till/managarten
1
0
Fork 0
mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-16 06:39:41 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
managarten/services/mana-notify/internal/auth/auth.go
Till JS 4f70e1ca6c refactor(shared-go): extract shared auth package from 3 Go services 
Create packages/shared-go/authutil/ with two JWT validator implementations:
- JWKSValidator: EdDSA JWKS validation with key caching (extracted from mana-sync)
- RemoteValidator: delegates to mana-core-auth /api/v1/auth/validate (from mana-notify/gateway)

Plus shared types (Claims, User), middleware factories (JWTMiddleware, ServiceKeyMiddleware),
context helpers (GetUser, GetUserID, GetUserRole), and token extraction.

Migrated services:
- mana-sync: internal/auth/jwt.go now wraps authutil.JWKSValidator
- mana-notify: internal/auth/auth.go now wraps authutil.RemoteValidator + ServiceKeyMiddleware
- mana-api-gateway: internal/middleware/jwt.go now wraps authutil.RemoteValidator

All 3 services compile and pass tests. Service-level packages re-export types
for backward compatibility so no consumer code changes are needed.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-02 13:27:44 +02:00

31 lines
943 B
Go
Raw Blame History

// Package auth provides authentication middleware for mana-notify.
// Delegates to shared-go/authutil for JWT and service key validation.
package auth
import (
"net/http"
"github.com/manacore/shared-go/authutil"
)
// Re-export types for backward compatibility.
type User = authutil.User
// UserContextKey is the context key for the authenticated user.
const UserContextKey = authutil.UserContextKey
// ValidateServiceKey checks the X-Service-Key header.
func ValidateServiceKey(serviceKey string) func(http.Handler) http.Handler {
return authutil.ServiceKeyMiddleware(serviceKey)
}
// ValidateJWT validates Bearer tokens against mana-core-auth.
func ValidateJWT(authURL string) func(http.Handler) http.Handler {
validator := authutil.NewRemoteValidator(authURL)
return authutil.JWTMiddleware(validator)
}
// GetUser extracts the authenticated user from context.
func GetUser(r *http.Request) *User {
return authutil.GetUser(r)
}
Reference in a new issue View git blame Copy permalink