NewAuthServiceListener creates a new HTTP-server for /auth-endpoint.

NewGoogleCloudTokenAuthenticator returns an implementation of interface Authenticator.

NewGoogleTokenService creates a new token service for Google Tokens.

NewGoogleWorkspaceClient creates new client for Google Workspace.

NewIdentityAccessManagementClient generates an implementation of PolicyBindingReader.

ErrInvalidGoogleCloudAuthentication is given as a general error when Authenticate(...) is not successful.

ErrMissingJWK is given when no JWK can be found in cache or retrieved.

ErrNoIdentityAwareProxyRoleForUser is returned when user does not have role for IAP.

ErrUnknownTokenType is given when token type is not identifiable.

AuthServiceListener is an implementation use authenticator on /auth-path.

GoogleCloudTokenAuthenticator is an implementation of Authenticator interface.

GoogleTokenClaims extends standard JWT claims with claim email.

GoogleTokenService is a backend representation to manage authn/authz of Google Tokens.

GoogleWorkspaceClient is an implementation of interface GoogleWorkspaceReader.

IdentityAccessManagementClient is a service implementation to retrieve bindings from Google Cloud.

PolicyBinding is a struct to retain policy information (of what is relevant).

ProxyServiceListener is an implementation of reverse proxy to use authenticator, either HTTP(S) and/or CONNECT.

Authenticator is generic interface for authentication.

GoogleWorkspaceClientReader interface abstracts functions required.

IdentityAccessManagementReader is an interface to abstract PolicyBindingService.

Listener is an interface for a listener implementation.

TokenVerifier is a generic interface as implemented by Google Token.

GoogleServiceAccount is custom type representation of identifier in Google Cloud (email).

GoogleServiceAccountRoleCollection is a collection of service account id to bindings per role.

PolicyBindingCollection is custom map type for Role to policy bindings.

PolicyBindings is a list of bindings attached to a role.

Role is a custom type representation of Role in GCP.