Merge branch 'main' of github.com:gofr-dev/gofr

Author: Umang01-hash

Diff for: .github/workflows/go.yml

@@ -329,7 +329,7 @@ jobs:
       # Install the linting tool
       - name: Install golangci-lint
         run: |
-          go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.62
+          go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.64
 
       - name: Get dependencies
         run: |

Diff for: README.md

@@ -137,4 +137,4 @@ If your PR is merged, or if you contribute by writing articles or promoting GoFr
 
 ### Partners
 
-<img src="https://resources.jetbrains.com/storage/products/company/brand/logos/jetbrains.png" alt="JetBrains logo" width="200">
+<img src="https://resources.jetbrains.com/storage/products/company/brand/logos/jetbrains.png" alt="JetBrains logo" width="200">

Diff for: docs/advanced-guide/debugging/page.md

@@ -0,0 +1,161 @@
+# Using `pprof` in GoFr Applications
+
+In GoFr applications, `pprof` profiling is automatically enabled. The profiling endpoints are served on the `METRICS_PORT`, which defaults to `2121` if not specified.
+
+This guide explains how to enable and use `pprof` in GoFr applications.
+
+---
+
+## Enabling `pprof` in GoFr
+
+### Prerequisites
+Ensure the `METRICS_PORT` is set (default is `2121`):
+   ```bash
+   METRICS_PORT=2121
+   ```
+
+GoFr automatically registers the following `pprof` routes:
+- `/debug/pprof/cmdline`
+- `/debug/pprof/profile`
+- `/debug/pprof/symbol`
+- `/debug/pprof/trace`
+- `/debug/pprof/` (index)
+
+---
+
+## Accessing `pprof` Endpoints
+
+Once `pprof` is enabled, you can access the profiling endpoints at `http://localhost:<METRICS_PORT>/debug/pprof/`. For example, if `METRICS_PORT` is `2121`, the endpoints will be available at:
+- `http://localhost:2121/debug/pprof/`
+
+### Available Endpoints
+1. **`/debug/pprof/cmdline`**:
+   - Returns the command-line arguments of the running application.
+
+2. **`/debug/pprof/profile`**:
+   - Generates a CPU profile for the application.
+
+3. **`/debug/pprof/symbol`**:
+   - Resolves program counters into function names.
+
+4. **`/debug/pprof/trace`**:
+   - Captures an execution trace of the application.
+
+5. **`/debug/pprof/` (index)**:
+   - Provides an index page with links to all available profiling endpoints, including memory, goroutine, and blocking profiles.
+
+---
+
+## Collecting Profiling Data
+
+### 1. **CPU Profiling**
+To collect a CPU profile:
+```bash
+curl -o cpu.pprof http://localhost:2121/debug/pprof/profile
+```
+
+### 2. **Memory Profiling**
+To collect a memory profile:
+```bash
+curl -o mem.pprof http://localhost:2121/debug/pprof/heap
+```
+
+### 3. **Goroutine Profiling**
+To collect information about running goroutines:
+```bash
+curl -o goroutine.pprof http://localhost:2121/debug/pprof/goroutine
+```
+
+### 4. **Execution Trace**
+To collect an execution trace:
+```bash
+curl -o trace.out http://localhost:2121/debug/pprof/trace
+```
+
+---
+
+## Analyzing Profiling Data
+
+### 1. Using go tool pprof
+To analyze CPU, memory, or goroutine profiles:
+```bash
+go tool pprof <profile_file>
+```
+
+#### **`top`**
+Shows the functions consuming the most resources (e.g., CPU or memory).
+   ```bash
+   go tool pprof cpu.pprof
+   (pprof) top
+   ```
+
+#### **`list`**
+Displays the source code of a specific function, along with resource usage.
+   ```bash
+   (pprof) list <function_name>
+   ```
+Example:
+   ```bash
+   (pprof) list main.myFunction
+   ```
+
+#### **`web`**
+Generates a visual representation of the profile in your browser. This requires Graphviz to be installed.
+   ```bash
+   (pprof) web
+   ```
+
+
+### 2. Using go tool trace
+To analyze execution traces:
+```bash
+go tool trace trace.out
+```
+
+---
+
+## Example Workflow
+
+1. **Set Environment Variables**:
+   ```bash
+   METRICS_PORT=2121
+   ```
+
+2. **Run Your GoFr Application**:
+   ```bash
+   go run main.go
+   ```
+
+3. **Collect Profiling Data**:
+   - Collect a CPU profile:
+     ```bash
+     curl -o cpu.pprof http://localhost:2121/debug/pprof/profile
+     ```
+   - Collect a memory profile:
+     ```bash
+     curl -o mem.pprof http://localhost:2121/debug/pprof/heap
+     ```
+
+
+4. **Analyze the Data**:
+   - Analyze the CPU profile:
+     ```bash
+     go tool pprof cpu.pprof
+     (pprof) top
+     (pprof) list main.myFunction
+     (pprof) web
+     ```
+   - Analyze the memory profile:
+     ```bash
+     go tool pprof mem.pprof
+     (pprof) top
+     (pprof) list main.myFunction
+     (pprof) web
+     ```
+
+---
+
+## References
+- [Go `pprof` Documentation](https://pkg.go.dev/net/http/pprof)
+- [Profiling Go Programs](https://blog.golang.org/profiling-go-programs)
+- [Go Execution Tracer](https://golang.org/doc/diagnostics.html#tracing)

Diff for: docs/advanced-guide/http-authentication/page.md

@@ -138,15 +138,72 @@ It involves sending the prefix `Bearer` trailed by the encoded token within the
 GoFr supports authenticating tokens encoded by algorithm `RS256/384/512`. 
 
 ### App level Authentication
-Enable OAuth 2.0 with three-legged flow to authenticate requests
+Enable OAuth 2.0 with three-legged flow to authenticate requests. Use `EnableOAuth(jwks-endpoint,refresh_interval, options ...jwt.ParserOption)` to configure GoFr with pre-defined credentials.
 
-Use `EnableOAuth(jwks-endpoint,refresh_interval)` to configure GoFr with pre-defined credentials.
+### Description
+`EnableOAuth` configures OAuth authentication middleware for the application.
+
+- It registers a new HTTP service to fetch **JSON Web Key Sets (JWKS)**, which are used to verify JWTs.
+- The JWKS endpoint is periodically refreshed based on the specified refresh interval.
+- Additional JWT validation options can be passed using `jwt.ParserOption`, allowing fine-grained control over claim validation.
+
+### Parameters
+| Parameter        | Type                | Description |
+|------------------|-------------------|-------------|
+| `jwksEndpoint`   | `string`           | URL of the JWKS endpoint used to retrieve signing keys for token verification. |
+| `refreshInterval` | `int`              | Interval (in seconds) at which the JWKS cache is refreshed. |
+| `options`        | `...jwt.ParserOption` | Optional JWT claim validation configurations, such as issuer, audience, and expiration requirements. |
+
+### Available JWT Claim Validations
+
+#### Expiration (`exp`) Validation
+If the `exp` claim is present, it is always validated to ensure the token has not expired. However, to make the `exp` claim mandatory in our JWT tokens, we can use:
+
+```go
+jwt.WithExpirationRequired()
+```
+> This ensures that every token must include the `exp` claim, making expiration validation a strict requirement.
+
+#### Issued At (`iat`) Validation
+If the `iat` claim is present, it is ensured that tokens are not accepted before their issuance time. No additional configuration is needed for this validation.
+
+#### Not Before (`nbf`) Validation
+If the `nbf` claim is present, it is always validated to ensure that a JWT is only valid after a certain time. No additional configuration is needed for this validation.
+
+#### Audience (`aud`) Validation
+Verifies that the token is intended for the expected audience.
+
+```go
+jwt.WithAudience("https://api.example.com")
+```
+
+#### Subject (`sub`) Validation
+Ensures the token is associated with the expected subject.
+
+```go
+jwt.WithSubject("[email protected]")
+```
+
+#### Issuer (`iss`) Validation
+Ensures the token is issued by a trusted authority.
+
+```go
+jwt.WithIssuer("https://auth.example.com")
+```
+
+### Example
 
 ```go
 func main() {
 	app := gofr.New()
 
-	app.EnableOAuth("http://jwks-endpoint", 20)
+	app.EnableOAuth(
+		"http://jwks-endpoint", 
+		20,
+        jwt.WithExpirationRequired(), // to enforce presence of exp claim in every token
+        jwt.WithAudience("https://api.example.com"),
+        jwt.WithIssuer("https://auth.example.com")
+		)
 
 	app.GET("/protected-resource", func(c *gofr.Context) (interface{}, error) {
 		// Handle protected resource access

Diff for: docs/datasources/getting-started/page.md

@@ -148,9 +148,9 @@ as unnecessary database drivers are not being compiled and added to the build.
 -  SurrealDB
 - ✅
 - ✅
--
 - ✅
--
+- ✅
+- ✅
 ---
 
 

Diff for: docs/navigation.js

@@ -45,7 +45,7 @@ export const navigation = [
             {
                 title: 'Overriding Default',
                 href: '/docs/advanced-guide/overriding-default',
-                desc: "Understand how to override default configurations and behaviors in GoFR to tailor framework to your specific needs."
+                desc: "Understand how to override default configurations and behaviors in GoFr to tailor framework to your specific needs."
             },
             {
                 title: 'Remote Log Level Change',
@@ -70,12 +70,12 @@ export const navigation = [
             {
                 title: 'Adding Custom Middleware',
                 href: '/docs/advanced-guide/middlewares',
-                desc: "Learn how to add custom middleware to your GoFR application for enhanced functionality and request processing."
+                desc: "Learn how to add custom middleware to your GoFr application for enhanced functionality and request processing."
             },
             {
                 title: 'HTTP Communication',
                 href: '/docs/advanced-guide/http-communication',
-                desc: "Get familiar with making HTTP requests and handling responses within your GoFR application to facilitate seamless communication."
+                desc: "Get familiar with making HTTP requests and handling responses within your GoFr application to facilitate seamless communication."
             },
             {
                 title: 'HTTP Authentication',
@@ -95,52 +95,57 @@ export const navigation = [
             {
                 title: 'Handling Data Migrations',
                 href: '/docs/advanced-guide/handling-data-migrations',
-                desc: "Explore strategies for managing data migrations within your GoFR application to ensure smooth transitions and data integrity."
+                desc: "Explore strategies for managing data migrations within your GoFr application to ensure smooth transitions and data integrity."
             },
             {
                 title: 'Writing gRPC Server/Client',
                 href: '/docs/advanced-guide/grpc',
-                desc: "Step-by-step guide on writing a gRPC server in GoFR to facilitate efficient communication between services."
+                desc: "Step-by-step guide on writing a gRPC server in GoFr to facilitate efficient communication between services."
             },
             {
                 title: 'Using Pub/Sub',
                 href: '/docs/advanced-guide/using-publisher-subscriber',
-                desc: "Discover how to gofr seamlessly allows to integrate different Pub/Sub systems in your application for effective messaging and event-driven architectures."
+                desc: "Discover how to GoFr seamlessly allows to integrate different Pub/Sub systems in your application for effective messaging and event-driven architectures."
             },
             {
                 title: 'Key Value Store',
                 href: '/docs/advanced-guide/key-value-store',
-                desc: "Explore how to implement and manage a key-value store in your GoFR application for fast and efficient data retrieval."
+                desc: "Explore how to implement and manage a key-value store in your GoFr application for fast and efficient data retrieval."
             },
             {
                 title: 'Dealing with SQL',
                 href: '/docs/advanced-guide/dealing-with-sql',
-                desc: "Get insights into best practices for working with SQL databases in GoFR, including query optimization and error handling."
+                desc: "Get insights into best practices for working with SQL databases in GoFr, including query optimization and error handling."
             },
             {
                 title: 'Automatic SwaggerUI Rendering',
                 href: '/docs/advanced-guide/swagger-documentation',
-                desc: "Learn how to automatically render SwaggerUI documentation for your GoFR APIs, improving discoverability and usability."
+                desc: "Learn how to automatically render SwaggerUI documentation for your GoFr APIs, improving discoverability and usability."
             },
             {
                 title: 'Error Handling',
                 href: '/docs/advanced-guide/gofr-errors',
-                desc: "Understand error handling mechanisms in GoFR to ensure robust applications and improved user experience."
+                desc: "Understand error handling mechanisms in GoFr to ensure robust applications and improved user experience."
             },
             {
                 title: 'Handling File',
                 href: '/docs/advanced-guide/handling-file',
-                desc: "Explore how GoFR enables efficient file handling by abstracting remote and local filestore providers in your Go application. Learn to manage file uploads, downloads, and storage seamlessly, enhancing your application's capability to work with diverse data sources."
+                desc: "Explore how GoFr enables efficient file handling by abstracting remote and local filestore providers in your Go application. Learn to manage file uploads, downloads, and storage seamlessly, enhancing your application's capability to work with diverse data sources."
             },
             {
                 title: 'WebSockets',
                 href: '/docs/advanced-guide/websocket',
-                desc: "Explore how gofr eases the process of WebSocket communication in your Golang application for real-time data exchange."
+                desc: "Explore how GoFr eases the process of WebSocket communication in your Golang application for real-time data exchange."
             },
             {
                 title: 'Serving-Static Files',
                 href: '/docs/advanced-guide/serving-static-files',
                 desc: "Know how GoFr automatically serves static content from a static folder in the application directory."
+            },
+            {
+                title: 'Profiling in GoFr Applications',
+                href: '/docs/advanced-guide/debugging',
+                desc: "Discover GoFr auto-enables pprof profiling by leveraging its built-in configurations."
             }
         ],
     },