentials) RequireTransportSecurity 

func (c *HmacCredentials) RequireTransportSecurity() bool

type Token 

type Token interface {
	Claims() TokenClaims
	Value() string
	Type() TokenType
}

func TokenFromCtx 

func TokenFromCtx(ctx context.Context) Token

type TokenClaims 

type TokenClaims interface {
	Subject() string
	Expiry() time.Time
	Get(key string) any
}

type TokenExtractor 

type TokenExtractor[R any] interface {
	Extract(ctx context.Context, req R) (Token, error)
}

type TokenType 

type TokenType string
const (
	TokenTypeJWT      TokenType = "JWT"
	TokenTypeFirebase TokenType = "FIREBASE"
	TokenTypeOAuth    TokenType = "OAUTH"
	TokenTypeAPIKey   TokenType = "API_KEY"
	TokenTypeHMAC     TokenType = "HMAC"
	TokenTypeCustom   TokenType = "CUSTOM"
)

func (TokenType) String 

func (tt TokenType) String() string

Source Files

View all Source files

Directories

Path Synopsis
jwt
jwttest
providertest

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.