73e7903c4c
test(auth/jwt): even more tests
2026-03-18 18:57:25 -06:00
999d7c2615
test(auth/jwt): more tests
2026-03-18 18:57:25 -06:00
08dd881974
doc(auth/jwt): add SKILL.md
2026-03-18 18:57:25 -06:00
0800ea2491
WIP: feat: add auth/jwt/examples
2026-03-18 18:57:24 -06:00
0d99234914
ref!(auth/jwt): variadic requiredScopes in NewAccessTokenValidator
...
Distinguishes the two validator constructors by signature:
- NewIDTokenValidator(iss, aud, azp []string) — allowlist semantics
- NewAccessTokenValidator(iss, aud []string, requiredScopes ...string) — requirement semantics
Variadic scopes read naturally at the call site:
NewAccessTokenValidator(issuers, audiences, "openid", "profile")
Three-state semantics preserved:
no args → scope not checked
[]string{}... → scope must be present (any value)
"openid", ... → scope must contain all listed values
Also removes the old gracePeriod parameter from both constructors
(was 0 at all call sites; set GracePeriod on the struct directly
if a non-default value is needed).
Adds TestCov_NewAccessTokenValidator_Scopes covering all three cases.
2026-03-17 08:00:45 -06:00
26bdc0a3db
ref!(auth/jwt): full modern rewrite
2026-03-17 07:49:53 -06:00
117ed8cc9b
feat(auth/jwt): add jwk fetch and jwt verify
2026-03-17 07:10:25 -06:00
c32acd5a74
ref(auth/csvauth): don't hold mutex longer than necessary
2026-03-03 03:05:05 -07:00
66dde73bd4
chore(auth/csvauth): add .goreleaser.yaml
2026-03-03 02:31:36 -07:00
249385c775
fix(auth/csvauth): load tokens into hashmap so that they can be retrieved by CredentialKeys
2026-03-03 02:26:34 -07:00
d415a8c743
fix(auth/csvauth): turn the old CLI-only warnings and errors into returned errors
2026-03-03 01:21:36 -07:00
8842791e34
fix(auth): update test
2026-03-03 00:01:15 -07:00
92f865912a
fix(auth): add missing arg to NewBasicRequestAuthenticator
2026-03-02 23:18:05 -07:00
846d14baf5
feat(auth): add BasicRequestAuthenticator
2026-03-02 12:32:01 -07:00
8ef2f73cb0
fix(auth/csvauth): oops, should have added as auth.BasicAuthenticator, done
2026-02-26 21:12:29 -07:00
ff8cdec1d7
feat(auth): add BasicVerifier, BasicAuthenticator, and BasicPrinciple for interfaces without implementation dependency
2026-02-26 20:03:43 -07:00
d756f205b0
ref(auth/csvauth): create and adhere to Principle interface for verified credential
2026-02-26 16:44:54 -07:00
737f3b0057
fix(auth/csvauth): make username lookups timing safe
2026-02-26 02:23:31 -07:00
1789c92815
fix(auth/csvauth): don't allow BOTH username and password to be empty
2026-02-26 02:23:31 -07:00
3465e9e232
doc(auth/csvauth): update examples
2026-02-26 02:23:31 -07:00
01a4cdda8a
feat(auth/csvauth): add Authenticate(user, pass string) to get verified Credential
2026-02-26 02:23:31 -07:00
7d35551fa7
ref(auth/csvauth): separate Login, Token, and ServiceAccount files
2026-02-26 02:23:31 -07:00
85c7b78ca6
ref(auth/csvauth): enable token use with Verify(dummy, token)
2026-02-21 15:41:02 -07:00
85d42550bf
feat(auth/csvauth): add token support,make secrets non-printing
2026-02-21 05:49:11 -07:00
dd48b2420b
feat(auth/csvauth): make secrets non-printing
2026-02-21 05:49:11 -07:00
af634f2175
doc+fix(cmd/csvauth): cleanup help, print with bare '--help'
2026-02-21 05:49:11 -07:00
6e0c91feb4
fix(cmd/csvauth): use errors.Is(err, ErrInQuestion) correctly
2026-02-21 05:49:11 -07:00
eee1434ba7
doc(auth/envauth): add Go Reference badge
2025-10-11 19:06:44 -06:00
f269f80771
doc(auth/csvauth): add Go Reference badge
2025-10-11 19:06:21 -06:00
9598545a9f
chore: add appopriate LICENSE files to each module
2025-10-06 00:42:41 -06:00
154da0aa04
chore(csvauth): add LICENSE
2025-10-06 00:42:20 -06:00
612cd2e53c
feat(csvauth): store and verify or retrieve credentials
2025-10-05 20:50:38 -06:00
e8fbe603af
ref!(envauth): change Verify return from bool to error
2025-10-04 21:19:34 -06:00
0893b3cb2d
doc(envauth): show use of salt generator
2025-10-04 02:21:05 -06:00
23ff6225f5
feat(envauth): add verifiers for single-user credentials
2025-10-04 02:17:51 -06:00
