Support for Authentication Definitions (Security Schemes) like OpenAPI #54
Description
Description
Thank you for providing such a great tool for generating API client and server code from Go interfaces!
However, it currently lacks a way to define authentication methods (such as API keys, JWT, or OAuth2) directly within the Oto interface definitions.
In OpenAPI, we can specify security schemes (e.g., http, oauth2, apiKey) to define authentication requirements for different endpoints. It would be very helpful if Oto provided a similar mechanism to declare authentication requirements, so that authentication could be automatically enforced or documented in the generated code.
Proposed Solution
- Introduce a way to define authentication within the Oto interface, similar to OpenAPI security schemes.
- Possible approaches:
- Add a struct tag (e.g.,
@auth:"bearer"for authentication). - Define authentication at the service level using a special interface or annotation.
- Generate authentication middleware automatically in the output code.
- Add a struct tag (e.g.,
Example
A possible Oto-style interface might look like:
// @auth:"bearer"
type ProtectedService interface {
SecureMethod(ctx context.Context, req AuthenticatedRequest) (Response, error)
}This would indicate that SecureMethod requires authentication via a Bearer token.
Benefits
- Simplifies authentication handling in Oto-generated services.
- Improves security by enforcing authentication at the interface level.
- Makes it easier to integrate Oto with existing authentication standards.
Would love to hear thoughts from the maintainers and community on whether this would be a useful addition!
Thank you!