oidc

package

v0.0.0-...-0c4ea9a Latest Latest Go to latest Published: Mar 13, 2023 License: MIT Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/arrikto/oidc-authservice

Links

Open Source Insights

Documentation ¶

Index ¶

func NewConfig(clientID string) *oidc.Config
func RevocationEndpoint(p Provider) (string, error)
func RevokeTokens(ctx context.Context, revocationEndpoint string, token *oauth2.Token, ...) error
func TokenSource(ctx context.Context, config *oauth2.Config, token *oauth2.Token) (*oauth2.Token, bool, error)
type Provider
- func NewProvider(ctx context.Context, u *url.URL) Provider
type UserInfo
- func GetUserInfo(ctx context.Context, provider Provider, token *oauth2.Token) (*UserInfo, error)
- func ParseUserInfo(body []byte) (*UserInfo, error)
- func (u *UserInfo) Claims(v interface{}) error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewConfig ¶

func NewConfig(clientID string) *oidc.Config

func RevocationEndpoint ¶

func RevocationEndpoint(p Provider) (string, error)

RevocationEndpoint parses the OIDC Provider claims from the discovery document and tries to find the revocation_endpoint.

func RevokeTokens ¶

func RevokeTokens(ctx context.Context, revocationEndpoint string, token *oauth2.Token, clientID, clientSecret string) error

RevokeTokens is a helper that takes an oauth2.Token and revokes the access and refresh tokens. If no tokens are found, it succeeds.

func TokenSource ¶

func TokenSource(ctx context.Context, config *oauth2.Config,
	token *oauth2.Token) (*oauth2.Token, bool, error)

TokenSource is a wrapper around oauth2.Config.TokenSource that additionally returns a boolean indicator for a token refresh.

Types ¶

type Provider ¶

type Provider interface {
	Claims(v interface{}) error
	Endpoint() oauth2.Endpoint
	Verifier(config *oidc.Config) *oidc.IDTokenVerifier
}

func NewProvider ¶

func NewProvider(ctx context.Context, u *url.URL) Provider

type UserInfo ¶

type UserInfo struct {
	Subject       string `json:"sub"`
	Profile       string `json:"profile"`
	Email         string `json:"email"`
	EmailVerified bool   `json:"email_verified"`

	RawClaims []byte
}

UserInfo represents the OpenID Connect userinfo claims.

func GetUserInfo ¶

func GetUserInfo(ctx context.Context, provider Provider, token *oauth2.Token) (*UserInfo, error)

GetUserInfo uses the token source to query the provider's user info endpoint. We reimplement UserInfo 1 instead of using the go-oidc's library UserInfo, in order to include HTTP response information in case of an error during contacting the UserInfo endpoint.

func ParseUserInfo ¶

func ParseUserInfo(body []byte) (*UserInfo, error)

ParseUserInfo unmarshals the response of the UserInfo endpoint and enforces boolean value for the EmailVerified claim.

func (*UserInfo) Claims ¶

func (u *UserInfo) Claims(v interface{}) error

Claims unmarshals the raw JSON object claims into the provided object.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL