oidc

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 31, 2020 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ScopeOpenID = "openid"

	ResponseTypeCode        ResponseType = "code"
	ResponseTypeIDToken     ResponseType = "id_token token"
	ResponseTypeIDTokenOnly ResponseType = "id_token"

	DisplayPage  Display = "page"
	DisplayPopup Display = "popup"
	DisplayTouch Display = "touch"
	DisplayWAP   Display = "wap"

	PromptNone          Prompt = "none"
	PromptLogin         Prompt = "login"
	PromptConsent       Prompt = "consent"
	PromptSelectAccount Prompt = "select_account"

	GrantTypeCode GrantType = "authorization_code"

	BearerToken = "Bearer"
)
View Source 
const (
	DiscoveryEndpoint = "/.well-known/openid-configuration"
)

Variables

This section is empty.

Functions

func ClaimHash 

func ClaimHash(claim string, sigAlgorithm jose.SignatureAlgorithm) (string, error)

func NewSHACodeChallenge 

func NewSHACodeChallenge(code string) string

func VerifyCodeChallenge 

func VerifyCodeChallenge(c *CodeChallenge, codeVerifier string) bool

Types

type AccessTokenClaims 

type AccessTokenClaims struct {
	Issuer                              string
	Subject                             string
	Audiences                           []string
	Expiration                          time.Time
	IssuedAt                            time.Time
	NotBefore                           time.Time
	JWTID                               string
	AuthorizedParty                     string
	Nonce                               string
	AuthTime                            time.Time
	CodeHash                            string
	AuthenticationContextClassReference string
	AuthenticationMethodsReferences     []string
	SessionID                           string
	Scopes                              []string
	ClientID                            string
	AccessTokenUseNumber                int
}

func (*AccessTokenClaims) MarshalJSON 

func (t *AccessTokenClaims) MarshalJSON() ([]byte, error)

func (*AccessTokenClaims) UnmarshalJSON 

func (t *AccessTokenClaims) UnmarshalJSON(b []byte) error

type AccessTokenRequest 

type AccessTokenRequest struct {
	Code         string `schema:"code"`
	RedirectURI  string `schema:"redirect_uri"`
	ClientID     string `schema:"client_id"`
	ClientSecret string `schema:"client_secret"`
	CodeVerifier string `schema:"code_verifier"`
}

func (*AccessTokenRequest) GrantType 

func (a *AccessTokenRequest) GrantType() GrantType

type AccessTokenResponse 

type AccessTokenResponse struct {
	AccessToken  string `json:"access_token,omitempty" schema:"access_token,omitempty"`
	TokenType    string `json:"token_type,omitempty" schema:"token_type,omitempty"`
	RefreshToken string `json:"refresh_token,omitempty" schema:"refresh_token,omitempty"`
	ExpiresIn    uint64 `json:"expires_in,omitempty" schema:"expires_in,omitempty"`
	IDToken      string `json:"id_token,omitempty" schema:"id_token,omitempty"`
}

type AuthRequest 

type AuthRequest struct {
	ID           string
	Scopes       Scopes       `schema:"scope"`
	ResponseType ResponseType `schema:"response_type"`
	ClientID     string       `schema:"client_id"`
	RedirectURI  string       `schema:"redirect_uri"` //TODO: type

	State string `schema:"state"`

	Nonce       string   `schema:"nonce"`
	Display     Display  `schema:"display"`
	Prompt      Prompt   `schema:"prompt"`
	MaxAge      uint32   `schema:"max_age"`
	UILocales   Locales  `schema:"ui_locales"`
	IDTokenHint string   `schema:"id_token_hint"`
	LoginHint   string   `schema:"login_hint"`
	ACRValues   []string `schema:"acr_values"`

	CodeChallenge       string              `schema:"code_challenge"`
	CodeChallengeMethod CodeChallengeMethod `schema:"code_challenge_method"`
}

AuthRequest according to: https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest

func (*AuthRequest) GetRedirectURI 

func (a *AuthRequest) GetRedirectURI() string

func (*AuthRequest) GetResponseType 

func (a *AuthRequest) GetResponseType() ResponseType

func (*AuthRequest) GetState 

func (a *AuthRequest) GetState() string

type CodeChallenge 

type CodeChallenge struct {
	Challenge string
	Method    CodeChallengeMethod
}

type CodeChallengeMethod 

type CodeChallengeMethod string
const (
	CodeChallengeMethodPlain CodeChallengeMethod = "plain"
	CodeChallengeMethodS256  CodeChallengeMethod = "S256"
)

type DiscoveryConfiguration 

type DiscoveryConfiguration struct {
	Issuer                            string   `json:"issuer,omitempty"`
	AuthorizationEndpoint             string   `json:"authorization_endpoint,omitempty"`
	TokenEndpoint                     string   `json:"token_endpoint,omitempty"`
	IntrospectionEndpoint             string   `json:"introspection_endpoint,omitempty"`
	UserinfoEndpoint                  string   `json:"userinfo_endpoint,omitempty"`
	EndSessionEndpoint                string   `json:"end_session_endpoint,omitempty"`
	CheckSessionIframe                string   `json:"check_session_iframe,omitempty"`
	JwksURI                           string   `json:"jwks_uri,omitempty"`
	ScopesSupported                   []string `json:"scopes_supported,omitempty"`
	ResponseTypesSupported            []string `json:"response_types_supported,omitempty"`
	ResponseModesSupported            []string `json:"response_modes_supported,omitempty"`
	GrantTypesSupported               []string `json:"grant_types_supported,omitempty"`
	SubjectTypesSupported             []string `json:"subject_types_supported,omitempty"`
	IDTokenSigningAlgValuesSupported  []string `json:"id_token_signing_alg_values_supported,omitempty"`
	TokenEndpointAuthMethodsSupported []string `json:"token_endpoint_auth_methods_supported,omitempty"`
	ClaimsSupported                   []string `json:"claims_supported,omitempty"`
}

type Display 

type Display string

func (*Display) UnmarshalText 

func (d *Display) UnmarshalText(text []byte) error

type Gender 

type Gender string

type GrantType 

type GrantType string

type IDTokenClaims 

type IDTokenClaims struct {
	Issuer                              string
	Subject                             string
	Audiences                           []string
	Expiration                          time.Time
	NotBefore                           time.Time
	IssuedAt                            time.Time
	JWTID                               string
	UpdatedAt                           time.Time
	AuthorizedParty                     string
	Nonce                               string
	AuthTime                            time.Time
	AccessTokenHash                     string
	CodeHash                            string
	AuthenticationContextClassReference string
	AuthenticationMethodsReferences     []string
	ClientID                            string

	Signature jose.SignatureAlgorithm //TODO: ???
}

func (*IDTokenClaims) MarshalJSON 

func (t *IDTokenClaims) MarshalJSON() ([]byte, error)

func (*IDTokenClaims) UnmarshalJSON 

func (t *IDTokenClaims) UnmarshalJSON(b []byte) error

type KeySet 

type KeySet interface {
	// VerifySignature parses the JSON web token, verifies the signature, and returns
	// the raw payload. Header and claim fields are validated by other parts of the
	// package. For example, the KeySet does not need to check values such as signature
	// algorithm, issuer, and audience since the IDTokenVerifier validates these values
	// independently.
	//
	// If VerifySignature makes HTTP requests to verify the token, it's expected to
	// use any HTTP client associated with the context through ClientContext.
	VerifySignature(ctx context.Context, jws *jose.JSONWebSignature) (payload []byte, err error)
}

KeySet is a set of publc JSON Web Keys that can be used to validate the signature of JSON web tokens. This is expected to be backed by a remote key set through provider metadata discovery or an in-memory set of keys delivered out-of-band.

type Locales 

type Locales []language.Tag

func (*Locales) UnmarshalText 

func (l *Locales) UnmarshalText(text []byte) error

type Prompt 

type Prompt string

type ResponseType 

type ResponseType string

type Scopes 

type Scopes []string

func (*Scopes) UnmarshalText 

func (s *Scopes) UnmarshalText(text []byte) error

type TokenExchangeRequest 

type TokenExchangeRequest struct {
	Scope []string `schema:"scope"`
	// contains filtered or unexported fields
}

type TokenRequest 

type TokenRequest interface {
	// GrantType GrantType `schema:"grant_type"`
	GrantType() GrantType
}

type TokenRequestType 

type TokenRequestType GrantType

type Tokens 

type Tokens struct {
	*oauth2.Token
	IDTokenClaims *IDTokenClaims
	IDToken       string
}

type Userinfo 

type Userinfo struct {
	Subject string
	Address *UserinfoAddress
	UserinfoProfile
	UserinfoEmail
	UserinfoPhone
	// contains filtered or unexported fields
}

func (*Userinfo) MarshalJSON 

func (i *Userinfo) MarshalJSON() ([]byte, error)

func (*Userinfo) UnmmarshalJSON 

func (i *Userinfo) UnmmarshalJSON(data []byte) error

type UserinfoAddress 

type UserinfoAddress struct {
	Formatted     string
	StreetAddress string
	Locality      string
	Region        string
	PostalCode    string
	Country       string
}

type UserinfoEmail 

type UserinfoEmail struct {
	Email         string
	EmailVerified bool
}

type UserinfoPhone 

type UserinfoPhone struct {
	PhoneNumber         string
	PhoneNumberVerified bool
}

type UserinfoProfile 

type UserinfoProfile struct {
	Name              string
	GivenName         string
	FamilyName        string
	MiddleName        string
	Nickname          string
	Profile           string
	Picture           string
	Website           string
	Gender            Gender
	Birthdate         string
	Zoneinfo          string
	Locale            language.Tag
	UpdatedAt         time.Time
	PreferredUsername string
}

Source Files

View all Source files

Directories

Path Synopsis
tokenexchange

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.