Skip to content

chore: improve docs around remote claims related configuration for factor and options #345

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
denopink merged 1 commit into from
Mar 26, 2026
Merged

chore: improve docs around remote claims related configuration for factor and options #345

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 1 addition & 2 deletions token/claimBuilder.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -117,8 +117,7 @@ func (nc nonceClaimBuilder) AddClaims(_ context.Context, r *Request, target map[
return nil
}

// remoteClaimBuilder invokes a remote system to obtain claims. The metadata from a token request
// is passed as the payload.
// remoteClaimBuilder invokes a remote system to obtain claims.
type remoteClaimBuilder struct {
endpoint endpoint.Endpoint
url string
Expand Down
12 changes: 4 additions & 8 deletions token/factory.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,17 +30,13 @@ type Request struct {
// but will not override time-based claims such as nbf or exp.
Claims map[string]interface{}

// Metadata holds non-claim information about the request, usually garnered from the original HTTP request. This
// metadata is available to lower levels of infrastructure used by the Factory.
Metadata map[string]interface{}

// PathWildCards holds non-claim information about the request, usually garnered from the original HTTP request. This
// PathWildCards is available to remote claim builders
PathWildCards map[string]any

// TLS represents the state of any underlying TLS connection.
// For non-tls connections, this field is unset.
TLS *tls.ConnectionState

// The following fields are for remote claims' requests.
Metadata map[string]any // Metadata is the request payload.
PathWildCards map[string]any // PathWildCards are the request path wildcards.
}

// NewRequest returns an empty, fully initialized token Request
Expand Down
11 changes: 4 additions & 7 deletions token/options.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -201,13 +201,6 @@ type Options struct {
// or statically from configuration. For special processing around the partner id, set the PartnerID field.
Claims []Value

// Metadata describes non-claim data, which can be statically configured or supplied via a request
Metadata []Value

// PathWildCards holds non-claim information about the request, usually garnered from the original HTTP request. This
// PathWildCards is available to remote claim builders.
PathWildCards []Value

// PartnerID is the optional partner id configuration. If unset, no partner id processing is
// performed, though a partner id may still be configured as part of the claims.
PartnerID *PartnerID
Expand Down Expand Up @@ -238,4 +231,8 @@ type Options struct {
// and returns a set of claims to be merged into tokens returned by the Factory. Returned
// claims from the remote system do not override claims configured on the Factory.
Remote *RemoteClaims

// The following options are for remote claims' requests.
Metadata []Value // Metadata describes the non-claim request payload, which can be statically configured or supplied via a request.
PathWildCards []Value // PathWildCards are the request path wildcards, which can be statically configured or supplied via a HTTP request.
}
Loading