Versions in this module Expand all Collapse all v0 v0.1.0 Sep 3, 2015 Changes in this version + const MaximumProviderConfigSyncInterval + const MinimumProviderConfigSyncInterval + var DefaultScope = []string + func ExtractBearerToken(r *http.Request) (string, error) + func GenClientID(hostport string) (string, error) + func NewClaims(iss, sub, aud string, iat, exp time.Time) jose.Claims + func NewHTTPProviderConfigGetter(hc phttp.Client, issuerURL string) *httpProviderConfigGetter + func NewRemotePublicKeyRepo(hc phttp.Client, ep string) *remotePublicKeyRepo + func VerifyClaims(jwt jose.JWT, issuer, clientID string) error + func VerifyClientClaims(jwt jose.JWT, issuer string) (string, error) + func VerifySignature(jwt jose.JWT, keys []key.PublicKey) (bool, error) + type AuthenticatedTransport struct + func (t *AuthenticatedTransport) RoundTrip(r *http.Request) (*http.Response, error) + type Client struct + func NewClient(cfg ClientConfig) (*Client, error) + func (c *Client) ClientCredsToken(scope []string) (jose.JWT, error) + func (c *Client) ExchangeAuthCode(code string) (jose.JWT, error) + func (c *Client) Healthy() error + func (c *Client) OAuthClient() (*oauth2.Client, error) + func (c *Client) RefreshToken(refreshToken string) (jose.JWT, error) + func (c *Client) SyncProviderConfig(discoveryURL string) chan struct{} + func (c *Client) VerifyJWT(jwt jose.JWT) error + type ClientConfig struct + Credentials ClientCredentials + HTTPClient phttp.Client + KeySet key.PublicKeySet + ProviderConfig ProviderConfig + RedirectURL string + Scope []string + type ClientCredentials oauth2.ClientCredentials + type ClientCredsTokenRefresher struct + Issuer string + OIDCClient *Client + func (c *ClientCredsTokenRefresher) Refresh() (jwt jose.JWT, err error) + func (c *ClientCredsTokenRefresher) Verify(jwt jose.JWT) (err error) + type ClientIdentity struct + Credentials ClientCredentials + Metadata ClientMetadata + type ClientMetadata struct + RedirectURLs []url.URL + func (m *ClientMetadata) Valid() error + type Identity struct + Email string + ExpiresAt time.Time + ID string + Name string + func IdentityFromClaims(claims jose.Claims) (*Identity, error) + type JWTVerifier struct + func NewJWTVerifier(issuer, clientID string, syncFunc func() error, ...) JWTVerifier + func (v *JWTVerifier) Verify(jwt jose.JWT) error + type LoginFunc func(ident Identity, sessionKey string) (redirectURL string, err error) + type ProviderConfig struct + AuthEndpoint string + ExpiresAt time.Time + GrantTypesSupported []string + IDTokenAlgValuesSupported []string + Issuer string + KeysEndpoint string + ResponseTypesSupported []string + SubjectTypesSupported []string + TokenEndpoint string + TokenEndpointAuthMethodsSupported []string + func FetchProviderConfig(hc phttp.Client, issuerURL string) (ProviderConfig, error) + func WaitForProviderConfig(hc phttp.Client, issuerURL string) (pcfg ProviderConfig) + func (p ProviderConfig) Empty() bool + func (p ProviderConfig) SupportsGrantType(grantType string) bool + type ProviderConfigGetter interface + Get func() (ProviderConfig, error) + type ProviderConfigSetter interface + Set func(ProviderConfig) error + type ProviderConfigSyncer struct + func NewProviderConfigSyncer(from ProviderConfigGetter, to ProviderConfigSetter) *ProviderConfigSyncer + func (s *ProviderConfigSyncer) Run() chan struct{} + type RequestTokenExtractor func(r *http.Request) (string, error) + func CookieTokenExtractor(cookieName string) RequestTokenExtractor + type TokenRefresher interface + Refresh func() (jose.JWT, error) + Verify func(jose.JWT) error