Documentation
¶
Index ¶
- type OIDCAuthManager
- func (m *OIDCAuthManager) AuthCodeURL(state string) string
- func (m *OIDCAuthManager) Authenticate(ctx context.Context, token string) (auth.Principal, error)
- func (m *OIDCAuthManager) Exchange(ctx context.Context, code string) (*oauth2.Token, error)
- func (m *OIDCAuthManager) GetUserInfo(ctx context.Context, token *oauth2.Token) (*oidc.UserInfo, error)
- func (m *OIDCAuthManager) VerifyIDToken(ctx context.Context, rawIDToken string) (*oidc.IDToken, error)
- type OidcConfig
- type OidcPrincipal
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type OIDCAuthManager ¶
type OIDCAuthManager struct {
// contains filtered or unexported fields
}
OIDCAuthManager handles authentication using an OIDC provider.
func Init ¶
func Init() *OIDCAuthManager
func NewOIDCAuthManager ¶
func NewOIDCAuthManager(ctx context.Context, config OidcConfig) *OIDCAuthManager
NewOIDCAuthManager initializes and returns a new OIDCAuthManager. The provided context is used for the provider initialization. It returns an error rather than exiting the application.
func (*OIDCAuthManager) AuthCodeURL ¶
func (m *OIDCAuthManager) AuthCodeURL(state string) string
AuthCodeURL returns the URL to which users should be redirected for authentication. The state parameter is used to help mitigate CSRF attacks.
func (*OIDCAuthManager) Authenticate ¶
Authenticate verifies the token, fetches user info, and returns an OidcPrincipal. It decodes the ID token claims and, if present, extracts the roles.
func (*OIDCAuthManager) GetUserInfo ¶
func (m *OIDCAuthManager) GetUserInfo(ctx context.Context, token *oauth2.Token) (*oidc.UserInfo, error)
GetUserInfo retrieves the user information from the OIDC provider using the OAuth2 token.
func (*OIDCAuthManager) VerifyIDToken ¶
func (m *OIDCAuthManager) VerifyIDToken(ctx context.Context, rawIDToken string) (*oidc.IDToken, error)
VerifyIDToken verifies the provided raw ID token string and returns the parsed token.
type OidcConfig ¶
type OidcConfig struct {
ClientID string `mapstructure:"client_id"`
ClientSecret string `mapstructure:"client_secret"`
IssuerURL string `mapstructure:"issuer_url"`
RedirectURL string `mapstructure:"redirect_url"`
}
func LoadConfig ¶
func LoadConfig(configName string, configPaths []string) OidcConfig
type OidcPrincipal ¶
type OidcPrincipal struct {
// contains filtered or unexported fields
}
OidcPrincipal represents an authenticated user's principal.
func (*OidcPrincipal) GetClaims ¶
func (p *OidcPrincipal) GetClaims() map[string]interface{}
GetClaims returns all claims associated with the principal.
func (*OidcPrincipal) GetEmail ¶
func (p *OidcPrincipal) GetEmail() string
GetEmail returns the principal's email address.
func (*OidcPrincipal) GetID ¶
func (p *OidcPrincipal) GetID() string
GetID returns the principal's unique identifier.
func (*OidcPrincipal) GetRoles ¶
func (p *OidcPrincipal) GetRoles() []string
GetRoles returns the roles assigned to the principal.
Source Files