auth

package
v2.21.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 9, 2024 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var MissingRolesError = fmt.Errorf("missing roles")

Functions

func HasAnyRole added in v2.2.3 

func HasAnyRole(holder TokenRoles, clientId string, roles ...string) bool

func HasRoles 

func HasRoles(holder TokenRoles, clientId string, roles ...string) bool

func RealmFromIDToken added in v2.0.14 

func RealmFromIDToken(oidcToken *oidc.IDToken) (string, error)

func TokenUserFromIDToken added in v2.17.0 

func TokenUserFromIDToken(oidcToken *oidc.IDToken) (string, error)

func WithJwtContext 

func WithJwtContext(ctx context.Context, realmUrl string, jwtContext JwtContext) context.Context

func WithJwtContextStorage 

func WithJwtContextStorage(ctx context.Context) context.Context

func WithRawTokenSource added in v2.2.11 

func WithRawTokenSource(ctx context.Context, rawTokenSource RawTokenSource) context.Context

func WrapAsRoleCheckFailedError added in v2.2.12 

func WrapAsRoleCheckFailedError(err error) error

Types

type JwtContext 

type JwtContext interface {
	UserFromToken(ctx context.Context, token string, clientId string) (string, error)
	RolesFromToken(ctx context.Context, token string, clientId string) (TokenRoles, error)
	OAuthConfig(ctx context.Context, clientId string, clientSecret string) (*oauth2.Config, error)
	ExchangeToken(ctx context.Context, token string, fromClient string, toClient string) (*oauth2.Token, error)
	ExchangeTokenWithConfig(ctx context.Context, token string, toClient string, oauthConfig oauth2.Config) (*oauth2.Token, error)
	GetToken(ctx context.Context, client string, username string, pwd string) (*oauth2.Token, error)
	GetTokenFromLiteralAccessToken(ctx context.Context, literalAccessToken, clientId string, withOfflineRefresh bool) (*oauth2.Token, error)
	GetTokenFromLiteralAccessTokenWithConfig(ctx context.Context, literalAccessToken string, withOfflineRefresh bool, oauthConfig oauth2.Config) (*oauth2.Token, error)
	RefreshToken(ctx context.Context, refreshToken string, client string) (*oauth2.Token, error)
	RefreshTokenWithConfig(ctx context.Context, refreshToken string, oauthConfig oauth2.Config) (*oauth2.Token, error)
	Sourcify(ctx context.Context, token *oauth2.Token, client string) (oauth2.TokenSource, error)
	OAuthEndpoint(ctx context.Context) (*oauth2.Endpoint, error)
	IdToken(ctx context.Context, token, clientId string) (*oidc.IDToken, error)
}

func JwtContextFromContext 

func JwtContextFromContext(ctx context.Context, realmUrl string) JwtContext

type JwtContextImpl 

type JwtContextImpl struct {
	sync.Mutex
	// contains filtered or unexported fields
}

func (*JwtContextImpl) ExchangeToken deprecated 

func (c *JwtContextImpl) ExchangeToken(ctx context.Context, token string, fromClient string, toClient string) (*oauth2.Token, error)

Deprecated: Use specialized GetTokenFromLiteralAccessToken and RefreshToken funcs instead

func (*JwtContextImpl) ExchangeTokenWithConfig deprecated 

func (c *JwtContextImpl) ExchangeTokenWithConfig(ctx context.Context, token string, toClient string, oauthConfig oauth2.Config) (*oauth2.Token, error)

Deprecated: Use specialized GetTokenFromLiteralAccessToken and RefreshToken funcs instead

func (*JwtContextImpl) GetToken 

func (c *JwtContextImpl) GetToken(ctx context.Context, client string, username string, pwd string) (*oauth2.Token, error)

func (*JwtContextImpl) GetTokenFromLiteralAccessToken 

func (c *JwtContextImpl) GetTokenFromLiteralAccessToken(ctx context.Context, literalAccessToken, clientId string, withOfflineRefresh bool) (*oauth2.Token, error)

func (*JwtContextImpl) GetTokenFromLiteralAccessTokenWithConfig 

func (c *JwtContextImpl) GetTokenFromLiteralAccessTokenWithConfig(ctx context.Context, literalAccessToken string, withOfflineRefresh bool, oauthConfig oauth2.Config) (*oauth2.Token, error)

func (*JwtContextImpl) IdToken added in v2.1.0 

func (c *JwtContextImpl) IdToken(ctx context.Context, token, clientId string) (*oidc.IDToken, error)

func (*JwtContextImpl) OAuthConfig 

func (c *JwtContextImpl) OAuthConfig(ctx context.Context, clientId string, clientSecret string) (*oauth2.Config, error)

func (*JwtContextImpl) OAuthEndpoint 

func (c *JwtContextImpl) OAuthEndpoint(ctx context.Context) (*oauth2.Endpoint, error)

func (*JwtContextImpl) RefreshToken 

func (c *JwtContextImpl) RefreshToken(ctx context.Context, refreshToken string, client string) (*oauth2.Token, error)

func (*JwtContextImpl) RefreshTokenWithConfig 

func (c *JwtContextImpl) RefreshTokenWithConfig(ctx context.Context, refreshToken string, oauthConfig oauth2.Config) (*oauth2.Token, error)

func (*JwtContextImpl) RolesFromToken added in v2.0.14 

func (c *JwtContextImpl) RolesFromToken(ctx context.Context, token, clientId string) (TokenRoles, error)

func (*JwtContextImpl) Sourcify 

func (c *JwtContextImpl) Sourcify(ctx context.Context, token *oauth2.Token, client string) (oauth2.TokenSource, error)

func (*JwtContextImpl) UserFromToken added in v2.17.0 

func (c *JwtContextImpl) UserFromToken(ctx context.Context, token string, clientId string) (string, error)

type RawTokenSource added in v2.2.11 

type RawTokenSource interface {
	RawToken(ctx context.Context) (string, error)
}

func RawTokenSourceFromContext added in v2.2.11 

func RawTokenSourceFromContext(ctx context.Context) RawTokenSource

type RoleCheckFailedError added in v2.2.11 

type RoleCheckFailedError struct {
	Cause error
}

func (*RoleCheckFailedError) Error added in v2.2.11 

func (r *RoleCheckFailedError) Error() string

func (*RoleCheckFailedError) Unwrap added in v2.2.11 

func (r *RoleCheckFailedError) Unwrap() error

type RoleCheckingHandlerFunc added in v2.2.11 

type RoleCheckingHandlerFunc func(loginClientId string, tokenRoles TokenRoles) error

RoleCheckingHandlerFunc should return MissingRolesError if the check failed due to a missing role or unsatisfied user capabilities

func ClientRoleCheckingHandlerFunc added in v2.2.11 

func ClientRoleCheckingHandlerFunc(clientId string, roles ...string) RoleCheckingHandlerFunc

ClientRoleCheckingHandlerFunc uses the given clientId to look for the requested roles If an error occurs it will always be an RoleCheckFailedError

func DefaultRoleCheckingHandlerFunc added in v2.2.11 

func DefaultRoleCheckingHandlerFunc(roles ...string) RoleCheckingHandlerFunc

DefaultRoleCheckingHandlerFunc uses the login client to look for the requested roles If an error occurs it will always be an RoleCheckFailedError

type TokenRoles 

type TokenRoles interface {
	ClientRoles(clientId string) []string
}

func ResolveTokenRoles added in v2.2.11 

func ResolveTokenRoles(ctx context.Context, jwtIssuer string, rawToken string, loginClientId string) (TokenRoles, error)

ResolveTokenRoles validates <rawToken>; checks if it is from <jwtIssuer>. Extracts all user roles and returns the roles container If an error occurs it will always be an RoleCheckFailedError

func TokenRolesFromIDToken added in v2.0.13 

func TokenRolesFromIDToken(oidcToken *oidc.IDToken) (TokenRoles, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.