provider

package
v0.0.0-...-e3e9b0f Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 29, 2024 License: MIT Imports: 26 Imported by: 0

Documentation

Index

Constants

View Source 
const IssuerApple = "https://appleid.apple.com"
View Source 
const IssuerAzureCommon = "https://login.microsoftonline.com/common/v2.0"
View Source 
const IssuerAzureMicrosoft = "https://login.microsoftonline.com/9188040d-6c67-4c5b-b112-36a304b66dad/v2.0"

IssuerAzureMicrosoft is the OIDC issuer for microsoft.com accounts: https://learn.microsoft.com/en-us/azure/active-directory/develop/id-token-claims-reference#payload-claims

View Source 
const IssuerAzureOrganizations = "https://login.microsoftonline.com/organizations/v2.0"
View Source 
const IssuerFacebook = "https://www.facebook.com"
View Source 
const IssuerGoogle = "https://accounts.google.com"
View Source 
const (
	IssuerKakao = "https://kauth.kakao.com"
)
View Source 
const (
	IssuerLinkedin = "https://www.linkedin.com"
)
View Source 
const UserInfoEndpointGoogle = "https://www.googleapis.com/userinfo/v2/me"

Variables

View Source 
var OverrideClock func() time.Time

OverrideClock can be used to set a custom clock function to be used when parsing ID tokens. Should only be used in tests.

View Source 
var OverrideVerifiers = make(map[string]func(context.Context, *oidc.Config) *oidc.IDTokenVerifier)

OverrideVerifiers can be used to set a custom verifier for an OIDC provider (identified by the provider's Endpoint().AuthURL string). Should only be used in tests.

Functions

func DetectAzureIDTokenIssuer 

func DetectAzureIDTokenIssuer(ctx context.Context, idToken string) (string, error)

func GetName 

func GetName(name linkedinName) string

func IsAzureIssuer 

func IsAzureIssuer(issuer string) bool

func OverrideGoogleProvider 

func OverrideGoogleProvider(issuer, userInfo string)

OverrideGoogleProvider should only be used in tests!

func ResetGoogleProvider 

func ResetGoogleProvider()

ResetGoogleProvider should only be used in tests!

Types

type AppleIDTokenClaims 

type AppleIDTokenClaims struct {
	jwt.StandardClaims

	Email string `json:"email"`

	AuthTime       *float64        `json:"auth_time"`
	IsPrivateEmail *IsPrivateEmail `json:"is_private_email"`
}

type AppleProvider 

type AppleProvider struct {
	*oauth2.Config
	// contains filtered or unexported fields
}

AppleProvider stores the custom config for apple provider

func (AppleProvider) AuthCodeURL 

func (p AppleProvider) AuthCodeURL(state string, args ...oauth2.AuthCodeOption) string

func (AppleProvider) GetOAuthToken 

func (p AppleProvider) GetOAuthToken(code string) (*oauth2.Token, error)

GetOAuthToken returns the apple provider access token

func (AppleProvider) GetUserData 

func (p AppleProvider) GetUserData(ctx context.Context, tok *oauth2.Token) (*UserProvidedData, error)

GetUserData returns the user data fetched from the apple provider

func (AppleProvider) ParseUser 

func (p AppleProvider) ParseUser(data string, userData *UserProvidedData) error

ParseUser parses the apple user's info

type AzureIDTokenClaims 

type AzureIDTokenClaims struct {
	jwt.StandardClaims

	Email                              string `json:"email"`
	Name                               string `json:"name"`
	PreferredUsername                  string `json:"preferred_username"`
	XMicrosoftEmailDomainOwnerVerified any    `json:"xms_edov"`
}

func (*AzureIDTokenClaims) IsEmailVerified 

func (c *AzureIDTokenClaims) IsEmailVerified() bool

type Claims 

type Claims struct {
	// Reserved claims
	Issuer  string  `json:"iss,omitempty" structs:"iss,omitempty"`
	Subject string  `json:"sub,omitempty" structs:"sub,omitempty"`
	Aud     string  `json:"aud,omitempty" structs:"aud,omitempty"`
	Iat     float64 `json:"iat,omitempty" structs:"iat,omitempty"`
	Exp     float64 `json:"exp,omitempty" structs:"exp,omitempty"`

	// Default profile claims
	Name              string `json:"name,omitempty" structs:"name,omitempty"`
	FamilyName        string `json:"family_name,omitempty" structs:"family_name,omitempty"`
	GivenName         string `json:"given_name,omitempty" structs:"given_name,omitempty"`
	MiddleName        string `json:"middle_name,omitempty" structs:"middle_name,omitempty"`
	NickName          string `json:"nickname,omitempty" structs:"nickname,omitempty"`
	PreferredUsername string `json:"preferred_username,omitempty" structs:"preferred_username,omitempty"`
	Profile           string `json:"profile,omitempty" structs:"profile,omitempty"`
	Picture           string `json:"picture,omitempty" structs:"picture,omitempty"`
	Website           string `json:"website,omitempty" structs:"website,omitempty"`
	Gender            string `json:"gender,omitempty" structs:"gender,omitempty"`
	Birthdate         string `json:"birthdate,omitempty" structs:"birthdate,omitempty"`
	ZoneInfo          string `json:"zoneinfo,omitempty" structs:"zoneinfo,omitempty"`
	Locale            string `json:"locale,omitempty" structs:"locale,omitempty"`
	UpdatedAt         string `json:"updated_at,omitempty" structs:"updated_at,omitempty"`
	Email             string `json:"email,omitempty" structs:"email,omitempty"`
	EmailVerified     bool   `json:"email_verified,omitempty" structs:"email_verified"`
	Phone             string `json:"phone,omitempty" structs:"phone,omitempty"`
	PhoneVerified     bool   `json:"phone_verified,omitempty" structs:"phone_verified"`

	// Custom profile claims that are provider specific
	CustomClaims map[string]interface{} `json:"custom_claims,omitempty" structs:"custom_claims,omitempty"`

	// TODO: Deprecate in next major release
	FullName    string `json:"full_name,omitempty" structs:"full_name,omitempty"`
	AvatarURL   string `json:"avatar_url,omitempty" structs:"avatar_url,omitempty"`
	Slug        string `json:"slug,omitempty" structs:"slug,omitempty"`
	ProviderId  string `json:"provider_id,omitempty" structs:"provider_id,omitempty"`
	UserNameKey string `json:"user_name,omitempty" structs:"user_name,omitempty"`
}

type Email 

type Email struct {
	Email    string
	Verified bool
	Primary  bool
}

Email is a struct that provides information on whether an email is verified or is the primary email address

type HTTPError 

type HTTPError struct {
	Code            int    `json:"code"`
	Message         string `json:"msg"`
	InternalError   error  `json:"-"`
	InternalMessage string `json:"-"`
	ErrorID         string `json:"error_id,omitempty"`
}

func (*HTTPError) Cause 

func (e *HTTPError) Cause() error

Cause returns the root cause error

func (*HTTPError) Error 

func (e *HTTPError) Error() string

func (*HTTPError) Is 

func (e *HTTPError) Is(target error) bool

func (*HTTPError) WithInternalError 

func (e *HTTPError) WithInternalError(err error) *HTTPError

WithInternalError adds internal error information to the error

func (*HTTPError) WithInternalMessage 

func (e *HTTPError) WithInternalMessage(fmtString string, args ...interface{}) *HTTPError

WithInternalMessage adds internal message information to the error

type IsPrivateEmail 

type IsPrivateEmail bool

func (*IsPrivateEmail) UnmarshalJSON 

func (b *IsPrivateEmail) UnmarshalJSON(data []byte) error

Apple returns an is_private_email field that could be a string or boolean value so we need to implement a custom unmarshaler https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_rest_api/authenticating_users_with_sign_in_with_apple

type KakaoIDTokenClaims 

type KakaoIDTokenClaims struct {
	jwt.StandardClaims

	Email    string `json:"email"`
	Nickname string `json:"nickname"`
	Picture  string `json:"picture"`
}

type LinkedinIDTokenClaims 

type LinkedinIDTokenClaims struct {
	jwt.StandardClaims

	Email         string `json:"email"`
	EmailVerified string `json:"email_verified"`
	FamilyName    string `json:"family_name"`
	GivenName     string `json:"given_name"`
	Locale        string `json:"locale"`
	Picture       string `json:"picture"`
}

type OAuthProvider 

type OAuthProvider interface {
	AuthCodeURL(string, ...oauth2.AuthCodeOption) string
	GetUserData(context.Context, *oauth2.Token) (*UserProvidedData, error)
	GetOAuthToken(string) (*oauth2.Token, error)
}

OAuthProvider specifies additional methods needed for providers using OAuth

func NewAppleProvider 

func NewAppleProvider(ctx context.Context, ext conf.OAuthProviderConfiguration) (OAuthProvider, error)

NewAppleProvider creates a Apple account provider.

func NewAzureProvider 

func NewAzureProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)

NewAzureProvider creates a Azure account provider.

func NewBitbucketProvider 

func NewBitbucketProvider(ext conf.OAuthProviderConfiguration) (OAuthProvider, error)

NewBitbucketProvider creates a Bitbucket account provider.

func NewDiscordProvider 

func NewDiscordProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)

NewDiscordProvider creates a Discord account provider.

func NewFacebookProvider 

func NewFacebookProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)

NewFacebookProvider creates a Facebook account provider.

func NewFigmaProvider 

func NewFigmaProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)

NewFigmaProvider creates a Figma account provider.

func NewFlyProvider 

func NewFlyProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)

NewFlyProvider creates a Fly oauth provider.

func NewGithubProvider 

func NewGithubProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)

NewGithubProvider creates a Github account provider.

func NewGitlabProvider 

func NewGitlabProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)

NewGitlabProvider creates a Gitlab account provider.

func NewGoogleProvider 

func NewGoogleProvider(ctx context.Context, ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)

NewGoogleProvider creates a Google OAuth2 identity provider.

func NewKakaoProvider 

func NewKakaoProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)

func NewKeycloakProvider 

func NewKeycloakProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)

NewKeycloakProvider creates a Keycloak account provider.

func NewLinkedinOIDCProvider 

func NewLinkedinOIDCProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)

NewLinkedinOIDCProvider creates a Linkedin account provider via OIDC.

func NewLinkedinProvider 

func NewLinkedinProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)

NewLinkedinProvider creates a Linkedin account provider.

func NewNotionProvider 

func NewNotionProvider(ext conf.OAuthProviderConfiguration) (OAuthProvider, error)

NewNotionProvider creates a Notion account provider.

func NewSlackProvider 

func NewSlackProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)

NewSlackProvider creates a Slack account provider.

func NewSpotifyProvider 

func NewSpotifyProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)

NewSpotifyProvider creates a Spotify account provider.

func NewTwitchProvider 

func NewTwitchProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)

NewTwitchProvider creates a Twitch account provider.

func NewTwitterProvider 

func NewTwitterProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)

NewTwitterProvider creates a Twitter account provider.

func NewWorkOSProvider 

func NewWorkOSProvider(ext conf.OAuthProviderConfiguration) (OAuthProvider, error)

NewWorkOSProvider creates a WorkOS account provider.

func NewZoomProvider 

func NewZoomProvider(ext conf.OAuthProviderConfiguration) (OAuthProvider, error)

NewZoomProvider creates a Zoom account provider.

type ParseIDTokenOptions 

type ParseIDTokenOptions struct {
	SkipAccessTokenCheck bool
	AccessToken          string
}

type Provider 

type Provider interface {
	AuthCodeURL(string, ...oauth2.AuthCodeOption) string
}

Provider is an interface for interacting with external account providers

type TwitterProvider 

type TwitterProvider struct {
	ClientKey     string
	Secret        string
	CallbackURL   string
	AuthURL       string
	RequestToken  *oauth.RequestToken
	OauthVerifier string
	Consumer      *oauth.Consumer
	UserInfoURL   string
}

TwitterProvider stores the custom config for twitter provider

func (*TwitterProvider) AuthCodeURL 

func (t *TwitterProvider) AuthCodeURL(state string, args ...oauth2.AuthCodeOption) string

AuthCodeURL fetches the request token from the twitter provider

func (TwitterProvider) FetchUserData 

func (t TwitterProvider) FetchUserData(ctx context.Context, tok *oauth.AccessToken) (*UserProvidedData, error)

FetchUserData retrieves the user's data from the twitter provider

func (TwitterProvider) GetOAuthToken 

func (t TwitterProvider) GetOAuthToken(_ string) (*oauth2.Token, error)

GetOAuthToken is a stub method for OAuthProvider interface, unused in OAuth1.0 protocol

func (TwitterProvider) GetUserData 

func (t TwitterProvider) GetUserData(ctx context.Context, tok *oauth2.Token) (*UserProvidedData, error)

GetUserData is a stub method for OAuthProvider interface, unused in OAuth1.0 protocol

func (TwitterProvider) Marshal 

func (t TwitterProvider) Marshal() string

Marshal encodes the twitter request token

func (TwitterProvider) Unmarshal 

func (t TwitterProvider) Unmarshal(data string) (*oauth.RequestToken, error)

Unmarshal decodes the twitter request token

type UserProvidedData 

type UserProvidedData struct {
	Emails   []Email
	Metadata *Claims
}

UserProvidedData is a struct that contains the user's data returned from the oauth provider

func ParseIDToken 

func ParseIDToken(ctx context.Context, provider *oidc.Provider, config *oidc.Config, idToken string, options ParseIDTokenOptions) (*oidc.IDToken, *UserProvidedData, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.