Skip to content

v0.1.0

Release Date: 2026-05-23

Initial release of OmniToken SDK.

Highlights

  • Bridge goauth credentials with vault-based storage via omnivault
  • Full token lifecycle management with automatic refresh
  • Support for all goauth credential types

Features

Token Manager

The core TokenManager provides credential and token lifecycle operations:

  • Store and retrieve credentials from vault backends
  • Automatic token acquisition and refresh
  • Configurable refresh buffer for proactive token renewal
  • Background refresh for long-running applications
  • HTTP client generation with automatic authentication

Credential Storage

CredentialsStore implements vault-backed goauth credential storage with support for:

  • OAuth2 (client credentials, authorization code, refresh token)
  • JWT bearer tokens
  • HTTP Basic Auth
  • Custom header/query authentication (API keys)
  • Google Cloud service accounts

Vault Token Set

VaultTokenSet implements goauth's tokens.TokenSet interface for persistent token storage:

  • Token serialization and deserialization
  • Field-based storage for multi-field providers
  • Access token, refresh token, and expiry tracking

Convenience Constructors

Multiple factory functions for easy initialization:

Constructor Description
NewFromVaultURI Initialize from vault URI string
NewFromCredentialsFile Load from goauth CredentialsSet JSON file
NewFromCredentialsSet Create from in-memory CredentialsSet
NewFromCredentials Create with single goauth credential
NewFromEnv Load configuration from environment variables
NewFromDirectory Load credentials from file directory

Installation

go get github.com/plexusone/omnitoken@v0.1.0

Quick Start

package main

import (
    "context"
    "log"

    "github.com/plexusone/omnitoken"
    "github.com/plexusone/omnivault/providers/memory"
)

func main() {
    // Create vault and token manager
    v, _ := memory.New()
    tm, _ := omnitoken.New(omnitoken.Config{Vault: v})

    // Store OAuth2 credentials
    creds := &goauth.Credentials{
        Type:         goauth.TypeOAuth2,
        OAuth2:       &goauth.CredentialsOAuth2{
            ClientID:     "client-id",
            ClientSecret: "client-secret",
            TokenURL:     "https://oauth.example.com/token",
        },
    }
    tm.SetCredentials(context.Background(), "my-service", creds)

    // Get authenticated HTTP client
    client, _ := tm.GetClient(context.Background(), "my-service")
    // Use client for API requests...
}

Documentation

Dependencies

  • goauth v0.23.30 - OAuth credentials framework
  • omnivault v0.5.0 - Vault abstraction layer
  • oauth2 v0.36.0 - OAuth2 client library