oidcx

package
v0.0.0-...-6606c74 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 30, 2023 License: MIT Imports: 21 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func MaxAgeToInternal 

func MaxAgeToInternal(maxAge *uint) *time.Duration

func PromptToInternal 

func PromptToInternal(oidcPrompt oidc.SpaceDelimitedArray) []string

func RedirectGlobsClient 

func RedirectGlobsClient(client *Client) op.Client

RedirectGlobsClient wraps the client in a op.HasRedirectGlobs only if DevMode is enabled.

func RefreshTokenRequestFromBusiness 

func RefreshTokenRequestFromBusiness(token *RefreshToken) op.RefreshTokenRequest

RefreshTokenRequestFromBusiness will simply wrap the storage RefreshToken to implement the op.RefreshTokenRequest interface

func SetupServer 

func SetupServer(issuer string, storage *Storage, extraOptions ...op.Option) *mux.Router

SetupServer creates an OIDC server with Issuer=http://localhost:<port> Use one of the pre-made clients in storage/clients.go or register a new one.

Types

type AuthRequest 

type AuthRequest struct {
	gormx.BaseFields
	ApplicationID string
	CallbackURI   string
	TransferState string
	Prompt        []string
	UiLocales     []language.Tag
	LoginHint     string
	MaxAuthAge    *time.Duration
	UserID        string
	Scopes        []string
	ResponseType  oidc.ResponseType
	Nonce         string
	CodeChallenge *OIDCCodeChallenge
	// contains filtered or unexported fields
}

func (*AuthRequest) Done 

func (ar *AuthRequest) Done() bool

func (*AuthRequest) GetACR 

func (ar *AuthRequest) GetACR() string

func (*AuthRequest) GetAMR 

func (ar *AuthRequest) GetAMR() []string

func (*AuthRequest) GetAudience 

func (ar *AuthRequest) GetAudience() []string

func (*AuthRequest) GetAuthTime 

func (ar *AuthRequest) GetAuthTime() time.Time

func (*AuthRequest) GetClientID 

func (ar *AuthRequest) GetClientID() string

func (*AuthRequest) GetCodeChallenge 

func (ar *AuthRequest) GetCodeChallenge() *oidc.CodeChallenge

func (*AuthRequest) GetID 

func (ar *AuthRequest) GetID() string

func (*AuthRequest) GetNonce 

func (ar *AuthRequest) GetNonce() string

func (*AuthRequest) GetRedirectURI 

func (ar *AuthRequest) GetRedirectURI() string

func (*AuthRequest) GetResponseMode 

func (ar *AuthRequest) GetResponseMode() oidc.ResponseMode

func (*AuthRequest) GetResponseType 

func (ar *AuthRequest) GetResponseType() oidc.ResponseType

func (*AuthRequest) GetScopes 

func (ar *AuthRequest) GetScopes() []string

func (*AuthRequest) GetState 

func (ar *AuthRequest) GetState() string

func (*AuthRequest) GetSubject 

func (ar *AuthRequest) GetSubject() string

func (*AuthRequest) SetID 

func (ar *AuthRequest) SetID(id string)

type AuthRequestCacher 

type AuthRequestCacher interface {
	Get(string) *AuthRequest
}

type Client 

type Client struct {
	gormx.BaseFields
	Name   string `json:"name" gorm:"column:name;type:varchar(256);not null"`
	Secret string `json:"secret" gorm:"column:secret;type:varchar(256);not null"`

	OrganizationId string `json:"oid"`
	// contains filtered or unexported fields
}

func (*Client) AccessTokenType 

func (c *Client) AccessTokenType() op.AccessTokenType

AccessTokenType implements op.Client.

func (*Client) ApplicationType 

func (c *Client) ApplicationType() op.ApplicationType

ApplicationType implements op.Client.

func (*Client) AuthMethod 

func (c *Client) AuthMethod() oidc.AuthMethod

AuthMethod implements op.Client.

func (*Client) ClockSkew 

func (c *Client) ClockSkew() time.Duration

ClockSkew implements op.Client.

func (*Client) DevMode 

func (c *Client) DevMode() bool

DevMode implements op.Client.

func (*Client) GetID 

func (c *Client) GetID() string

GetID implements op.Client.

func (*Client) GrantTypes 

func (c *Client) GrantTypes() []oidc.GrantType

GrantTypes implements op.Client.

func (*Client) IDTokenLifetime 

func (c *Client) IDTokenLifetime() time.Duration

IDTokenLifetime implements op.Client.

func (*Client) IDTokenUserinfoClaimsAssertion 

func (c *Client) IDTokenUserinfoClaimsAssertion() bool

IDTokenUserinfoClaimsAssertion implements op.Client.

func (*Client) IsScopeAllowed 

func (c *Client) IsScopeAllowed(scope string) bool

IsScopeAllowed implements op.Client.

func (*Client) LoginURL 

func (c *Client) LoginURL(id string) string

重定向到登陆页面 LoginURL implements op.Client.

func (*Client) PostLogoutRedirectURIs 

func (c *Client) PostLogoutRedirectURIs() []string

PostLogoutRedirectURIs implements op.Client.

func (*Client) RedirectURIs 

func (c *Client) RedirectURIs() []string

RedirectURIs implements op.Client.

func (*Client) ResponseTypes 

func (c *Client) ResponseTypes() []oidc.ResponseType

ResponseTypes implements op.Client.

func (*Client) RestrictAdditionalAccessTokenScopes 

func (c *Client) RestrictAdditionalAccessTokenScopes() func(scopes []string) []string

RestrictAdditionalAccessTokenScopes implements op.Client.

func (*Client) RestrictAdditionalIdTokenScopes 

func (c *Client) RestrictAdditionalIdTokenScopes() func(scopes []string) []string

RestrictAdditionalIdTokenScopes implements op.Client.

type DefaultClientRepository 

type DefaultClientRepository interface {
	gormx.BaseRepository[Client]
	GetOneByName(context.Context, string) (*Client, error)
	GetAllByName(context.Context, httpx.Pageable, string) []Client
}

type GormClientRepository 

type GormClientRepository struct {
	// contains filtered or unexported fields
}

func NewGormClientRepository 

func NewGormClientRepository() *GormClientRepository

func (*GormClientRepository) CreateOne 

func (r *GormClientRepository) CreateOne(ctx context.Context, client *Client) error

CreateOne implements DefaultClientRepository.

func (*GormClientRepository) DeleteOneById 

func (r *GormClientRepository) DeleteOneById(context.Context, string) error

DeleteOneById implements DefaultClientRepository.

func (*GormClientRepository) GetAllByName 

func (r *GormClientRepository) GetAllByName(context.Context, httpx.Pageable, string) []Client

GetAllByName implements DefaultClientRepository.

func (*GormClientRepository) GetOneById 

func (r *GormClientRepository) GetOneById(context.Context, string) (*Client, error)

GetOneById implements DefaultClientRepository.

func (*GormClientRepository) GetOneByName 

func (r *GormClientRepository) GetOneByName(context.Context, string) (*Client, error)

GetOneByName implements DefaultClientRepository.

func (*GormClientRepository) InitDB 

func (r *GormClientRepository) InitDB() error

InitDB implements DefaultClientRepository.

func (*GormClientRepository) UpdateOneById 

func (r *GormClientRepository) UpdateOneById(context.Context, string, *Client) error

UpdateOneById implements DefaultClientRepository.

type OIDCCodeChallenge 

type OIDCCodeChallenge struct {
	Challenge string
	Method    string
}

type OidcClientRepository 

type OidcClientRepository interface {
	gormx.BaseRepository[Client]
	FindByOidAndName(string, string) *Client
}

type RefreshToken 

type RefreshToken struct {
	ID            string
	Token         string
	AuthTime      time.Time
	AMR           []string
	Audience      []string
	UserID        string
	ApplicationID string
	Expiration    time.Time
	Scopes        []string
}

type RefreshTokenRequest 

type RefreshTokenRequest struct {
	*RefreshToken
}

func (*RefreshTokenRequest) GetAMR 

func (r *RefreshTokenRequest) GetAMR() []string

func (*RefreshTokenRequest) GetAudience 

func (r *RefreshTokenRequest) GetAudience() []string

func (*RefreshTokenRequest) GetAuthTime 

func (r *RefreshTokenRequest) GetAuthTime() time.Time

func (*RefreshTokenRequest) GetClientID 

func (r *RefreshTokenRequest) GetClientID() string

func (*RefreshTokenRequest) GetScopes 

func (r *RefreshTokenRequest) GetScopes() []string

func (*RefreshTokenRequest) GetSubject 

func (r *RefreshTokenRequest) GetSubject() string

func (*RefreshTokenRequest) SetCurrentScopes 

func (r *RefreshTokenRequest) SetCurrentScopes(scopes []string)

type Service 

type Service struct {
	// contains filtered or unexported fields
}

type SigninRequest 

type SigninRequest struct {
	gormx.BaseFields
}

type Storage 

type Storage struct {
	// contains filtered or unexported fields
}

func NewStorage 

func NewStorage() *Storage

func (*Storage) AuthRequestByCode 

func (s *Storage) AuthRequestByCode(ctx context.Context, code string) (op.AuthRequest, error)

AuthRequestByCode implements op.Storage.

func (*Storage) AuthRequestByID 

func (s *Storage) AuthRequestByID(ctx context.Context, id string) (op.AuthRequest, error)

AuthRequestByID implements op.Storage.

func (*Storage) AuthorizeClientIDSecret 

func (s *Storage) AuthorizeClientIDSecret(ctx context.Context, clientID string, clientSecret string) error

AuthorizeClientIDSecret implements op.Storage.

func (*Storage) ClientCredentials 

func (s *Storage) ClientCredentials(ctx context.Context, clientID string, clientSecret string) (op.Client, error)

ClientCredentials implements op.ClientCredentialsStorage.

func (*Storage) ClientCredentialsTokenRequest 

func (s *Storage) ClientCredentialsTokenRequest(ctx context.Context, clientID string, scopes []string) (op.TokenRequest, error)

ClientCredentialsTokenRequest implements op.ClientCredentialsStorage.

func (*Storage) CreateAccessAndRefreshTokens 

func (s *Storage) CreateAccessAndRefreshTokens(ctx context.Context, request op.TokenRequest, currentRefreshToken string) (accessTokenID string, newRefreshTokenID string, expiration time.Time, err error)

CreateAccessAndRefreshTokens implements op.Storage.

func (*Storage) CreateAccessToken 

func (s *Storage) CreateAccessToken(ctx context.Context, request op.TokenRequest) (accessTokenID string, expiration time.Time, err error)

CreateAccessToken implements op.Storage.

func (*Storage) CreateAuthRequest 

func (s *Storage) CreateAuthRequest(ctx context.Context, authReq *oidc.AuthRequest, userID string) (op.AuthRequest, error)

CreateAuthRequest implements op.Storage.

func (*Storage) DeleteAuthRequest 

func (s *Storage) DeleteAuthRequest(ctx context.Context, id string) error

DeleteAuthRequest implements op.Storage.

func (*Storage) GetClientByClientID 

func (s *Storage) GetClientByClientID(ctx context.Context, clientID string) (op.Client, error)

GetClientByClientID implements op.Storage.

func (*Storage) GetKeyByIDAndClientID 

func (s *Storage) GetKeyByIDAndClientID(ctx context.Context, keyID string, clientID string) (*jose.JSONWebKey, error)

GetKeyByIDAndClientID implements op.Storage.

func (*Storage) GetPrivateClaimsFromScopes 

func (s *Storage) GetPrivateClaimsFromScopes(ctx context.Context, userID string, clientID string, scopes []string) (map[string]interface{}, error)

GetPrivateClaimsFromScopes implements op.Storage.

func (*Storage) GetRefreshTokenInfo 

func (s *Storage) GetRefreshTokenInfo(ctx context.Context, clientID string, token string) (userID string, tokenID string, err error)

GetRefreshTokenInfo implements op.Storage.

func (*Storage) Health 

func (s *Storage) Health(ctx context.Context) error

Health implements op.Storage.

func (*Storage) KeySet 

func (s *Storage) KeySet(ctx context.Context) ([]op.Key, error)

KeySet implements op.Storage.

func (*Storage) RevokeToken 

func (s *Storage) RevokeToken(ctx context.Context, tokenOrTokenID string, userID string, clientID string) *oidc.Error

RevokeToken implements op.Storage.

func (*Storage) SaveAuthCode 

func (s *Storage) SaveAuthCode(ctx context.Context, id string, code string) error

SaveAuthCode implements op.Storage.

func (*Storage) SetIntrospectionFromToken 

func (s *Storage) SetIntrospectionFromToken(ctx context.Context, introspection *oidc.IntrospectionResponse, tokenID, subject, clientID string) error

SetIntrospectionFromToken implements op.Storage.

func (*Storage) SetUserinfoFromScopes 

func (s *Storage) SetUserinfoFromScopes(ctx context.Context, userinfo *oidc.UserInfo, userID string, clientID string, scopes []string) error

SetUserinfoFromScopes implements op.Storage.

func (*Storage) SetUserinfoFromToken 

func (s *Storage) SetUserinfoFromToken(ctx context.Context, userinfo *oidc.UserInfo, tokenID string, subject string, origin string) error

SetUserinfoFromToken implements op.Storage.

func (*Storage) SignatureAlgorithms 

func (s *Storage) SignatureAlgorithms(ctx context.Context) ([]jose.SignatureAlgorithm, error)

SignatureAlgorithms implements op.Storage.

func (*Storage) SigningKey 

func (s *Storage) SigningKey(ctx context.Context) (op.SigningKey, error)

SigningKey implements op.Storage.

func (*Storage) TerminateSession 

func (s *Storage) TerminateSession(ctx context.Context, userID string, clientID string) error

TerminateSession implements op.Storage.

func (*Storage) TokenRequestByRefreshToken 

func (s *Storage) TokenRequestByRefreshToken(ctx context.Context, refreshToken string) (op.RefreshTokenRequest, error)

TokenRequestByRefreshToken implements op.Storage.

func (*Storage) ValidateJWTProfileScopes 

func (s *Storage) ValidateJWTProfileScopes(ctx context.Context, userID string, scopes []string) ([]string, error)

ValidateJWTProfileScopes implements op.Storage.

type Token 

type Token struct {
	ID             string
	ApplicationID  string
	Subject        string
	RefreshTokenID string
	Audience       []string
	Expiration     time.Time
	Scopes         []string
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.