go-oidc VS spew

I use the following code with this lib

If oidc supported, check out https://github.com/coreos/go-oidc You can instantiate a oidc verifier by passing the oidc-configuration endpoint, set the remote public key set by passing the jwks endpoint. Then call Verify func. As long as the public key matches the private key used to sign the JWT (3rd part), you'll verify it and get the claim back, then unmarshall that claim to some struct and you're good to go.

This looks so far like some of the nicest ones. I'm sold if you add the possibility for OpenID connect authentication that can be configured via env variables to the container.

I did everything according to go-oidc examples: https://github.com/coreos/go-oidc/blob/v3/example/idtoken/app.go

go-oidc: github.com/coreos/go-oidc

If you actually have OpenID Connect then there are some good libraries to use for token management in that case. Iirc I prefer https://github.com/coreos/go-oidc, since it supports auto discovery and key rotation etc.

oklog/ulid to generate IDs. coreos/go-oidc for validating JWTs I get from auth. google/go-cmp for comparing structs in tests (unless the project is already using Testify). spf13/pflag because life's too short for Go's flag handling. getkin/kin-openapi for validating reqests/responses against my OpenAPI spec (in tests).

Hmm, this might be a relevant issue: https://github.com/golang/oauth2/issues/128 . On the face of it, it looks like https://github.com/coreos/go-oidc is a more thorough implementation...(?)

Take the output of your statement and run it through https://github.com/davecgh/go-spew spew.Dump. It will not be what you expect. See if that helps. If not, ask more questions.

github.com/davecgh/go-spew

Are the doubles quotes intented in your imports? ""[github.com/davecgh/go-spew/spew](https://github.com/davecgh/go-spew/spew)"

go-spew - god sent for debugging