OpenID Connect (OIDC) http middleware for Go

Related tags

HTTP middlewares go-oidc-middleware
Overview

Go OpenID Connect (OIDC) HTTP Middleware

Coverage Status

Introduction

This is a middleware for http to make it easy to use OpenID Connect.

Currently Supported frameworks

Echo (JWT ParseTokenFunc)

Middleware

e.Use(middleware.JWTWithConfig(middleware.JWTConfig{
    ParseTokenFunc: oidc.NewEchoJWTParseTokenFunc(&oidc.Options{
        Issuer:                     cfg.Issuer,
        RequiredTokenType:          "JWT",
        RequiredAudience:           cfg.Audience,
        FallbackSignatureAlgorithm: cfg.FallbackSignatureAlgorithm,
        RequiredClaims: map[string]interface{}{
            "tid": cfg.TenantID,
        },
    }),
}))

Handler

func getClaimsHandler(c echo.Context) error {
	token, ok := c.Get("user").(jwt.Token)
	if !ok {
		return echo.NewHTTPError(http.StatusUnauthorized, "invalid token")
	}

	claims, err := token.AsMap(c.Request().Context())
	if err != nil {
		return echo.NewHTTPError(http.StatusUnauthorized, "invalid token")
	}

	return c.JSON(http.StatusOK, claims)
}

net/http & mux

Middleware

oidcHandler := oidc.NewNetHttpHandler(h, &oidc.Options{
    Issuer:                     cfg.Issuer,
    RequiredTokenType:          "JWT",
    RequiredAudience:           cfg.Audience,
    FallbackSignatureAlgorithm: cfg.FallbackSignatureAlgorithm,
    RequiredClaims: map[string]interface{}{
        "tid": cfg.TenantID,
    },
})

Handler

func getClaimsHandler() http.HandlerFunc {
	fn := func(w http.ResponseWriter, r *http.Request) {
		claims, ok := r.Context().Value(oidc.ClaimsContextKey).(map[string]interface{})
		if !ok {
			w.WriteHeader(http.StatusUnauthorized)
			return
		}

		w.Header().Set("Content-Type", "application/json")
		err := json.NewEncoder(w).Encode(claims)
		if err != nil {
			w.WriteHeader(http.StatusInternalServerError)
			return
		}
	}

	return http.HandlerFunc(fn)
}

Examples

See examples readme for more information.

Roadmap

GitHub Project

Comments
  • withRequiredClaims doesn't support its function signature

    withRequiredClaims doesn't support its function signature

    a JWT with the following body:

      "iat": 1635250590,
  "auth_time": 1635250589,
  "jti": "e7f11506-04b5-470a-b546-5365bea7dc74",
  "iss": "https://redacted/auth/realms/redacted",
  "aud": [
    "devel",
    "account"
  ],
  "sub": "4d1debda-2a29-4caf-9b7f-a8474051f6b6",
  "typ": "Bearer",
  "azp": "devel",
  "nonce": "ec137176-9c23-4375-849e-74bb20c7fbea",
  "session_state": "5618efe5-2bcf-4c35-8730-ae17b8258404",
  "acr": "1",
  "allowed-origins": [
    "*"
  ],
  "realm_access": {
    "roles": [
      "offline_access",
      "default-roles-redacted",
      "uma_authorization",
      "user"
    ]
  },
  "resource_access": {
    "account": {
      "roles": [
        "manage-account",
        "manage-account-links",
        "view-profile"
      ]
    }
  },
  "scope": "openid email profile",
  "sid": "5618efe5-2bcf-4c35-8730-ae17b8258404",
  "email_verified": true,
  "name": "redacted",
  "preferred_username": "redacted",
  "given_name": "redacted",
  "family_name": "redacted",
  "email": "redacted"
}

    and gin (fwiw) middleware the following options:

    	oidcHandler := oidcgin.New(
		options.WithIssuer(cfg.Issuer),
		options.WithRequiredTokenType("JWT"),
		options.WithRequiredAudience(cfg.Audience),
		options.WithRequiredClaims(map[string]interface{}{
			"realm_access": map[string]interface{}{
				"roles": "user",
			},
		}),
	)

    and the default handler

    func OIDCHandler(cx *gin.Context) {
	claimsValue, found := cx.Get("claims")
	if !found {
		fmt.Println("!found")
		cx.AbortWithStatus(http.StatusUnauthorized)
		return
	}

	claims, ok := claimsValue.(map[string]interface{})
	if !ok {
		fmt.Println("!ok")
		cx.AbortWithStatus(http.StatusUnauthorized)
		return
	}

	cx.JSON(http.StatusOK, claims)
}

    results in the following error message

    Error #01: unable to validate required claims: unable to get cty.Type: no cty.Type for interface {}
    bug 
    opened by idc77 13
  • Bump github.com/lestrrat-go/jwx from 1.2.4 to 1.2.5

    Bump github.com/lestrrat-go/jwx from 1.2.4 to 1.2.5

    Bumps github.com/lestrrat-go/jwx from 1.2.4 to 1.2.5.

    Release notes

    Sourced from github.com/lestrrat-go/jwx's releases.

    v1.2.5

    v1.2.5 04 Aug 2021
[New features]
  * Implement RFC7797. The value of the header field `b64` changes
    how the payload is treated in JWS
  * Implement detached payloads for JWS
  * Implement (jwk.AutoRefresh).ErrorSink() to register a channel
    where you can receive errors from fetches and parses that occur during
    JWK(s) retrieval.
    Changelog

    Sourced from github.com/lestrrat-go/jwx's changelog.

    v1.2.5 04 Aug 2021 [New features]

    • Implement RFC7797. The value of the header field b64 changes how the payload is treated in JWS
    • Implement detached payloads for JWS
    • Implement (jwk.AutoRefresh).ErrorSink() to register a channel where you can receive errors from fetches and parses that occur during JWK(s) retrieval.
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies go 
    opened by dependabot[bot] 5
  • Bump goreleaser/goreleaser-action from 2.6.1 to 2.7.0

    Bump goreleaser/goreleaser-action from 2.6.1 to 2.7.0

    Bumps goreleaser/goreleaser-action from 2.6.1 to 2.7.0.

    Release notes

    Sourced from goreleaser/goreleaser-action's releases.

    v2.7.0

    • chore(deps): update dev deps (#294)
    • chore(deps): bump codecov/codecov-action from 1 to 2 (#293)
    • refactor: use built-in getExecOutput (#292)
    • chore(deps): bump @​actions/exec from 1.0.4 to 1.1.0 (#291)
    • chore(deps): bump @​actions/core from 1.3.0 to 1.4.0 (#289)
    • chore(deps): bump @​actions/tool-cache from 1.7.0 to 1.7.1 (#290)
    Commits
    • 5a54d7e chore(deps): update dev deps (#294)
    • a59bcd6 chore(deps): bump codecov/codecov-action from 1 to 2 (#293)
    • b59bff5 refactor: use built-in getExecOutput (#292)
    • b2263bd chore(deps): bump @​actions/exec from 1.0.4 to 1.1.0 (#291)
    • 76bde18 chore(deps): bump @​actions/core from 1.3.0 to 1.4.0 (#289)
    • 194deb5 chore(deps): bump @​actions/tool-cache from 1.7.0 to 1.7.1 (#290)
    • See full diff in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 5
  • Bump github.com/cristalhq/aconfig from 0.16.2 to 0.16.5 in /examples

    Bump github.com/cristalhq/aconfig from 0.16.2 to 0.16.5 in /examples

    Bumps github.com/cristalhq/aconfig from 0.16.2 to 0.16.5.

    Release notes

    Sourced from github.com/cristalhq/aconfig's releases.

    v0.16.5

    de23397e03c0b9c4072082fa4f2a050abafc1011 Check duplicate flag (#98)

    v0.16.4

    4599e9843ad438f3bac16fbec23d1e70b7e83ed1 Fix map of slices (#102)

    v0.16.3

    32ffc950c1ed5f0de288b13ff9fb69c102e26d9a Fix map in map (#101) 5ae6b2e987975aa3fa8a084d5a8fe2c9e70d61af Better struct assert (#97)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies go 
    opened by dependabot[bot] 4
  • Bump github.com/gin-gonic/gin from 1.7.3 to 1.7.4

    Bump github.com/gin-gonic/gin from 1.7.3 to 1.7.4

    Bumps github.com/gin-gonic/gin from 1.7.3 to 1.7.4.

    Changelog

    Sourced from github.com/gin-gonic/gin's changelog.

    Gin ChangeLog

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies go 
    opened by dependabot[bot] 4
  • Default 5 seconds timeout is not enough to load openid-configuration in a slow network environment

    Default 5 seconds timeout is not enough to load openid-configuration in a slow network environment

    Default 5 seconds timeout is not enough to load openid-configuration in a slow network environment, would appreciate if add a configuration parameter to adjust the timeout

    panic: oidc discovery: unable to load jwks: unable to fetch jwksUri from discoveryUri (https://login.microsoftonline.com//v2.0/.well-known/openid-configuration): Get "https://login.microsoftonline.com//v2.0/.well-known/openid-configuration": context deadline exceeded

    goroutine 1 [running]: github.com/xenitab/go-oidc-middleware/oidcgin.New({0xc0005b1ed8, 0x4, 0x4}) /home/ythuang/go/pkg/mod/github.com/xenitab/go-oidc-middleware/[email protected]/gin.go:17 +0xd9 main.main()

    opened by huangyingting 3
  • split off internal/oidc and provide separate packages for each

    split off internal/oidc and provide separate packages for each "router package"

    Motivation:

    This package is rather unflexible if you'd like to write your own middleware. Writing your own middleware is not possible without yanking out internal/oidc and putting it into its own, separate package.

    Different responses if an error occurs are not possible to do either. You have to "eat" the stock "400 bad request" response in gin's case without any abililty, except forking, to change that.

    Also, if you only need e.g. the gin handler, you have to pull in all the other routers, like fiber etc, resulting in a larger memory footprint and larger binary.

    Why not just a fork? Because changes in this package would then again need to be done manually in the forked package, because it's internal. Please correct me if I'm wrong.

    I have forked the internal/oidc and options and put it at git.icod.de/dalu/oidc What I'll do next is take and edit just the gin handler and put it into a separate package as well then edit it to be optionally permissive and return JSON on error. Thanks to your MIT license I can do that, so thank you for that. But you're the author and it should be hosted and updated by you, therefore this proposal. And you seem to have some automation set up to upgrade dependencies.

    opened by idc77 3
  • should the middleware be permissive?

    should the middleware be permissive?

    Hello again,

    I'm not sure what vision you had with this package, I, for one, am trying to avoid running a separate https://github.com/gogatekeeper/gatekeeper in front of every http api I create. I stumbled upon this package because I wanted to write my own middleware and thought why re-invent the wheel.

    Usually (or it's one possibility) GETting something does not require someone to be logged in, to attract visitors. Only modifying requests should require authentication. Of course I can achieve that by not putting the middleware in front of every handler that requires it, or rather... putting the middleware in front of every handler that requires authentication and not putting it before GET requests.

    This might or might not be an issue for you.

    But why would one still do it? Convenience. When you're able to just say something like this:

    	h := handler.New(client)

	v1 := r.Group("/api/v1")
	v1.Use(oidcHandler)
	v1.GET("/oidc", h.OIDCClaimsHandler) // demo

	// Entity Routes

	post := v1.Group("/post")
	comment := v1.Group("/comment")
	h.PostRoutes(post)
	h.CommentRoutes(comment)

    vs passing the oidcHandler to every single route, which I'm going to do now.

    ~

    question wontfix 
    opened by idc77 3
  • Bump github.com/xenitab/go-oidc-middleware from 0.0.14 to 0.0.15 in /examples

    Bump github.com/xenitab/go-oidc-middleware from 0.0.14 to 0.0.15 in /examples

    Bumps github.com/xenitab/go-oidc-middleware from 0.0.14 to 0.0.15.

    Release notes

    Sourced from github.com/xenitab/go-oidc-middleware's releases.

    v0.0.15

    Changes

    • Update dependencies
    Commits
    • f11d391 update dependencies (#73)
    • b183299 Bump github.com/gofiber/fiber/v2 from 2.19.0 to 2.20.0 in /examples (#72)
    • 7296cf3 Bump github.com/gofiber/fiber/v2 from 2.19.0 to 2.20.0 (#71)
    • See full diff in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies go 
    opened by dependabot[bot] 3
  • Bump github.com/zclconf/go-cty from 1.9.0 to 1.9.1

    Bump github.com/zclconf/go-cty from 1.9.0 to 1.9.1

    Bumps github.com/zclconf/go-cty from 1.9.0 to 1.9.1.

    Changelog

    Sourced from github.com/zclconf/go-cty's changelog.

    1.9.1 (Unreleased)

    • cty: Don't panic in Value.Equals if comparing complex data structures with nested marked values. Instead, Equals will aggregate all of the marks on the resulting boolean value as we typically expect for operations that derived from marked values. (#112)
    • cty: Value.AsBigFloat now properly isolates its result from the internal state of the associated value. It previously attempted to do this (so that modifying the result would not affect the supposedly-immutable cty.Number value) but ended up creating an object which still had some shared buffers. The result is now entirely separate from the internal state of the recieving value. (#114)
    • function/stdlib: The FormatList function will now return an unknown value if any of the arguments have an unknown type, because in that case it can't tell whether that value will ultimately become a string or a list of strings, and thus it can't predict how many elements the result will have. (#115)
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies go 
    opened by dependabot[bot] 3
  • Bump honnef.co/go/tools from 0.2.0 to 0.2.1

    Bump honnef.co/go/tools from 0.2.0 to 0.2.1

    Bumps honnef.co/go/tools from 0.2.0 to 0.2.1.

    Release notes

    Sourced from honnef.co/go/tools's releases.

    Staticcheck 2021.1.1 (v0.2.1)

    This release adds support for new language features in Go 1.17, namely conversions from slices to array pointers, the unsafe.Add function, and the unsafe.Slice function.

    Additionally, it fixes some false positives.

    Read the full release notes at https://staticcheck.io/changes/2021.1#2021.1.1

    Staticcheck 2021.1 (v0.2.0)

    Read the full release notes at https://staticcheck.io/changes/2021.1

    Staticcheck 2020.2.4 (v0.1.4)

    This release fixes a crash and some false positives.

    Read the full release notes at https://staticcheck.io/changes/2020.2#2020.2.4

    Staticcheck 2020.2.3 (v0.1.3)

    This release fixes a false positive in U1000. See #942 for details.

    Staticcheck 2020.2.2 (v0.1.2)

    This release fixes a rare crash in Staticcheck, reduces the number of false positives, and adds support for Go 1.16's io/fs.FileMode type.

    Read the full release notes at https://staticcheck.io/changes/2020.2#2020.2.2

    Staticcheck 2020.2.1 (v0.1.1)

    This release eliminates some false negatives as well as false positives, makes the staticcheck command less noisy and fixes a potential security issue.

    See the full release notes at https://staticcheck.io/changes/2020.2#2020.2.1

    Staticcheck 2020.2 (v0.1.0)

    Read the full release notes at https://staticcheck.io/changes/2020.2

    Commits
    • df71e5d Version 2021.1.1 (v0.2.1)
    • 5b5a29e doc: add 2021.1.1 release notes
    • f3761a6 SA5011: don't flag indexing of possibly nil slice
    • fae7339 go/ir: support unsafe.Add and unsafe.Slice
    • 1325373 go/ir: support slice to array pointer conversion
    • d182c3a S1020: don't flag nested if statements when the inner one has an else branch
    • 2978e62 SA5011: only consider nil checks used in if statements
    • 74fd1b8 SA4010: don't flag appends to slices that might have aliased backing arrays
    • e7de1ac SA4000: never flag floats
    • d3c6840 SA5002: don't print two percent signs
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies go 
    opened by dependabot[bot] 3
  • Bump github.com/gofiber/fiber/v2 from 2.40.1 to 2.41.0 in /examples

    Bump github.com/gofiber/fiber/v2 from 2.40.1 to 2.41.0 in /examples

    Bumps github.com/gofiber/fiber/v2 from 2.40.1 to 2.41.0.

    Release notes

    Sourced from github.com/gofiber/fiber/v2's releases.

    v2.41.0

    🚀 New

    🧹 Updates

    • Latency use lowest time unit in logger middleware (#2261)
    • Add more detail error message in serverErrorHandler (#2267)
    • Use fasthttp.AddMissingPort (#2268)
    • Set byteSent log to 0 when use SetBodyStreamWriter (#2239)
    • Unintended overwritten bind variables (#2240)
    • Bump github.com/valyala/fasthttp from 1.41.0 to 1.43.0 (#2237, #2245)
    • Bump github.com/mattn/go-isatty from 0.0.16 to 0.0.17 (#2279)

    🐛 Fixes

    • Fix some warnings, go-ole on mac os (#2280)
    • Properly handle error of "net.ParseCIDR" in "(*App).handleTrustedProxy" (#2243)
    • Fix regex constraints that contain comma (#2256)
    • Unintended overwritten bind variables (#2240)

    📚 Documentation

    • Fix ci badge errors (#2282)
    • Replace 1.14 with 1.16 in READMEs (#2265)
    • Update docstring for FormValue() (#2262)
    • Added Ukrainian README translation (#2249)
    • middleware/requestid: mention that the default UUID generator exposes the number of requests made to the server (#2241)
    • middleware/filesystem does not handle url encoded values on it's own (#2247)

    Full Changelog: https://github.com/gofiber/fiber/compare/v2.40.1...v2.41.0

    Thank you @​AngelVI13, @​Simerax, @​cwinters8, @​efectn, @​jfcg, @​leonklingele, @​li-jin-gou, @​pjebs, @​shuuji3 and @​v1def for making this update possible.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies go 
    opened by dependabot[bot] 0
  • Bump github.com/labstack/echo/v4 from 4.9.1 to 4.10.0 in /examples

    Bump github.com/labstack/echo/v4 from 4.9.1 to 4.10.0 in /examples

    Bumps github.com/labstack/echo/v4 from 4.9.1 to 4.10.0.

    Release notes

    Sourced from github.com/labstack/echo/v4's releases.

    v4.10.0

    Security

    • We are deprecating JWT middleware in this repository. Please use https://github.com/labstack/echo-jwt instead.

      JWT middleware is moved to separate repository to allow us to bump/upgrade version of JWT implementation (github.com/golang-jwt/jwt) we are using which we can not do in Echo core because this would break backwards compatibility guarantees we try to maintain.

    • This minor version bumps minimum Go version to 1.17 (from 1.16) due golang.org/x/ packages we depend on. There are several vulnerabilities fixed in these libraries.

      Echo still tries to support last 4 Go versions but there are occasions we can not guarantee this promise.

    Enhancements

    • Bump x/text to 0.3.8 #2305
    • Bump dependencies and add notes about Go releases we support #2336
    • Add helper interface for ProxyBalancer interface #2316
    • Expose middleware.CreateExtractors function so we can use it from echo-contrib repository #2338
    • Refactor func(Context) error to HandlerFunc #2315
    • Improve function comments #2329
    • Add new method HTTPError.WithInternal #2340
    • Replace io/ioutil package usages #2342
    • Add staticcheck to CI flow #2343
    • Replace relative path determination from proprietary to std #2345
    • Remove square brackets from ipv6 addresses in XFF (X-Forwarded-For header) #2182
    • Add testcases for some BodyLimit middleware configuration options #2350
    • Additional configuration options for RequestLogger and Logger middleware #2341
    • Add route to request log #2162
    • GitHub Workflows security hardening #2358
    • Add govulncheck to CI and bump dependencies #2362
    • Fix rate limiter docs #2366
    • Refactor how e.Routes() work and introduce e.OnAddRouteHandler callback #2337
    Changelog

    Sourced from github.com/labstack/echo/v4's changelog.

    v4.10.0 - 2022-12-27

    Security

    • We are deprecating JWT middleware in this repository. Please use https://github.com/labstack/echo-jwt instead.

      JWT middleware is moved to separate repository to allow us to bump/upgrade version of JWT implementation (github.com/golang-jwt/jwt) we are using which we can not do in Echo core because this would break backwards compatibility guarantees we try to maintain.

    • This minor version bumps minimum Go version to 1.17 (from 1.16) due golang.org/x/ packages we depend on. There are several vulnerabilities fixed in these libraries.

      Echo still tries to support last 4 Go versions but there are occasions we can not guarantee this promise.

    Enhancements

    • Bump x/text to 0.3.8 #2305
    • Bump dependencies and add notes about Go releases we support #2336
    • Add helper interface for ProxyBalancer interface #2316
    • Expose middleware.CreateExtractors function so we can use it from echo-contrib repository #2338
    • Refactor func(Context) error to HandlerFunc #2315
    • Improve function comments #2329
    • Add new method HTTPError.WithInternal #2340
    • Replace io/ioutil package usages #2342
    • Add staticcheck to CI flow #2343
    • Replace relative path determination from proprietary to std #2345
    • Remove square brackets from ipv6 addresses in XFF (X-Forwarded-For header) #2182
    • Add testcases for some BodyLimit middleware configuration options #2350
    • Additional configuration options for RequestLogger and Logger middleware #2341
    • Add route to request log #2162
    • GitHub Workflows security hardening #2358
    • Add govulncheck to CI and bump dependencies #2362
    • Fix rate limiter docs #2366
    • Refactor how e.Routes() work and introduce e.OnAddRouteHandler callback #2337
    Commits
    • f36d566 Changelog for 4.10.0
    • a69727e Mark JWT middleware deprecated
    • 0056cc8 Improve comments wording
    • 45402bb Add echo.OnAddRouteHandler field. As name says - this handler is called when ...
    • f1cf1ec Fix adding route with host overwrites default host route with same method+pat...
    • 895121d Fix rate limiter docs (#2366)
    • abecadc Merge pull request #2362 from aldas/add_govulncheck_2_ci
    • bc75cc2 Add govulncheck to CI and bump dependencies. Refactor GitHub workflows.
    • 40eb889 build: harden echo.yml permissions
    • 135c511 Add request route with "route" tag to logger middleware (#2162)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies go 
    opened by dependabot[bot] 0
  • Bump github.com/gin-gonic/gin from 1.8.1 to 1.8.2 in /examples

    Bump github.com/gin-gonic/gin from 1.8.1 to 1.8.2 in /examples

    Bumps github.com/gin-gonic/gin from 1.8.1 to 1.8.2.

    Release notes

    Sourced from github.com/gin-gonic/gin's releases.

    v1.8.2

    Changelog

    Bug fixes

    • 0c2a691 fix(engine): missing route params for CreateTestContext (#2778) (#2803)
    • e305e21 fix(route): redirectSlash bug (#3227)

    Others

    • 6a2a260 Fix the GO-2022-1144 vulnerability (#3432)
    Changelog

    Sourced from github.com/gin-gonic/gin's changelog.

    Gin v1.8.2

    Bugs

    • fix(route): redirectSlash bug (#3227)
    • fix(engine): missing route params for CreateTestContext (#2778) (#2803)

    Security

    • Fix the GO-2022-1144 vulnerability (#3432)
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies go 
    opened by dependabot[bot] 0
Releases(v0.0.39)

  • v0.0.39(Dec 18, 2022)

    What's Changed

    • adding check for matching signing algorithm of token by @gitu in https://github.com/XenitAB/go-oidc-middleware/pull/229
    • adding check for matching signing algorithm of token by continued by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/231
    • Bump goreleaser/goreleaser-action from 3.2.0 to 4.1.0 by @dependabot in https://github.com/XenitAB/go-oidc-middleware/pull/227

    New Contributors

    • @gitu made their first contribution in https://github.com/XenitAB/go-oidc-middleware/pull/229

    Full Changelog: https://github.com/XenitAB/go-oidc-middleware/compare/v0.0.38...v0.0.39

    Source code(tar.gz)
    Source code(zip)

  • v0.0.38(Dec 5, 2022)

    What's Changed

    • Add OPTest example by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/224
    • optest: make it possible to show login prompt by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/225

    This release introduces the option optest.WithLoginPrompt() for optest. When enabled and you have more than one user, a HTML page will be show at /authorization that lets you select what user to login with.

    Full Changelog: https://github.com/XenitAB/go-oidc-middleware/compare/v0.0.37...v0.0.38

    Source code(tar.gz)
    Source code(zip)

  • v0.0.37(Nov 26, 2022)

    What's Changed

    • [BREAKING CHANGE] Change how claims are handled by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/221

    Full Changelog: https://github.com/XenitAB/go-oidc-middleware/compare/v0.0.36...v0.0.37

    Source code(tar.gz)
    Source code(zip)

  • v0.0.36(Nov 25, 2022)

    What's Changed

    • Update Go dependencies by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/220

    Full Changelog: https://github.com/XenitAB/go-oidc-middleware/compare/v0.0.35...v0.0.36

    Source code(tar.gz)
    Source code(zip)

  • v0.0.35(Nov 25, 2022)

    What's Changed

    • Fix userinfo response by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/219

    Full Changelog: https://github.com/XenitAB/go-oidc-middleware/compare/v0.0.34...v0.0.35

    Source code(tar.gz)
    Source code(zip)

  • v0.0.34(Nov 25, 2022)

    What's Changed

    • Add cache for authorizations by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/217

    Full Changelog: https://github.com/XenitAB/go-oidc-middleware/compare/v0.0.33...v0.0.34

    Source code(tar.gz)
    Source code(zip)

  • v0.0.33(Nov 25, 2022)

    What's Changed

    • Add IssuedAt key to tokens by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/214

    Full Changelog: https://github.com/XenitAB/go-oidc-middleware/compare/v0.0.32...v0.0.33

    Source code(tar.gz)
    Source code(zip)

  • v0.0.32(Aug 8, 2022)

    What's Changed

    • Update deps by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/192

    Full Changelog: https://github.com/XenitAB/go-oidc-middleware/compare/v0.0.31...v0.0.32

    Source code(tar.gz)
    Source code(zip)

  • v0.0.31(May 10, 2022)

    What's Changed

    • Add support for opaque access tokens in optest by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/175

    Full Changelog: https://github.com/XenitAB/go-oidc-middleware/compare/v0.0.30...v0.0.31

    Source code(tar.gz)
    Source code(zip)

  • v0.0.30(May 10, 2022)

    What's Changed

    • Add ability to provide multiple users when running the tests by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/169

    Full Changelog: https://github.com/XenitAB/go-oidc-middleware/compare/v0.0.29...v0.0.30

    Source code(tar.gz)
    Source code(zip)

  • v0.0.29(May 8, 2022)

    What's Changed

    • Update dependencies by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/168

    Full Changelog: https://github.com/XenitAB/go-oidc-middleware/compare/v0.0.28...v0.0.29

    Source code(tar.gz)
    Source code(zip)

  • v0.0.28(Apr 11, 2022)

    What's Changed

    • Update to go 1.18 by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/158
    • Bump actions/setup-go from 2 to 3 by @dependabot in https://github.com/XenitAB/go-oidc-middleware/pull/157

    The benchmarks show an improvement of an average of 370% between go 1.17 and go 1.18 if my math isn't too off:

    name                                         old time/op  new time/op  delta
pkg:github.com/xenitab/go-oidc-middleware/oidcechojwt goos:linux goarch:amd64
Suite/OidcEchoJwt_handler/10_clients-2       6.03ms ± 0%  1.64ms ± 0%   ~     (p=1.000 n=1+1)
Suite/OidcEchoJwt_requirements/10_clients-2  6.13ms ± 0%  1.76ms ± 0%   ~     (p=1.000 n=1+1)
Suite/OidcEchoJwt_http/10_clients-2          6.46ms ± 0%  1.77ms ± 0%   ~     (p=1.000 n=1+1)
pkg:github.com/xenitab/go-oidc-middleware/oidcfiber goos:linux goarch:amd64
Suite/OidcFiber_handler/10_clients-2         6.56ms ± 0%  1.88ms ± 0%   ~     (p=1.000 n=1+1)
Suite/OidcFiber_requirements/10_clients-2    6.50ms ± 0%  1.71ms ± 0%   ~     (p=1.000 n=1+1)
Suite/OidcFiber_http/10_clients-2            6.89ms ± 0%  1.75ms ± 0%   ~     (p=1.000 n=1+1)
pkg:github.com/xenitab/go-oidc-middleware/oidcgin goos:linux goarch:amd64
Suite/OidcGin_handler/10_clients-2           6.72ms ± 0%  1.94ms ± 0%   ~     (p=1.000 n=1+1)
Suite/OidcGin_requirements/10_clients-2      7.25ms ± 0%  1.66ms ± 0%   ~     (p=1.000 n=1+1)
Suite/OidcGin_http/10_clients-2              7.44ms ± 0%  1.80ms ± 0%   ~     (p=1.000 n=1+1)
pkg:github.com/xenitab/go-oidc-middleware/oidchttp goos:linux goarch:amd64
Suite/OidcHttp_handler/10_clients-2          5.94ms ± 0%  1.65ms ± 0%   ~     (p=1.000 n=1+1)
Suite/OidcHttp_requirements/10_clients-2     5.95ms ± 0%  1.70ms ± 0%   ~     (p=1.000 n=1+1)
Suite/OidcHttp_http/10_clients-2             6.32ms ± 0%  1.77ms ± 0%   ~     (p=1.000 n=1+1)

    See the PR (#158) for the logs of the run I did comparing the versions.

    Full Changelog: https://github.com/XenitAB/go-oidc-middleware/compare/v0.0.27...v0.0.28

    Source code(tar.gz)
    Source code(zip)

  • v0.0.27(Apr 10, 2022)

    What's Changed

    • Make discovery fetch timeout configurable by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/155

    Full Changelog: https://github.com/XenitAB/go-oidc-middleware/compare/v0.0.26...v0.0.27

    Source code(tar.gz)
    Source code(zip)

  • v0.0.26(Apr 10, 2022)

    What's Changed

    • Update deps by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/153

    Full Changelog: https://github.com/XenitAB/go-oidc-middleware/compare/v0.0.25...v0.0.26

    Source code(tar.gz)
    Source code(zip)

  • v0.0.25(Mar 11, 2022)

    What's Changed

    • Remove semgrep from GH Actions by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/133
    • Update dependencies by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/144

    Full Changelog: https://github.com/XenitAB/go-oidc-middleware/compare/v0.0.24...v0.0.25

    Source code(tar.gz)
    Source code(zip)

  • v0.0.24(Jan 27, 2022)

    What's Changed

    • Update deps by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/129

    Full Changelog: https://github.com/XenitAB/go-oidc-middleware/compare/v0.0.23...v0.0.24

    Source code(tar.gz)
    Source code(zip)

  • v0.0.23(Nov 30, 2021)

    What's Changed

    • Fix test coverage in coveralls by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/113
    • OpenID Provider to be used with tests by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/114

    Full Changelog: https://github.com/XenitAB/go-oidc-middleware/compare/v0.0.22...v0.0.23

    Source code(tar.gz)
    Source code(zip)

  • v0.0.22(Nov 28, 2021)

    What's Changed

    • Expose ParseToken and GetTokenString by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/100

    Full Changelog: https://github.com/XenitAB/go-oidc-middleware/compare/v0.0.21...v0.0.22

    Source code(tar.gz)
    Source code(zip)

  • v0.0.21(Nov 28, 2021)

  • v0.0.20(Nov 28, 2021)

    What's Changed

    • create tags on release by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/111
    • fix createRef by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/112

    Full Changelog: https://github.com/XenitAB/go-oidc-middleware/compare/v0.0.19...v0.0.20

    Source code(tar.gz)
    Source code(zip)

  • v0.0.19(Nov 28, 2021)

    What's Changed

    • Bump github.com/lestrrat-go/jwx from 1.2.9 to 1.2.10 by @dependabot in https://github.com/XenitAB/go-oidc-middleware/pull/95
    • Move packages into separate modules by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/110

    Most likely a breaking change

    The PR https://github.com/XenitAB/go-oidc-middleware/pull/110 moves the different routers into their own separate packages. This means a lot of logic needs to be updated to make sure the tooling around (like coverage) works as expected.

    This is most likely a breaking change and when released, and will probably force other modules/programs that use this library to update on their side. I have never done this, which means I'm not sure.

    Sorry for that, but I will try to get it working and please create an issue if you see any obvious problems.

    This fixes #98

    Full Changelog: https://github.com/XenitAB/go-oidc-middleware/compare/v0.0.18...v0.0.19

    Source code(tar.gz)
    Source code(zip)

  • v0.0.18(Nov 5, 2021)

    What's Changed

    • Bump github.com/gofiber/fiber/v2 from 2.20.2 to 2.21.0 by @dependabot in https://github.com/XenitAB/go-oidc-middleware/pull/86
    • Bump github.com/gofiber/fiber/v2 from 2.20.2 to 2.21.0 in /examples by @dependabot in https://github.com/XenitAB/go-oidc-middleware/pull/87
    • Bump github.com/zclconf/go-cty from 1.9.1 to 1.10.0 by @dependabot in https://github.com/XenitAB/go-oidc-middleware/pull/89
    • Bump github.com/go-chi/chi/v5 from 5.0.4 to 5.0.5 by @dependabot in https://github.com/XenitAB/go-oidc-middleware/pull/85
    • bump deps by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/93

    Full Changelog: https://github.com/XenitAB/go-oidc-middleware/compare/v0.0.17...v0.0.18

    Source code(tar.gz)
    Source code(zip)

  • v0.0.17(Oct 26, 2021)

    Fixed bug

    • Resolve issue with nested claims by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/84

    What's Changed

    • Bump github.com/gofiber/fiber/v2 from 2.20.1 to 2.20.2 in /examples by @dependabot in https://github.com/XenitAB/go-oidc-middleware/pull/76
    • Bump github.com/gofiber/fiber/v2 from 2.20.1 to 2.20.2 by @dependabot in https://github.com/XenitAB/go-oidc-middleware/pull/77
    • Bump github.com/lestrrat-go/jwx from 1.2.7 to 1.2.8 by @dependabot in https://github.com/XenitAB/go-oidc-middleware/pull/80
    • Bump github.com/lestrrat-go/jwx from 1.2.8 to 1.2.9 by @dependabot in https://github.com/XenitAB/go-oidc-middleware/pull/81
    • Resolve issue with nested claims by @simongottschlag in https://github.com/XenitAB/go-oidc-middleware/pull/84
    • Bump goreleaser/goreleaser-action from 2.7.0 to 2.8.0 by @dependabot in https://github.com/XenitAB/go-oidc-middleware/pull/78
    • Bump github.com/cristalhq/aconfig from 0.16.6 to 0.16.7 in /examples by @dependabot in https://github.com/XenitAB/go-oidc-middleware/pull/79

    Full Changelog: https://github.com/XenitAB/go-oidc-middleware/compare/v0.0.16...v0.0.17

    Source code(tar.gz)
    Source code(zip)

  • v0.0.16(Oct 10, 2021)

    Changes

    • Add ability to use custom error handler (#75)

    Additional information

    It is possible to add a custom function to handle errors. It will not be possible to change anything using it, but you will be able to add logic for logging as an example.

    errorHandler := func(description options.ErrorDescription, err error) {
	fmt.Printf("Description: %s\tError: %v\n", description, err)
}

oidcHandler := oidcgin.New(
	options.WithIssuer(cfg.Issuer),
	options.WithFallbackSignatureAlgorithm(cfg.FallbackSignatureAlgorithm),
	options.WithRequiredClaims(map[string]interface{}{
		"cid": cfg.ClientID,
	}),
	options.WithErrorHandler(errorHandler),
)
    Source code(tar.gz)
    Source code(zip)

  • v0.0.15(Oct 7, 2021)

  • v0.0.14(Oct 2, 2021)

  • v0.0.13(Sep 26, 2021)

  • v0.0.12(Sep 19, 2021)

  • v0.0.11(Aug 24, 2021)

    Changes

    This PR adds the ability to manipulate a token string after it has been extracted from a header using options.WithTokenStringPostExtractionFn.

    Example:

    oidcHandler := oidcgin.New(
	options.WithIssuer(cfg.Issuer),
	options.WithFallbackSignatureAlgorithm(cfg.FallbackSignatureAlgorithm),
	options.WithRequiredClaims(map[string]interface{}{
		"cid": cfg.ClientID,
	}),
	options.WithTokenString(
		options.WithTokenStringHeaderName("Authorization"),
		options.WithTokenStringTokenPrefix("Bearer "),
	),
	options.WithTokenString(
		options.WithTokenStringHeaderName("Sec-WebSocket-Protocol"),
		options.WithTokenStringTokenPrefix("base64url.bearer.authorization.k8s.io."),
		options.WithTokenStringListSeparator(","),
		options.WithTokenStringPostExtractionFn(func(s string) (string, error) {
			bytes, err := base64.RawStdEncoding.DecodeString(s)
			if err != nil {
				return "", err
			}

			return string(bytes), nil
		}),
	),
)
    Source code(tar.gz)
    Source code(zip)

  • v0.0.10(Aug 23, 2021)

    Breaking change

    Token string options have been changed to make it easier to configure extraction of multiple headers.

    Example:

    oidcHandler := oidcgin.New(
	options.WithIssuer(cfg.Issuer),
	options.WithFallbackSignatureAlgorithm(cfg.FallbackSignatureAlgorithm),
	options.WithRequiredClaims(map[string]interface{}{
		"cid": cfg.ClientID,
	}),
	options.WithTokenString(
		options.WithTokenStringHeaderName("Authorization"),
		options.WithTokenStringTokenPrefix("Bearer "),
	),
	options.WithTokenString(
		options.WithTokenStringHeaderName("Sec-WebSocket-Protocol"),
		options.WithTokenStringTokenPrefix("base64url.bearer.authorization.k8s.io."),
		options.WithTokenStringListSeparator(","),
	),
)
    Source code(tar.gz)
    Source code(zip)
Owner
Xenit AB
Xenit AB
GitHub
Minimalist net/http middleware for golang

interpose Interpose is a minimalist net/http middleware framework for golang. It uses http.Handler as its core unit of functionality, minimizing compl

James Pirruccello 296 Sep 27, 2022
Lightweight Middleware for net/http

MuxChain MuxChain is a small package designed to complement net/http for specifying chains of handlers. With it, you can succinctly compose layers of

Stephen Searles 209 Dec 10, 2022
Idiomatic HTTP Middleware for Golang

Negroni Notice: This is the library formerly known as github.com/codegangsta/negroni -- Github will automatically redirect requests to this repository

null 7.3k Jan 2, 2023
A tiny http middleware for Golang with added handlers for common needs.

rye A simple library to support http services. Currently, rye provides a middleware handler which can be used to chain http handlers together while pr

InVision 99 Jan 4, 2023
A collection of useful middleware for Go HTTP services & web applications 🛃

gorilla/handlers Package handlers is a collection of handlers (aka "HTTP middleware") for use with Go's net/http package (or any framework supporting

Gorilla Web Toolkit 1.5k Dec 31, 2022
Simple middleware to rate-limit HTTP requests.

Tollbooth This is a generic middleware to rate-limit HTTP requests. NOTE 1: This library is considered finished. NOTE 2: Major version changes are bac

Didip Kerabat 2.3k Dec 28, 2022
Go HTTP middleware to filter clients by IP

Go HTTP middleware to filter clients by IP

cristaltech 4 Oct 30, 2022
Chi ip banner is a chi middleware that bans some ips from your Chi http server.

Chi Ip Banner Chi ip banner is a chi middleware that bans some ips from your Chi http server. It reads a .txt file in your project's root, called bani

null 1 Jan 4, 2022
Painless middleware chaining for Go

Alice Alice provides a convenient way to chain your HTTP middleware functions and the app handler. In short, it transforms Middleware1(Middleware2(Mid

Justinas Stankevičius 2.7k Dec 26, 2022
A Go middleware that stores various information about your web application (response time, status code count, etc.)

Go stats handler stats is a net/http handler in golang reporting various metrics about your web application. This middleware has been developed and re

Florent Messa 586 Dec 10, 2022
gorilla/csrf provides Cross Site Request Forgery (CSRF) prevention middleware for Go web applications & services 🔒

gorilla/csrf gorilla/csrf is a HTTP middleware library that provides cross-site request forgery (CSRF) protection. It includes: The csrf.Protect middl

Gorilla Web Toolkit 863 Jan 9, 2023
URL Rewrite middleware for gin

Url Rewrite middleware for gin Example In this exable these urls use the same route http://localhost:1234/test-me http://localhost:1234/index.php/test

Lucian I. Last 3 Sep 15, 2022
A customized middleware of DAPR.

A customized middleware of DAPR.

Gatty 1 Dec 24, 2021
Gin middleware for session.

wsession Gin middleware for session management with multi-backend support: cookie-based Redis memstore Usage Start using it Download and install it: g

null 0 Jan 9, 2022
Fiber middleware for server-timing

Server Timing This is a Fiber middleware for the [W3C Server-Timing API] based on mitchellh/go-server-timing

Vlad Fratila 0 Feb 6, 2022
echo-http - Echo http service

echo-http - Echo http service Responds with json-formatted echo of the incoming request and with a predefined message. Can be install directly (go get

Umputun 12 Dec 4, 2022
Composable chains of nested http.Handler instances.

chain go get github.com/codemodus/chain Package chain aids the composition of nested http.Handler instances. Nesting functions is a simple concept. I

Code Modus 65 Sep 27, 2022
Add interceptors to GO http.Client

mediary Add interceptors to http.Client and you will be able to Dump request and/or response to a Log Alter your requests before they are sent or resp

Here Mobility SDK 82 Nov 17, 2022
A HTTP mole service

httpmole provides a HTTP mock server that will act as a mole among your services, telling you everything http clients send to it and responding them whatever you want it to respond. Just like an actual mole.

José Carlos Chávez 130 Jul 27, 2022