oidcprepareauthentication

package
v8.18.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 17, 2025 License: Apache-2.0 Imports: 12 Imported by: 4

Documentation

Overview

Prepare OpenID connect authentication.

Create an oAuth 2.0 authentication request as a URL string based on the configuration of the OpenID Connect authentication realm in Elasticsearch.

The response of this API is a URL pointing to the Authorization Endpoint of the configured OpenID Connect Provider, which can be used to redirect the browser of the user in order to continue the authentication process.

Elasticsearch exposes all the necessary OpenID Connect related functionality with the OpenID Connect APIs. These APIs are used internally by Kibana in order to provide OpenID Connect based authentication, but can also be used by other, custom web applications or other clients.

Index

Constants

This section is empty.

Variables

View Source 
var ErrBuildPath = errors.New("cannot build path, check for missing path parameters")

ErrBuildPath is returned in case of missing parameters within the build of the request.

Functions

This section is empty.

Types

type NewOidcPrepareAuthentication 

type NewOidcPrepareAuthentication func() *OidcPrepareAuthentication

NewOidcPrepareAuthentication type alias for index.

func NewOidcPrepareAuthenticationFunc 

func NewOidcPrepareAuthenticationFunc(tp elastictransport.Interface) NewOidcPrepareAuthentication

NewOidcPrepareAuthenticationFunc returns a new instance of OidcPrepareAuthentication with the provided transport. Used in the index of the library this allows to retrieve every apis in once place.

type OidcPrepareAuthentication 

type OidcPrepareAuthentication struct {
	// contains filtered or unexported fields
}

func New 

func New(tp elastictransport.Interface) *OidcPrepareAuthentication

Prepare OpenID connect authentication.

Create an oAuth 2.0 authentication request as a URL string based on the configuration of the OpenID Connect authentication realm in Elasticsearch.

The response of this API is a URL pointing to the Authorization Endpoint of the configured OpenID Connect Provider, which can be used to redirect the browser of the user in order to continue the authentication process.

Elasticsearch exposes all the necessary OpenID Connect related functionality with the OpenID Connect APIs. These APIs are used internally by Kibana in order to provide OpenID Connect based authentication, but can also be used by other, custom web applications or other clients.

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-oidc-prepare-authentication.html

func (OidcPrepareAuthentication) Do 

func (r OidcPrepareAuthentication) Do(providedCtx context.Context) (*Response, error)

Do runs the request through the transport, handle the response and returns a oidcprepareauthentication.Response

func (*OidcPrepareAuthentication) ErrorTrace added in v8.18.0 

func (r *OidcPrepareAuthentication) ErrorTrace(errortrace bool) *OidcPrepareAuthentication

ErrorTrace When set to `true` Elasticsearch will include the full stack trace of errors when they occur. API name: error_trace

func (*OidcPrepareAuthentication) FilterPath added in v8.18.0 

func (r *OidcPrepareAuthentication) FilterPath(filterpaths ...string) *OidcPrepareAuthentication

FilterPath Comma-separated list of filters in dot notation which reduce the response returned by Elasticsearch. API name: filter_path

func (*OidcPrepareAuthentication) Header 

func (r *OidcPrepareAuthentication) Header(key, value string) *OidcPrepareAuthentication

Header set a key, value pair in the OidcPrepareAuthentication headers map.

func (*OidcPrepareAuthentication) HttpRequest 

func (r *OidcPrepareAuthentication) HttpRequest(ctx context.Context) (*http.Request, error)

HttpRequest returns the http.Request object built from the given parameters.

func (*OidcPrepareAuthentication) Human added in v8.18.0 

func (r *OidcPrepareAuthentication) Human(human bool) *OidcPrepareAuthentication

Human When set to `true` will return statistics in a format suitable for humans. For example `"exists_time": "1h"` for humans and `"eixsts_time_in_millis": 3600000` for computers. When disabled the human readable values will be omitted. This makes sense for responses being consumed only by machines. API name: human

func (*OidcPrepareAuthentication) Iss added in v8.18.0 

func (r *OidcPrepareAuthentication) Iss(iss string) *OidcPrepareAuthentication

In the case of a third party initiated single sign on, this is the issuer identifier for the OP that the RP is to send the authentication request to. It cannot be specified when *realm* is specified. One of *realm* or *iss* is required. API name: iss

func (*OidcPrepareAuthentication) LoginHint added in v8.18.0 

func (r *OidcPrepareAuthentication) LoginHint(loginhint string) *OidcPrepareAuthentication

In the case of a third party initiated single sign on, it is a string value that is included in the authentication request as the *login_hint* parameter. This parameter is not valid when *realm* is specified. API name: login_hint

func (*OidcPrepareAuthentication) Nonce added in v8.18.0 

func (r *OidcPrepareAuthentication) Nonce(nonce string) *OidcPrepareAuthentication

The value used to associate a client session with an ID token and to mitigate replay attacks. If the caller of the API does not provide a value, Elasticsearch will generate one with sufficient entropy and return it in the response. API name: nonce

func (OidcPrepareAuthentication) Perform added in v8.7.0 

func (r OidcPrepareAuthentication) Perform(providedCtx context.Context) (*http.Response, error)

Perform runs the http.Request through the provided transport and returns an http.Response.

func (*OidcPrepareAuthentication) Pretty added in v8.18.0 

func (r *OidcPrepareAuthentication) Pretty(pretty bool) *OidcPrepareAuthentication

Pretty If set to `true` the returned JSON will be "pretty-formatted". Only use this option for debugging only. API name: pretty

func (*OidcPrepareAuthentication) Raw added in v8.18.0 

func (r *OidcPrepareAuthentication) Raw(raw io.Reader) *OidcPrepareAuthentication

Raw takes a json payload as input which is then passed to the http.Request If specified Raw takes precedence on Request method.

func (*OidcPrepareAuthentication) Realm added in v8.18.0 

func (r *OidcPrepareAuthentication) Realm(realm string) *OidcPrepareAuthentication

The name of the OpenID Connect realm in Elasticsearch the configuration of which should be used in order to generate the authentication request. It cannot be specified when *iss* is specified. One of *realm* or *iss* is required. API name: realm

func (*OidcPrepareAuthentication) Request added in v8.18.0 

func (r *OidcPrepareAuthentication) Request(req *Request) *OidcPrepareAuthentication

Request allows to set the request property with the appropriate payload.

func (*OidcPrepareAuthentication) State added in v8.18.0 

func (r *OidcPrepareAuthentication) State(state string) *OidcPrepareAuthentication

The value used to maintain state between the authentication request and the response, typically used as a Cross-Site Request Forgery mitigation. If the caller of the API does not provide a value, Elasticsearch will generate one with sufficient entropy and return it in the response. API name: state

type Request added in v8.18.0 

type Request struct {

	// Iss In the case of a third party initiated single sign on, this is the issuer
	// identifier for the OP that the RP is to send the authentication request to.
	// It cannot be specified when *realm* is specified.
	// One of *realm* or *iss* is required.
	Iss *string `json:"iss,omitempty"`
	// LoginHint In the case of a third party initiated single sign on, it is a string value
	// that is included in the authentication request as the *login_hint* parameter.
	// This parameter is not valid when *realm* is specified.
	LoginHint *string `json:"login_hint,omitempty"`
	// Nonce The value used to associate a client session with an ID token and to mitigate
	// replay attacks.
	// If the caller of the API does not provide a value, Elasticsearch will
	// generate one with sufficient entropy and return it in the response.
	Nonce *string `json:"nonce,omitempty"`
	// Realm The name of the OpenID Connect realm in Elasticsearch the configuration of
	// which should be used in order to generate the authentication request.
	// It cannot be specified when *iss* is specified.
	// One of *realm* or *iss* is required.
	Realm *string `json:"realm,omitempty"`
	// State The value used to maintain state between the authentication request and the
	// response, typically used as a Cross-Site Request Forgery mitigation.
	// If the caller of the API does not provide a value, Elasticsearch will
	// generate one with sufficient entropy and return it in the response.
	State *string `json:"state,omitempty"`
}

Request holds the request body struct for the package oidcprepareauthentication

https://github.com/elastic/elasticsearch-specification/blob/f6a370d0fba975752c644fc730f7c45610e28f36/specification/security/oidc_prepare_authentication/Request.ts#L22-L71

func NewRequest added in v8.18.0 

func NewRequest() *Request

NewRequest returns a Request

func (*Request) FromJSON added in v8.18.0 

func (r *Request) FromJSON(data string) (*Request, error)

FromJSON allows to load an arbitrary json into the request structure

type Response added in v8.18.0 

type Response struct {
	Nonce string `json:"nonce"`
	Realm string `json:"realm"`
	// Redirect A URI that points to the authorization endpoint of the OpenID Connect
	// Provider with all the parameters of the authentication request as HTTP GET
	// parameters.
	Redirect string `json:"redirect"`
	State    string `json:"state"`
}

Response holds the response body struct for the package oidcprepareauthentication

https://github.com/elastic/elasticsearch-specification/blob/f6a370d0fba975752c644fc730f7c45610e28f36/specification/security/oidc_prepare_authentication/Response.ts#L20-L30

func NewResponse added in v8.18.0 

func NewResponse() *Response

NewResponse returns a Response

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.