Module oidc

OpenID-Connect bearer-token provider.

Supported algs : HS256 / 384 / 512 · RS256 / 384 / 512 · PS256 / 384 / 512 ES256 / 384 · EdDSA (Ed25519) Bypass rules : glob-style paths + method list, evaluated before token checks HMAC secret : optional shared-secret in config (required for HS* algs) JWKS refresh : lazy + every 30 min ± key-rotation retry

Structs

OidcConfig

Top-level OIDC section under "security_chain" in config.

OidcProvider

OpenID Connect security provider.

RouteRule

RouteRuleConfig

Constants

CLAIMS_ATTRIBUTE

JWKS_REFRESH