Authentication & authorization | go-openapi runtime

Authentication & authorization | go-openapi runtimehttps://go-openapi.github.io/runtime/usage/examples/auth/index.htmlWorked examples covering API keys, HTTP Basic, Bearer/JWT, OAuth2 access-code flow, composed schemes, custom authorizers, and client-side credential attachment.Hugoen-usAPI key (single scheme)https://go-openapi.github.io/runtime/usage/examples/auth/api-key/index.htmlMon, 01 Jan 0001 00:00:00 +0000https://go-openapi.github.io/runtime/usage/examples/auth/api-key/index.htmlSimplest server-side auth — a single API key carried in a header (or query parameter), validated against a static map.HTTP Basichttps://go-openapi.github.io/runtime/usage/examples/auth/basic/index.htmlMon, 01 Jan 0001 00:00:00 +0000https://go-openapi.github.io/runtime/usage/examples/auth/basic/index.htmlRFC 7617 Basic auth with realm and a WWW-Authenticate challenge on failure.Bearer + JWThttps://go-openapi.github.io/runtime/usage/examples/auth/bearer-jwt/index.htmlMon, 01 Jan 0001 00:00:00 +0000https://go-openapi.github.io/runtime/usage/examples/auth/bearer-jwt/index.htmlOAuth2-style Bearer tokens carrying a JWT — verified locally, scope-checked against the operation's required scopes.Composed schemes (AND / OR)https://go-openapi.github.io/runtime/usage/examples/auth/composed/index.htmlMon, 01 Jan 0001 00:00:00 +0000https://go-openapi.github.io/runtime/usage/examples/auth/composed/index.htmlMultiple security schemes per operation — AND inside an entry, OR between entries — with a single principal type.OAuth2 access-code (Google)https://go-openapi.github.io/runtime/usage/examples/auth/oauth2-access-code/index.htmlMon, 01 Jan 0001 00:00:00 +0000https://go-openapi.github.io/runtime/usage/examples/auth/oauth2-access-code/index.htmlFull OAuth2 access-code handshake against Google — login redirect, callback handler, token exchange and protected operations.Custom Authorizer (RBAC)https://go-openapi.github.io/runtime/usage/examples/auth/custom-authorizer/index.htmlMon, 01 Jan 0001 00:00:00 +0000https://go-openapi.github.io/runtime/usage/examples/auth/custom-authorizer/index.htmlPluggable Authorizer that gates the principal for the matched operation — a worked role-based access control example, orthogonal to whichever Authenticator was used.Client-side credentialshttps://go-openapi.github.io/runtime/usage/examples/auth/client-side/index.htmlMon, 01 Jan 0001 00:00:00 +0000https://go-openapi.github.io/runtime/usage/examples/auth/client-side/index.htmlAttaching auth information to outgoing requests — Basic, API key, Bearer, composed writers, and a custom HMAC signer.