Namespace Sigstore.Oidc

Classes

AmbientTokenProvider

Ordered chain of ambient OIDC token providers: GitHub Actions → SIGSTORE_ID_TOKEN env var. Throws OidcTokenException if no provider is available.

EnvVarTokenProvider

Reads an OIDC token from the SIGSTORE_ID_TOKEN environment variable.

GitHubActionsTokenProvider

Obtains an OIDC token from the GitHub Actions runtime via ACTIONS_ID_TOKEN_REQUEST_URL and ACTIONS_ID_TOKEN_REQUEST_TOKEN.

StaticTokenProvider

Wraps a pre-fetched JWT string. Intended for testing and controlled automation only — not for tokens obtained interactively or from untrusted sources. IsAvailable always returns true; no token validation is performed.

Interfaces

IOidcTokenProvider

Provides OIDC tokens for Sigstore keyless signing.