kanboard-api/auth.go

package kanboard

import (
	"encoding/base64"
	"net/http"
)

// Authenticator applies authentication to HTTP requests.
type Authenticator interface {
	Apply(req *http.Request)
}

// apiTokenAuth implements API token authentication.
type apiTokenAuth struct {
	user       string
	token      string
	headerName string
}

// Apply adds HTTP Basic Auth with the configured user (or "jsonrpc" if empty) and the API token.
func (a *apiTokenAuth) Apply(req *http.Request) {
	user := a.user
	if user == "" {
		user = "jsonrpc"
	}
	if a.headerName != "" {
		req.Header.Set(a.headerName, "Basic "+basicAuthValue(user, a.token))
	} else {
		req.SetBasicAuth(user, a.token)
	}
}

// basicAuth implements username/password authentication.
type basicAuth struct {
	username   string
	password   string
	headerName string
}

// Apply adds HTTP Basic Auth with username and password.
func (a *basicAuth) Apply(req *http.Request) {
	if a.headerName != "" {
		req.Header.Set(a.headerName, "Basic "+basicAuthValue(a.username, a.password))
	} else {
		req.SetBasicAuth(a.username, a.password)
	}
}

// basicAuthValue returns the base64-encoded value for HTTP Basic Auth.
func basicAuthValue(username, password string) string {
	auth := username + ":" + password
	return base64.StdEncoding.EncodeToString([]byte(auth))
}
Implement JSON-RPC client foundation Add core JSON-RPC 2.0 protocol implementation for Kanboard API: - JSONRPCRequest/Response/Error structs with proper JSON tags - Generic call() method for sending requests and parsing responses - Thread-safe request ID generation using atomic.Int64 - Automatic /jsonrpc.php path appending to baseURL - Support for subdirectory installations - HTTP Basic Auth support (API token and username/password) - Error handling for unauthorized/forbidden responses Includes comprehensive tests with httptest mock server. Closes: kanboard-api-2g1 2026-01-15 18:10:35 +01:00			`package kanboard`

Add WithAuthHeader for custom authentication header name Support configuring a custom HTTP header name for authentication (e.g., X-API-Auth instead of Authorization) for Kanboard servers with specific proxy configurations that use alternative auth headers. - Add headerName field to apiTokenAuth and basicAuth structs - Add WithAuthHeader() fluent method to Client - Auth methods pass custom header name when creating auth structs - Add tests for custom header with API token, basic auth, and custom user Closes kanboard-9wa Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-23 18:26:55 +01:00			`import (`
			`"encoding/base64"`
			`"net/http"`
			`)`
Implement JSON-RPC client foundation Add core JSON-RPC 2.0 protocol implementation for Kanboard API: - JSONRPCRequest/Response/Error structs with proper JSON tags - Generic call() method for sending requests and parsing responses - Thread-safe request ID generation using atomic.Int64 - Automatic /jsonrpc.php path appending to baseURL - Support for subdirectory installations - HTTP Basic Auth support (API token and username/password) - Error handling for unauthorized/forbidden responses Includes comprehensive tests with httptest mock server. Closes: kanboard-api-2g1 2026-01-15 18:10:35 +01:00
			`// Authenticator applies authentication to HTTP requests.`
			`type Authenticator interface {`
			`Apply(req *http.Request)`
			`}`

			`// apiTokenAuth implements API token authentication.`
			`type apiTokenAuth struct {`
Add WithAuthHeader for custom authentication header name Support configuring a custom HTTP header name for authentication (e.g., X-API-Auth instead of Authorization) for Kanboard servers with specific proxy configurations that use alternative auth headers. - Add headerName field to apiTokenAuth and basicAuth structs - Add WithAuthHeader() fluent method to Client - Auth methods pass custom header name when creating auth structs - Add tests for custom header with API token, basic auth, and custom user Closes kanboard-9wa Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-23 18:26:55 +01:00			`user string`
			`token string`
			`headerName string`
Implement JSON-RPC client foundation Add core JSON-RPC 2.0 protocol implementation for Kanboard API: - JSONRPCRequest/Response/Error structs with proper JSON tags - Generic call() method for sending requests and parsing responses - Thread-safe request ID generation using atomic.Int64 - Automatic /jsonrpc.php path appending to baseURL - Support for subdirectory installations - HTTP Basic Auth support (API token and username/password) - Error handling for unauthorized/forbidden responses Includes comprehensive tests with httptest mock server. Closes: kanboard-api-2g1 2026-01-15 18:10:35 +01:00			`}`

Add optional API user support for token authentication - Add user field to apiTokenAuth struct - Add WithAPITokenUser(token, user) method for custom username - Default to "jsonrpc" when no user specified (backward compatible) - Add tests for custom user and empty user scenarios Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-23 17:55:31 +01:00			`// Apply adds HTTP Basic Auth with the configured user (or "jsonrpc" if empty) and the API token.`
Implement JSON-RPC client foundation Add core JSON-RPC 2.0 protocol implementation for Kanboard API: - JSONRPCRequest/Response/Error structs with proper JSON tags - Generic call() method for sending requests and parsing responses - Thread-safe request ID generation using atomic.Int64 - Automatic /jsonrpc.php path appending to baseURL - Support for subdirectory installations - HTTP Basic Auth support (API token and username/password) - Error handling for unauthorized/forbidden responses Includes comprehensive tests with httptest mock server. Closes: kanboard-api-2g1 2026-01-15 18:10:35 +01:00			`func (a apiTokenAuth) Apply(req http.Request) {`
Add optional API user support for token authentication - Add user field to apiTokenAuth struct - Add WithAPITokenUser(token, user) method for custom username - Default to "jsonrpc" when no user specified (backward compatible) - Add tests for custom user and empty user scenarios Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-23 17:55:31 +01:00			`user := a.user`
			`if user == "" {`
			`user = "jsonrpc"`
			`}`
Add WithAuthHeader for custom authentication header name Support configuring a custom HTTP header name for authentication (e.g., X-API-Auth instead of Authorization) for Kanboard servers with specific proxy configurations that use alternative auth headers. - Add headerName field to apiTokenAuth and basicAuth structs - Add WithAuthHeader() fluent method to Client - Auth methods pass custom header name when creating auth structs - Add tests for custom header with API token, basic auth, and custom user Closes kanboard-9wa Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-23 18:26:55 +01:00			`if a.headerName != "" {`
			`req.Header.Set(a.headerName, "Basic "+basicAuthValue(user, a.token))`
			`} else {`
			`req.SetBasicAuth(user, a.token)`
			`}`
Implement JSON-RPC client foundation Add core JSON-RPC 2.0 protocol implementation for Kanboard API: - JSONRPCRequest/Response/Error structs with proper JSON tags - Generic call() method for sending requests and parsing responses - Thread-safe request ID generation using atomic.Int64 - Automatic /jsonrpc.php path appending to baseURL - Support for subdirectory installations - HTTP Basic Auth support (API token and username/password) - Error handling for unauthorized/forbidden responses Includes comprehensive tests with httptest mock server. Closes: kanboard-api-2g1 2026-01-15 18:10:35 +01:00			`}`

			`// basicAuth implements username/password authentication.`
			`type basicAuth struct {`
Add WithAuthHeader for custom authentication header name Support configuring a custom HTTP header name for authentication (e.g., X-API-Auth instead of Authorization) for Kanboard servers with specific proxy configurations that use alternative auth headers. - Add headerName field to apiTokenAuth and basicAuth structs - Add WithAuthHeader() fluent method to Client - Auth methods pass custom header name when creating auth structs - Add tests for custom header with API token, basic auth, and custom user Closes kanboard-9wa Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-23 18:26:55 +01:00			`username string`
			`password string`
			`headerName string`
Implement JSON-RPC client foundation Add core JSON-RPC 2.0 protocol implementation for Kanboard API: - JSONRPCRequest/Response/Error structs with proper JSON tags - Generic call() method for sending requests and parsing responses - Thread-safe request ID generation using atomic.Int64 - Automatic /jsonrpc.php path appending to baseURL - Support for subdirectory installations - HTTP Basic Auth support (API token and username/password) - Error handling for unauthorized/forbidden responses Includes comprehensive tests with httptest mock server. Closes: kanboard-api-2g1 2026-01-15 18:10:35 +01:00			`}`

			`// Apply adds HTTP Basic Auth with username and password.`
			`func (a basicAuth) Apply(req http.Request) {`
Add WithAuthHeader for custom authentication header name Support configuring a custom HTTP header name for authentication (e.g., X-API-Auth instead of Authorization) for Kanboard servers with specific proxy configurations that use alternative auth headers. - Add headerName field to apiTokenAuth and basicAuth structs - Add WithAuthHeader() fluent method to Client - Auth methods pass custom header name when creating auth structs - Add tests for custom header with API token, basic auth, and custom user Closes kanboard-9wa Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-23 18:26:55 +01:00			`if a.headerName != "" {`
			`req.Header.Set(a.headerName, "Basic "+basicAuthValue(a.username, a.password))`
			`} else {`
			`req.SetBasicAuth(a.username, a.password)`
			`}`
			`}`

			`// basicAuthValue returns the base64-encoded value for HTTP Basic Auth.`
			`func basicAuthValue(username, password string) string {`
			`auth := username + ":" + password`
			`return base64.StdEncoding.EncodeToString([]byte(auth))`
Implement JSON-RPC client foundation Add core JSON-RPC 2.0 protocol implementation for Kanboard API: - JSONRPCRequest/Response/Error structs with proper JSON tags - Generic call() method for sending requests and parsing responses - Thread-safe request ID generation using atomic.Int64 - Automatic /jsonrpc.php path appending to baseURL - Support for subdirectory installations - HTTP Basic Auth support (API token and username/password) - Error handling for unauthorized/forbidden responses Includes comprehensive tests with httptest mock server. Closes: kanboard-api-2g1 2026-01-15 18:10:35 +01:00			`}`