Keysmith

Go Package Reference

Complete Go package index for Keysmith.

Package index

PackageImport pathPurpose
keysmithgithub.com/xraph/keysmithCore engine, types, hasher, generator, scope helpers
keygithub.com/xraph/keysmith/keyKey entity, lifecycle states, store interface
policygithub.com/xraph/keysmith/policyPolicy entity, store interface
scopegithub.com/xraph/keysmith/scopeScope entity, key-scope assignment, store interface
usagegithub.com/xraph/keysmith/usageUsage records, aggregation, store interface
rotationgithub.com/xraph/keysmith/rotationRotation records, reasons, store interface
idgithub.com/xraph/keysmith/idTypeID-based entity identifiers (akey, kpol, kusg, krot, kscp)
storegithub.com/xraph/keysmith/storeComposite store interface embedding all sub-stores
store/memorygithub.com/xraph/keysmith/store/memoryIn-memory store for testing
store/postgresgithub.com/xraph/keysmith/store/postgresPostgreSQL store with embedded migrations
plugingithub.com/xraph/keysmith/pluginLifecycle hook interfaces and dispatch manager
audit_hookgithub.com/xraph/keysmith/audit_hookAudit trail plugin
observabilitygithub.com/xraph/keysmith/observabilityMetrics plugin (go-utils counters)
warden_hookgithub.com/xraph/keysmith/warden_hookWarden authorization bridge plugin
apigithub.com/xraph/keysmith/apiForge-style REST API handlers with OpenAPI metadata
middlewaregithub.com/xraph/keysmith/middlewareHTTP middleware for API key validation and scope checks
extensiongithub.com/xraph/keysmith/extensionForge extension adapter (DI, routes, migration)

Core types

keysmith.Engine

The central engine that coordinates all subsystems.

func NewEngine(opts ...Option) (*Engine, error)

func (e *Engine) CreateKey(ctx context.Context, input *CreateKeyInput) (*key.CreateResult, error)
func (e *Engine) ValidateKey(ctx context.Context, rawKey string) (*ValidationResult, error)
func (e *Engine) RotateKey(ctx context.Context, keyID id.KeyID, reason rotation.Reason, graceTTL time.Duration) (*key.CreateResult, error)
func (e *Engine) RevokeKey(ctx context.Context, keyID id.KeyID, reason string) error
func (e *Engine) SuspendKey(ctx context.Context, keyID id.KeyID) error
func (e *Engine) ReactivateKey(ctx context.Context, keyID id.KeyID) error
func (e *Engine) GetKey(ctx context.Context, keyID id.KeyID) (*key.Key, error)
func (e *Engine) ListKeys(ctx context.Context, filter *key.ListFilter) ([]*key.Key, error)

keysmith.CreateKeyInput

type CreateKeyInput struct {
    Name        string
    Prefix      string
    Environment key.Environment
    Scopes      []string
    PolicyID    *id.PolicyID
    ExpiresAt   *time.Time
}

keysmith.ValidationResult

type ValidationResult struct {
    Key    *key.Key
    Scopes []string
}

Context helpers

func WithTenant(ctx context.Context, appID, tenantID string) context.Context
func AppIDFromContext(ctx context.Context) string
func TenantIDFromContext(ctx context.Context) string

Functional options

func WithStore(s store.Store) Option
func WithHasher(h Hasher) Option
func WithKeyGenerator(g KeyGenerator) Option
func WithRateLimiter(r RateLimiter) Option
func WithExtension(p plugin.Plugin) Option
func WithLogger(l *slog.Logger) Option

REST API

Keysmith REST API endpoints for key management.

On this page

Package indexCore typeskeysmith.Enginekeysmith.CreateKeyInputkeysmith.ValidationResultContext helpersFunctional options