History

Michael Netshipise 78c6e1a0d9 Add admin surface (AuthAdminService) + scoped token verification — v0.2.1 - Vendor st-peter-admin.proto (sync-protos.sh now syncs both; health.proto remains excluded). Stubs generated for Rust/Go/TS. - Rust: AdminClient — actor-credentialed wrappers over the admin surface (assign_role/unassign_role with target + expiry, get_assignable_roles/ targets, get_user_with_roles, search_users, get_users_by_role, create/delete/restore_user, get/clear_user_sessions), Actor type, Error::Rejected for success=false responses, raw() escape hatch. - All languages: verify_token_scoped(token, scopes) — roles filtered by role_scopes (e.g. ["cms"]); cache keyed per (token, scopes) so filtered and unfiltered verifications never share an entry. verify_token now delegates to the scoped variant with no filter. - README: shared-vs-local role rule replaces 'authorization local'; admin surface documented; examples bumped. Tagged v0.2.1 in lockstep with the st-peter server line. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>		2026-06-10 21:00:41 +02:00
..
genpb	Add admin surface (AuthAdminService) + scoped token verification — v0.2.1	2026-06-10 21:00:41 +02:00
README.md	first commit	2026-06-10 14:45:00 +02:00
auth.go	Add admin surface (AuthAdminService) + scoped token verification — v0.2.1	2026-06-10 21:00:41 +02:00
go.mod	first commit	2026-06-10 14:45:00 +02:00
go.sum	first commit	2026-06-10 14:45:00 +02:00

README.md

st-peter-client (Go)

Official Go client for st-peter (aura-users). Generated stubs are committed under genpb/ (regenerate with ../scripts/gen-go.sh); the stpeter.AuthClient wrapper (token-verify cache, login/2FA/lookup) is layered on top.

auth, err := stpeter.Connect("127.0.0.1:9091")
user, err := auth.VerifyToken(ctx, token) // cached ~60s

See the repo root README for versioning and the authentication-central / authorization-local design.