wso2
diff --git a/‎gateway/policies/basic-auth/v1.0.0/policy-definition.yaml‎
Lines changed: 27 additions & 34 deletions b/‎gateway/policies/basic-auth/v1.0.0/policy-definition.yaml‎
Lines changed: 27 additions & 34 deletions
diff --git a/‎gateway/policies/jwt-auth/v1.0.0/go.mod‎
Lines changed: 10 additions & 0 deletions b/‎gateway/policies/jwt-auth/v1.0.0/go.mod‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎gateway/policies/jwt-auth/v1.0.0/go.sum‎
Lines changed: 2 additions & 0 deletions b/‎gateway/policies/jwt-auth/v1.0.0/go.sum‎
Lines changed: 2 additions & 0 deletions
@@ -6,44 +6,37 @@ description: |
   metadata in the request context for downstream policies to use.
 
 parameters:
-  - name: username
-    type: string
-    required: true
-    description: |
-      Expected username for authentication.
-      Compared against the username in the Basic auth header.
-    validation:
+  type: object
+  properties:
+    username:
+      type: string
+      description: Expected username for authentication. Compared against the username
+        in the Basic auth header.
       minLength: 1
       maxLength: 256
-
-  - name: password
-    type: string
-    required: true
-    description: |
-      Expected password for authentication.
-      Compared against the password in the Basic auth header.
-    validation:
+    password:
+      type: string
+      description: Expected password for authentication. Compared against the password
+        in the Basic auth header.
       minLength: 1
       maxLength: 256
-
-  - name: allowUnauthenticated
-    type: boolean
-    required: false
-    default: false
-    description: |
-      If true, allows unauthenticated requests to proceed to upstream.
-      Authentication status is still recorded in metadata (auth.success = false).
-      If false (default), returns 401 Unauthorized for failed authentication.
-
-  - name: realm
-    type: string
-    required: false
-    default: "Restricted"
-    description: |
-      Authentication realm shown in the WWW-Authenticate header.
-      Displayed to users in browser authentication prompts.
-    validation:
+    allowUnauthenticated:
+      type: boolean
+      description: If true, allows unauthenticated requests to proceed to upstream.
+        Authentication status is still recorded in metadata (auth.success = false).
+        If false (default), returns 401 Unauthorized for failed authentication.
+      default: false
+    realm:
+      type: string
+      description: Authentication realm shown in the WWW-Authenticate header. Displayed
+        to users in browser authentication prompts.
       minLength: 1
       maxLength: 256
+      default: Restricted
+  required:
+  - username
+  - password
 
-initParameters: []
+initParameters:         
+  type: object
+  properties: {}
@@ -0,0 +1,10 @@
+module github.com/policy-engine/policies/jwt-auth
+
+go 1.23.0
+
+require (
+	github.com/golang-jwt/jwt/v5 v5.2.2
+	github.com/wso2/api-platform/sdk v1.0.0
+)
+
+replace github.com/wso2/api-platform/sdk => ../../../../sdk
@@ -0,0 +1,2 @@
+github.com/golang-jwt/jwt/v5 v5.2.2 h1:Rl4B7itRWVtYIHFrSNd7vhTiz9UpLdi6gZhZ3wEeDy8=
+github.com/golang-jwt/jwt/v5 v5.2.2/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+github.com/golang-jwt/jwt/v5 v5.2.2 h1:Rl4B7itRWVtYIHFrSNd7vhTiz9UpLdi6gZhZ3wEeDy8=`
	`2`	`+github.com/golang-jwt/jwt/v5 v5.2.2/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=`