provider

package
v0.26.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 11, 2019 License: Apache-2.0 Imports: 35 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Config 

type Config struct {
	Config *config.Config

	IssuerIdentifier       string
	WellKnownPath          string
	JwksPath               string
	AuthorizationPath      string
	TokenPath              string
	UserInfoPath           string
	EndSessionPath         string
	CheckSessionIframePath string
	RegistrationPath       string

	BrowserStateCookiePath string
	BrowserStateCookieName string

	SessionCookiePath string
	SessionCookieName string

	AccessTokenDuration  time.Duration
	IDTokenDuration      time.Duration
	RefreshTokenDuration time.Duration
}

Config defines a Provider's configuration settings.

type Provider 

type Provider struct {
	Config *Config
	// contains filtered or unexported fields
}

Provider defines an OIDC provider with the handlers for the OIDC endpoints.

func NewProvider 

func NewProvider(c *Config) (*Provider, error)

NewProvider returns a new Provider.

func (*Provider) AuthorizeHandler 

func (p *Provider) AuthorizeHandler(rw http.ResponseWriter, req *http.Request)

AuthorizeHandler implements the HTTP authorization endpoint for OpenID Connect 1.0 as specified at http://openid.net/specs/openid-connect-core-1_0.html#ImplicitAuthorizationEndpoint

Currently AuthorizeHandler implements only the Implicit Flow as specified at http://openid.net/specs/openid-connect-core-1_0.html#ImplicitFlowAuth

func (*Provider) AuthorizeResponse 

func (p *Provider) AuthorizeResponse(rw http.ResponseWriter, req *http.Request, ar *payload.AuthenticationRequest, auth identity.AuthRecord, err error)

AuthorizeResponse writes the result according to the provided parameters to the provided http.ResponseWriter.

func (*Provider) CheckSessionIframeHandler added in v0.11.0 

func (p *Provider) CheckSessionIframeHandler(rw http.ResponseWriter, req *http.Request)

CheckSessionIframeHandler implements the HTTP endpoint for OP iframe with OpenID Connect Session Management 1.0 as specified at https://openid.net/specs/openid-connect-session-1_0.html#OPiframe

func (*Provider) EndSessionHandler added in v0.6.0 

func (p *Provider) EndSessionHandler(rw http.ResponseWriter, req *http.Request)

EndSessionHandler implements the HTTP endpoint for RP initiated logout with OpenID Connect Session Management 1.0 as specified at https://openid.net/specs/openid-connect-session-1_0.html#RPLogout

func (*Provider) ErrorPage 

func (p *Provider) ErrorPage(rw http.ResponseWriter, code int, title string, message string)

ErrorPage writes a HTML error page to the provided ResponseWriter.

func (*Provider) Found 

func (p *Provider) Found(rw http.ResponseWriter, uri *url.URL, params interface{}, asFragment bool)

Found writes a HTTP 302 to the provided ResponseWriter with the appropriate Location header creates from the other parameters.

func (*Provider) GetAccessTokenClaimsFromRequest 

func (p *Provider) GetAccessTokenClaimsFromRequest(req *http.Request) (*konnect.AccessTokenClaims, error)

GetAccessTokenClaimsFromRequest reads incoming request, validates the access token and returns the validated claims.

func (*Provider) GetSigningKey added in v0.22.0 

func (p *Provider) GetSigningKey(signingMethod jwt.SigningMethod) (*SigningKey, bool)

GetSigningKey returns a matching signing key for the provided signing method.

func (*Provider) GetValidationKey added in v0.22.0 

func (p *Provider) GetValidationKey(id string) (crypto.PublicKey, bool)

GetValidationKey returns the validation key for the provided id.

func (*Provider) InitializeMetadata added in v0.6.0 

func (p *Provider) InitializeMetadata() error

InitializeMetadata creates the accociated providers meta data document. Call this once all other settings at the provider have been done.

func (*Provider) JwksHandler 

func (p *Provider) JwksHandler(rw http.ResponseWriter, req *http.Request)

JwksHandler implements the HTTP provider JWKS endpoint for OpenID provider metadata used with OpenID Connect Discovery 1.0 as specified at https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata

func (*Provider) LoginRequiredPage added in v0.3.0 

func (p *Provider) LoginRequiredPage(rw http.ResponseWriter, req *http.Request, uri *url.URL)

LoginRequiredPage writes a HTTP 30 to the provided ResponseWrite with the URL of the provided request (set to the scheme and host of issuer) as continue parameter.

func (*Provider) MakeAccessToken added in v0.13.0 

func (p *Provider) MakeAccessToken(ctx context.Context, audience string, auth identity.AuthRecord) (string, error)

MakeAccessToken implements the oidc.AccessTokenProvider interface.

func (*Provider) PublicSubjectFromAuth added in v0.8.0 

func (p *Provider) PublicSubjectFromAuth(auth identity.AuthRecord) (string, error)

PublicSubjectFromAuth creates the provideds auth Subject value with the accociated provider. This subject can be used as URL safe value to uniquely identify the provided auth user with remote systems.

func (*Provider) RegisterManagers added in v0.13.0 

func (p *Provider) RegisterManagers(mgrs *managers.Managers) error

RegisterManagers registers the provided managers from the

func (*Provider) RegistrationHandler added in v0.21.0 

func (p *Provider) RegistrationHandler(rw http.ResponseWriter, req *http.Request)

RegistrationHandler implements the HTTP endpoint for client self registration with OpenID Connect Registration 1.0 as specified at https://openid.net/specs/openid-connect-registration-1_0.html#ClientRegistration

func (*Provider) ServeHTTP 

func (p *Provider) ServeHTTP(rw http.ResponseWriter, req *http.Request)

ServerHTTP implements the http.HandlerFunc interface.

func (*Provider) SetSigningKey 

func (p *Provider) SetSigningKey(id string, key crypto.Signer) error

SetSigningKey sets the provided signer as key for token signing with the provided id as key id. The public key of the provided signer is also added as validation key with the same key id.

func (*Provider) SetSigningMethod added in v0.22.0 

func (p *Provider) SetSigningMethod(signingMethod jwt.SigningMethod) error

SetSigningMethod sets the provided signing method as default signing method of the associated provider.

func (*Provider) SetValidationKey added in v0.3.0 

func (p *Provider) SetValidationKey(id string, key crypto.PublicKey) error

SetValidationKey sets the provider public key as validation key for token validation for tokens with the provided key.

func (*Provider) TokenHandler 

func (p *Provider) TokenHandler(rw http.ResponseWriter, req *http.Request)

TokenHandler implements the HTTP token endpoint for OpenID Connect 1.0 as specified at http://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint

func (*Provider) UserInfoHandler 

func (p *Provider) UserInfoHandler(rw http.ResponseWriter, req *http.Request)

UserInfoHandler implements the HTTP userinfo endpoint for OpenID Connect 1.0 as specified at https://openid.net/specs/openid-connect-core-1_0.html#UserInfo

func (*Provider) WellKnownHandler 

func (p *Provider) WellKnownHandler(rw http.ResponseWriter, req *http.Request)

WellKnownHandler implements the HTTP provider configuration endpoint for OpenID Connect 1.0 as specified at https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig

type SigningKey added in v0.22.0 

type SigningKey struct {
	ID            string
	PrivateKey    crypto.Signer
	SigningMethod jwt.SigningMethod
}

A SigningKey bundles a signer with meta data and a signign method.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.