Documentation
¶
Index ¶
- Constants
- Variables
- type AdminServer
- type InvitationHandler
- type JWTVerifierFactory
- type Link
- type MultiServerConfig
- type OIDCServer
- type ResetPasswordHandler
- type SendResetPasswordEmailHandler
- type Server
- func (s *Server) AddConnector(cfg connector.ConnectorConfig) error
- func (s *Server) Client(clientID string) (client.Client, error)
- func (s *Server) ClientCredsToken(creds oidc.ClientCredentials) (*jose.JWT, time.Time, error)
- func (s *Server) CodeToken(creds oidc.ClientCredentials, sessionKey string) (*jose.JWT, string, time.Time, error)
- func (s *Server) CrossClientAuthAllowed(requestingClientID, authorizingClientID string) (bool, error)
- func (s *Server) HTTPHandler() http.Handler
- func (s *Server) JWTVerifierFactory() JWTVerifierFactory
- func (s *Server) KillSession(sessionKey string) error
- func (s *Server) Login(ident oidc.Identity, key string) (string, error)
- func (s *Server) NewClientTokenAuthHandler(handler http.Handler) http.Handler
- func (s *Server) NewSession(ipdcID, clientID, clientState string, redirectURL url.URL, nonce string, ...) (string, error)
- func (s *Server) ProviderConfig() oidc.ProviderConfig
- func (s *Server) RefreshToken(creds oidc.ClientCredentials, scopes scope.Scopes, token string) (*jose.JWT, string, time.Time, error)
- func (s *Server) Run() chan struct{}
- type ServerConfig
- type SingleServerConfig
- type StateConfigurer
- type Template
- type UserMgmtServer
Constants ¶
View Source
const ( AdminAPIVersion = "v1" AdminAPISecretLength = 128 )
View Source
const ( LoginPageTemplateName = "login.html" RegisterTemplateName = "register.html" VerifyEmailTemplateName = "verify-email.html" SendResetPasswordEmailTemplateName = "send-reset-password.html" ResetPasswordTemplateName = "reset-password.html" OOBTemplateName = "oob-template.html" APIVersion = "v1" )
Variables ¶
View Source
var ( AdminGetEndpoint = addBasePath("/admin/:id") AdminCreateEndpoint = addBasePath("/admin") AdminGetStateEndpoint = addBasePath("/state") AdminCreateClientEndpoint = addBasePath("/client") AdminConnectorsEndpoint = addBasePath("/connectors") )
View Source
var ( UsersSubTree = "/users" UsersListEndpoint = addBasePath(UsersSubTree) UsersCreateEndpoint = addBasePath(UsersSubTree) UsersGetEndpoint = addBasePath(UsersSubTree + "/:id") UsersDisableEndpoint = addBasePath(UsersSubTree + "/:id/disable") UsersResendInvitationEndpoint = addBasePath(UsersSubTree + "/:id/resend-invitation") AccountSubTree = "/account" AccountListRefreshTokens = addBasePath(AccountSubTree + "/:userid/refresh") AccountRevokeRefreshToken = addBasePath(AccountSubTree + "/:userid/refresh/:clientid") )
Functions ¶
This section is empty.
Types ¶
type AdminServer ¶
type AdminServer struct {
// contains filtered or unexported fields
}
AdminServer serves the admin API.
func NewAdminServer ¶
func NewAdminServer(adminAPI *admin.AdminAPI, rotator *key.PrivateKeyRotator, secret string) *AdminServer
func (*AdminServer) HTTPHandler ¶
func (s *AdminServer) HTTPHandler() http.Handler
type InvitationHandler ¶ added in v0.2.0
type InvitationHandler struct {
// contains filtered or unexported fields
}
func (*InvitationHandler) ServeHTTP ¶ added in v0.2.0
func (h *InvitationHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type JWTVerifierFactory ¶
type JWTVerifierFactory func(clientID string) oidc.JWTVerifier
type MultiServerConfig ¶
func (*MultiServerConfig) Configure ¶
func (cfg *MultiServerConfig) Configure(srv *Server) error
type OIDCServer ¶
type OIDCServer interface {
Client(string) (client.Client, error)
NewSession(connectorID, clientID, clientState string, redirectURL url.URL, nonce string, register bool, scope []string) (string, error)
Login(oidc.Identity, string) (string, error)
// CodeToken exchanges a code for an ID token and a refresh token string on success.
CodeToken(creds oidc.ClientCredentials, sessionKey string) (*jose.JWT, string, time.Time, error)
ClientCredsToken(creds oidc.ClientCredentials) (*jose.JWT, time.Time, error)
// RefreshToken takes a previously generated refresh token and returns a new ID token and new refresh token
// if the token is valid.
RefreshToken(creds oidc.ClientCredentials, scopes scope.Scopes, token string) (*jose.JWT, string, time.Time, error)
KillSession(string) error
CrossClientAuthAllowed(requestingClientID, authorizingClientID string) (bool, error)
}
type ResetPasswordHandler ¶
type ResetPasswordHandler struct {
// contains filtered or unexported fields
}
func (*ResetPasswordHandler) ServeHTTP ¶
func (h *ResetPasswordHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type SendResetPasswordEmailHandler ¶
type SendResetPasswordEmailHandler struct {
// contains filtered or unexported fields
}
func (*SendResetPasswordEmailHandler) ServeHTTP ¶
func (h *SendResetPasswordEmailHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type Server ¶
type Server struct {
IssuerURL url.URL
Templates *template.Template
LoginTemplate *template.Template
RegisterTemplate *template.Template
VerifyEmailTemplate *template.Template
SendResetPasswordEmailTemplate *template.Template
ResetPasswordTemplate *template.Template
OOBTemplate *template.Template
HealthChecks []health.Checkable
// TODO(ericchiang): Make this a map of ID to connector.
Connectors []connector.Connector
ClientRepo client.ClientRepo
ConnectorConfigRepo connector.ConnectorConfigRepo
KeySetRepo key.PrivateKeySetRepo
RefreshTokenRepo refresh.RefreshTokenRepo
UserRepo user.UserRepo
PasswordInfoRepo user.PasswordInfoRepo
ClientManager *clientmanager.ClientManager
KeyManager key.PrivateKeyManager
SessionManager *sessionmanager.SessionManager
UserManager *usermanager.UserManager
UserEmailer *useremail.UserEmailer
EnableRegistration bool
EnableClientRegistration bool
EnableClientCredentialAccess bool
RegisterOnFirstLogin bool
// contains filtered or unexported fields
}
func (*Server) AddConnector ¶
func (s *Server) AddConnector(cfg connector.ConnectorConfig) error
func (*Server) ClientCredsToken ¶
func (*Server) CrossClientAuthAllowed ¶ added in v0.5.0
func (*Server) HTTPHandler ¶
func (*Server) JWTVerifierFactory ¶
func (s *Server) JWTVerifierFactory() JWTVerifierFactory
func (*Server) KillSession ¶
func (*Server) NewClientTokenAuthHandler ¶
NewClientTokenAuthHandler returns the given handler wrapped in middleware which requires a Client Bearer token.
func (*Server) NewSession ¶
func (*Server) ProviderConfig ¶
func (s *Server) ProviderConfig() oidc.ProviderConfig
func (*Server) RefreshToken ¶
type ServerConfig ¶
type ServerConfig struct {
IssuerURL string
IssuerName string
IssuerLogoURL string
TemplateDir string
EmailTemplateDirs []string
EmailFromAddress string
EmailerConfigFile string
StateConfig StateConfigurer
EnableRegistration bool
EnableClientRegistration bool
EnableClientCredentialAccess bool
RegisterOnFirstLogin bool
}
func (*ServerConfig) Server ¶
func (cfg *ServerConfig) Server() (*Server, error)
type SingleServerConfig ¶
func (*SingleServerConfig) Configure ¶
func (cfg *SingleServerConfig) Configure(srv *Server) error
type StateConfigurer ¶
type UserMgmtServer ¶
type UserMgmtServer struct {
// contains filtered or unexported fields
}
func NewUserMgmtServer ¶
func NewUserMgmtServer(userMgmtAPI *api.UsersAPI, jwtvFactory JWTVerifierFactory, um *usermanager.UserManager, cm *clientmanager.ClientManager, allowClientCredsAuth bool) *UserMgmtServer
func (*UserMgmtServer) HTTPHandler ¶
func (s *UserMgmtServer) HTTPHandler() http.Handler
Source Files
Click to show internal directories.
Click to hide internal directories.