README
¶
sso
Native Golang implementation of the ai/sso single sign-on mechanism.
This repository also used to include the login service, which has now been split off into its own repository at id/sso-server.
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // ErrMissingRequiredField is returned when a ticket does not // contain a required field. ErrMissingRequiredField = errors.New("missing required field") // ErrDeserialization means that the input is not valid base64. ErrDeserialization = errors.New("deserialization error") // ErrUnsupportedTicketVersion is returned for unsupported // ticket versions (either too old or too recent). ErrUnsupportedTicketVersion = errors.New("unsupported ticket version") // ErrMessageTooShort means that the input is shorter than the // fixed signature length + minimum ticket size. ErrMessageTooShort = errors.New("encoded message too short") // ErrBadSignature is returned when the signature does not // match the given public key. ErrBadSignature = errors.New("bad signature") // ErrBadService is returned when validation fails due to a // SSO service mismatch. ErrBadService = errors.New("service mismatch") // ErrBadDomain is returned when validation fails due to a SSO // domain mismatch. ErrBadDomain = errors.New("auth domain mismatch") // ErrBadNonce is returned when validation fails due to a // nonce mismatch. ErrBadNonce = errors.New("nonce mismatch") // ErrExpired means the ticket has expired. ErrExpired = errors.New("ticket expired") // necessary group membership. ErrUnauthorized = errors.New("unauthorized") )
Functions ¶
Types ¶
type Ticket ¶
type Ticket struct {
User string
Service string
Domain string
Nonce string
Groups []string
Expires time.Time
}
A Ticket attests a user's identity within the scope of a specific service, when properly signed.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.