Add OIDC middleware

docs/advanced-guide/oidc-authentication/page.md

@@ -0,0 +1,64 @@
+# OIDC Authentication
+
+OpenID Connect (OIDC) is an identity layer built on top of OAuth 2.0 that enables secure user authentication and transmission of user profile information. It allows clients to verify end-user identities based on authentication performed by an authorization server.
+
+## Overview
+
+Authentication is a critical part of securing web applications by ensuring only authorized users can access protected resources. GoFR supports OIDC integration through middleware that validates Bearer tokens and fetches user information from the OIDC provider.
+
+## Setup
+
+To enable OIDC authentication in GoFR, configure the middleware with your OIDC provider’s UserInfo endpoint. This endpoint is used to validate access tokens and retrieve user claims.
+
+## Usage
+
+Here is an example of enabling OIDC authentication middleware in a GoFR application:
+
+```go
+package main
+
+import (
+"gofr.dev/gofr/pkg/gofr"
+"gofr.dev/gofr/pkg/gofr/http/middleware"
+)
+
+func main() {
+app := gofr.New()
+
+// Configure OIDC Auth Provider with your UserInfo endpoint
+oidcProvider := &middleware.OIDCAuthProvider{
+    UserInfoEndpoint: "https://your-oidc-provider.com/userinfo",
+}
+
+// Use the OIDC middleware for authentication
+app.Use(middleware.AuthMiddleware(oidcProvider))
+
+// Define a protected route
+app.GET("/profile", func(c *gofr.Context) (any, error) {
+    userClaims := c.UserInfo() // Access claims set by the middleware
+    return userClaims, nil
+})
+
+app.Run()
+}
+```
+
+## Error Handling
+
+The middleware handles common error scenarios including:
+
+- Missing or empty Bearer tokens
+- Invalid or expired tokens
+- Failure to fetch or parse user info from the UserInfo endpoint
+
+Appropriate HTTP 401 (Unauthorized) responses will be returned by the middleware in these cases.
+
+## Tips
+
+- Configure reasonable HTTP client timeouts in the middleware to avoid delays calling the UserInfo endpoint.
+- Consider caching user info responses if your application makes frequent authorization checks to improve performance.
+- Test your OIDC integration using tokens issued by your authorization server and confirm user claims are correctly propagated.
+
+---
+
+This integration enables robust and standardized authentication flows in GoFR applications using OpenID Connect.

docs/navigation.js

@@ -151,6 +151,11 @@ export const navigation = [
                 title: 'Profiling in GoFr Applications',
                 href: '/docs/advanced-guide/debugging',
                 desc: "Discover GoFr auto-enables pprof profiling by leveraging its built-in configurations."
+            },
+            {
+                title: 'OIDC Authentication',
+                href: '/docs/advanced-guide/oidc-authentication',
+                desc: 'Learn how to integrate OpenID Connect (OIDC) authentication using GoFR. Covers setup, configuration, and usage for secure authentication flows.'
             }
         ],
     },

go.mod

@@ -5,13 +5,15 @@ go 1.24
 require (
 	cloud.google.com/go/pubsub v1.49.0
 	github.com/DATA-DOG/go-sqlmock v1.5.2
+	github.com/MicahParks/keyfunc v1.9.0
 	github.com/XSAM/otelsql v0.39.0
 	github.com/alicebob/miniredis/v2 v2.35.0
 	github.com/dgraph-io/dgo/v210 v210.0.0-20230328113526-b66f8ae53a2d
 	github.com/eclipse/paho.mqtt.golang v1.5.0
 	github.com/go-redis/redismock/v9 v9.2.0
 	github.com/go-sql-driver/mysql v1.9.3
 	github.com/gogo/protobuf v1.3.2
+	github.com/golang-jwt/jwt/v4 v4.5.2
 	github.com/golang-jwt/jwt/v5 v5.3.0
 	github.com/google/uuid v1.6.0
 	github.com/gorilla/mux v1.8.1

go.sum

@@ -20,6 +20,8 @@ filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/DATA-DOG/go-sqlmock v1.5.2 h1:OcvFkGmslmlZibjAjaHm3L//6LiuBgolP7OputlJIzU=
 github.com/DATA-DOG/go-sqlmock v1.5.2/go.mod h1:88MAG/4G7SMwSE3CeA0ZKzrT5CiOU3OJ+JlNzwDqpNU=
+github.com/MicahParks/keyfunc v1.9.0 h1:lhKd5xrFHLNOWrDc4Tyb/Q1AJ4LCzQ48GVJyVIID3+o=
+github.com/MicahParks/keyfunc v1.9.0/go.mod h1:IdnCilugA0O/99dW+/MkvlyrsX8+L8+x95xuVNtM5jw=
 github.com/XSAM/otelsql v0.39.0 h1:4o374mEIMweaeevL7fd8Q3C710Xi2Jh/c8G4Qy9bvCY=
 github.com/XSAM/otelsql v0.39.0/go.mod h1:uMOXLUX+wkuAuP0AR3B45NXX7E9lJS2mERa8gqdU8R0=
 github.com/alicebob/miniredis/v2 v2.35.0 h1:QwLphYqCEAo1eu1TqPRN2jgVMPBweeQcR21jeqDCONI=
@@ -71,6 +73,9 @@ github.com/go-sql-driver/mysql v1.9.3/go.mod h1:qn46aNg1333BRMNU69Lq93t8du/dwxI6
 github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
 github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
 github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
+github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
+github.com/golang-jwt/jwt/v4 v4.5.2 h1:YtQM7lnr8iZ+j5q71MGKkNw9Mn7AjHM68uc9g5fXeUI=
+github.com/golang-jwt/jwt/v4 v4.5.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
 github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo=
 github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=