refactor(shared-go): extract shared auth package from 3 Go services

Create packages/shared-go/authutil/ with two JWT validator implementations: - JWKSValidator: EdDSA JWKS validation with key caching (extracted from mana-sync) - RemoteValidator: delegates to mana-core-auth /api/v1/auth/validate (from mana-notify/gateway) Plus shared types (Claims, User), middleware factories (JWTMiddleware, ServiceKeyMiddleware), context helpers (GetUser, GetUserID, GetUserRole), and token extraction. Migrated services: - mana-sync: internal/auth/jwt.go now wraps authutil.JWKSValidator - mana-notify: internal/auth/auth.go now wraps authutil.RemoteValidator + ServiceKeyMiddleware - mana-api-gateway: internal/middleware/jwt.go now wraps authutil.RemoteValidator All 3 services compile and pass tests. Service-level packages re-export types for backward compatibility so no consumer code changes are needed. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-22 11:46:43 +02:00 · 2026-04-02 13:27:44 +02:00 · 2026-04-02 13:27:44 +02:00 · 4f70e1ca6c
commit 4f70e1ca6c
parent 509a541b70
14 changed files with 466 additions and 385 deletions
--- a/services/mana-sync/go.mod
+++ b/services/mana-sync/go.mod
@ -1,15 +1,16 @@
 module github.com/manacore/mana-sync

-go 1.23
+go 1.25.0

 require (
 	github.com/coder/websocket v1.8.12
-	github.com/golang-jwt/jwt/v5 v5.2.1
 	github.com/jackc/pgx/v5 v5.7.2
+	github.com/manacore/shared-go v0.0.0
 	github.com/rs/cors v1.11.1
 )

 require (
+	github.com/golang-jwt/jwt/v5 v5.3.1 // indirect
 	github.com/jackc/pgpassfile v1.0.0 // indirect
 	github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect
 	github.com/jackc/puddle/v2 v2.2.2 // indirect
@ -17,3 +18,5 @@ require (
 	golang.org/x/sync v0.10.0 // indirect
 	golang.org/x/text v0.21.0 // indirect
 )
+
+replace github.com/manacore/shared-go => ../../packages/shared-go