type AuthenticatedGroupAdder … // NewAuthenticatedGroupAdder wraps a request authenticator, and adds the system:authenticated group when appropriate. // Authentication must succeed, the user must not be system:anonymous, the groups system:authenticated or system:unauthenticated must // not be present func NewAuthenticatedGroupAdder(auth authenticator.Request) authenticator.Request { … } func (g *AuthenticatedGroupAdder) AuthenticateRequest(req *http.Request) (*authenticator.Response, bool, error) { … }