AuthLib Library

The AuthLib Client Library is a Go package designed to provide a streamlined and efficient way to interact with the Sky-Auth Authentication server. This package provides an HTTP client along with associated methods and data types to handle the following functionalities:

1. Service Account Registration: It provides the ability to register new service accounts. A service account is created with a specified name and a set of roles.
2. Service Account Authentication: The library can authenticate a service account using the account ID and secret key, returning a JWT token upon successful authentication.
3. User Authentication Verification: The library can verify the authentication status of a user using a provided JWT token. It sends a GET request to the '/is-authenticated' endpoint of the authentication server.
4. User Authorization Verification: The library can also verify a user's authorization to perform a specific action using a provided JWT token and a permission string.

All the functionalities make use of the Sky-Auth Authentication server's API endpoints and expect responses in specific JSON formats.

It also comes with built-in error handling and provides custom error types for each function, such as CheckUserAuthorizationError, VerifyUserAuthenticationError, AuthenticateServiceAccountError, and RegisterServiceAccountError.

This library is designed to be simple, robust, and easily integratable into any Go project that needs to interact with the Sky-Auth Authentication server. It emphasizes on ease of use and readability while maintaining strong typing and error handling typical in Go codebases.

Installation

go get github.com/PiccoloMondoC/authlib

Usage

Firstly, you need to create a new authlib.Client instance.

import "github.com/PiccoloMondoC/authlib"

client := authlib.NewClient(baseURL, logger)

Register a Service Account

accountID, secret, err := client.RegisterServiceAccount(context.Background(), "account-name", []string{"role1", "role2"})
if err != nil {
	// handle error
}

This function will register a new service account with the provided name and roles. The function will return the accountID and secret of the newly created account.

Authenticate a Service Account

token, err := client.AuthenticateServiceAccount(context.Background(), accountID, secret)
if err != nil {
	// handle error
}

This function will authenticate a service account using its accountID and secretKey and return a JWT token if successful.

Verify User Authentication

isAuthenticated, err := client.VerifyUserAuthentication(context.Background(), token)
if err != nil {
	// handle error
}

This function verifies a JWT token and returns a boolean value indicating whether the token is valid.

Check User Authorization

hasPermission, err := client.CheckUserAuthorization(context.Background(), token, "permission")
if err != nil {
	// handle error
}

This function verifies a user's authorization to perform a certain action (specified by the permission argument) and returns a boolean value indicating whether the user has the required permissions.

Error Handling

All the functions will return an error in case of a failure. The returned errors will be of the following types:

• CheckUserAuthorizationError
• VerifyUserAuthenticationError
• AuthenticateServiceAccountError
• RegisterServiceAccountError

These are custom error types that contain the base error and the status code returned from the SkyAuth server.

Logging

All the operations are logged using the provided logger; not included here.