diff --git a/CHANGELOG.md b/CHANGELOG.md index d57a1f8..bf40eb5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,15 @@ Format follows [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ## [1.0.0] — 2026-05-08 +### Changed + +- Package renamed from `jwtauth` to `httpauthjwt` — follows ecosystem convention + (`repo name = package name`, hyphens removed); import path is unchanged + (`code.nochebuena.dev/go/httpauth-jwt`); update all usages from `jwtauth.X` to + `httpauthjwt.X` +- Dependency `code.nochebuena.dev/go/httpauth` bumped to v1.0.0 +- Dependency `code.nochebuena.dev/go/rbac` bumped to v1.0.0 (indirect) + ### Added **`Verifier` interface** — validates JWT strings. Narrowest interface; `AuthMiddleware` diff --git a/CLAUDE.md b/CLAUDE.md index 632d6e1..eec99ea 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -19,7 +19,7 @@ verification — all downstream middleware in `httpauth` is provider-agnostic. **Tier:** 4 (transport auth layer; depends on Tier 3 `httpauth` and `jwt/v5`) **Module:** `code.nochebuena.dev/go/httpauth-jwt` -**Package name:** `jwtauth` +**Package name:** `httpauthjwt` **Direct imports:** `code.nochebuena.dev/go/httpauth`, `github.com/golang-jwt/jwt/v5` **Transitive:** `code.nochebuena.dev/go/rbac` (indirect, via `httpauth`) diff --git a/auth.go b/auth.go index afc3920..a38f54e 100644 --- a/auth.go +++ b/auth.go @@ -1,4 +1,4 @@ -package jwtauth +package httpauthjwt import ( "net/http" diff --git a/compliance_test.go b/compliance_test.go index 878e911..f9f80d1 100644 --- a/compliance_test.go +++ b/compliance_test.go @@ -1,10 +1,10 @@ -package jwtauth_test +package httpauthjwt_test import ( "context" "time" - jwtauth "code.nochebuena.dev/go/httpauth-jwt" + httpauthjwt "code.nochebuena.dev/go/httpauth-jwt" "github.com/golang-jwt/jwt/v5" ) @@ -25,6 +25,6 @@ func (m *mockBlacklist) Revoke(_ context.Context, _ string, _ time.Duration) err } // Compile-time interface satisfaction checks. -var _ jwtauth.Signer = (*mockSigner)(nil) -var _ jwtauth.Verifier = (*mockVerifier)(nil) -var _ jwtauth.Blacklist = (*mockBlacklist)(nil) +var _ httpauthjwt.Signer = (*mockSigner)(nil) +var _ httpauthjwt.Verifier = (*mockVerifier)(nil) +var _ httpauthjwt.Blacklist = (*mockBlacklist)(nil) diff --git a/doc.go b/doc.go index 9b187e4..f8c3df8 100644 --- a/doc.go +++ b/doc.go @@ -1,4 +1,4 @@ -// Package jwtauth provides self-issued JWT authentication middleware and token +// Package httpauthjwt provides self-issued JWT authentication middleware and token // management for HTTP services. // // It integrates with code.nochebuena.dev/go/httpauth: AuthMiddleware verifies @@ -9,18 +9,18 @@ // // 1. Issue a token pair on login: // -// signer := jwtauth.NewHMACSigner([]byte(os.Getenv("JWT_SECRET"))) -// pair, err := jwtauth.IssueTokenPair(signer, uid, customClaims, cfg) +// signer := httpauthjwt.NewHMACSigner([]byte(os.Getenv("JWT_SECRET"))) +// pair, err := httpauthjwt.IssueTokenPair(signer, uid, customClaims, cfg) // // 2. Protect routes: // -// r.Use(jwtauth.AuthMiddleware(signer, publicPaths)) +// r.Use(httpauthjwt.AuthMiddleware(signer, publicPaths)) // r.Use(httpauth.EnrichmentMiddleware(myEnricher)) // // 3. Rotate tokens on refresh: // -// newPair, err := jwtauth.RefreshTokenPair(ctx, signer, refreshToken, blacklist, cfg, freshClaims) +// newPair, err := httpauthjwt.RefreshTokenPair(ctx, signer, refreshToken, blacklist, cfg, freshClaims) // // For microservices that only verify tokens (not issue them), use NewRSAPublicKeyVerifier // or NewRSAPublicKeyVerifierFromPEM with the public key only. -package jwtauth +package httpauthjwt diff --git a/go.mod b/go.mod index 6bf8ae3..a5c2710 100644 --- a/go.mod +++ b/go.mod @@ -3,8 +3,8 @@ module code.nochebuena.dev/go/httpauth-jwt go 1.25 require ( - code.nochebuena.dev/go/httpauth v0.1.0 + code.nochebuena.dev/go/httpauth v1.0.0 github.com/golang-jwt/jwt/v5 v5.2.1 ) -require code.nochebuena.dev/go/rbac v0.9.0 // indirect +require code.nochebuena.dev/go/rbac v1.0.0 // indirect diff --git a/go.sum b/go.sum index a1c4db2..c5557e3 100644 --- a/go.sum +++ b/go.sum @@ -1,6 +1,6 @@ -code.nochebuena.dev/go/httpauth v0.1.0 h1:86xldderCDBvBIvOYgbTg54C00nl1A1OaYVrTHL3BTY= -code.nochebuena.dev/go/httpauth v0.1.0/go.mod h1:DzvGBZVo9npBa1llB+sWL9lOcqaltRMmvh/eGXm+3jQ= -code.nochebuena.dev/go/rbac v0.9.0 h1:2fQngWIOeluIaMmo+H2ajT0NVw8GjNFJVi6pbdB3f/o= -code.nochebuena.dev/go/rbac v0.9.0/go.mod h1:LzW8tTJmdbu6HHN26NZZ3HzzdlZAd1sp6aml25Cfz5c= +code.nochebuena.dev/go/httpauth v1.0.0 h1:B2ypnlL7yQkePHC3EKo4LPgJbd5lWZ6RuA1o6sx84so= +code.nochebuena.dev/go/httpauth v1.0.0/go.mod h1:rGaQDInGkavpk8nbiG7azPqcyYsrwo0+E+ZNocRW2MY= +code.nochebuena.dev/go/rbac v1.0.0 h1:FnsU1HU6vvwchKuZNxDa9RPIFeNwJi0vShWvHKABMws= +code.nochebuena.dev/go/rbac v1.0.0/go.mod h1:LzW8tTJmdbu6HHN26NZZ3HzzdlZAd1sp6aml25Cfz5c= github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk= github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= diff --git a/jwtauth_test.go b/jwtauth_test.go index 6a3bbf8..5c2a957 100644 --- a/jwtauth_test.go +++ b/jwtauth_test.go @@ -1,4 +1,4 @@ -package jwtauth +package httpauthjwt import ( "context" diff --git a/refresh.go b/refresh.go index c352082..6f9def2 100644 --- a/refresh.go +++ b/refresh.go @@ -1,4 +1,4 @@ -package jwtauth +package httpauthjwt import ( "context" diff --git a/signer.go b/signer.go index 8c5a164..76765be 100644 --- a/signer.go +++ b/signer.go @@ -1,4 +1,4 @@ -package jwtauth +package httpauthjwt import ( "crypto/rsa" diff --git a/tokens.go b/tokens.go index 5dd039b..2b63047 100644 --- a/tokens.go +++ b/tokens.go @@ -1,4 +1,4 @@ -package jwtauth +package httpauthjwt import ( "crypto/rand"