Documentation
¶
Index ¶
- func GetGroups(ctx context.Context) ([]string, bool)
- func GetSubject(ctx context.Context) (string, bool)
- func GetTenant(ctx context.Context) (string, bool)
- func NewMTLS(configs []MTLSConfig) map[string]Middleware
- func NewOIDC(logger log.Logger, prefix string, configs []TenantOIDCConfig) (http.Handler, map[string]Middleware, []error)
- func WithTenant(next http.Handler) http.Handler
- type MTLSConfig
- type Middleware
- type OIDCConfig
- type OIDCProvider
- type TenantOIDCConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetSubject ¶
GetSubject extracts the subject from provided context.
func NewMTLS ¶
func NewMTLS(configs []MTLSConfig) map[string]Middleware
NewMTLS creates a set of Middlewares for all specified tenants.
func NewOIDC ¶
func NewOIDC(logger log.Logger, prefix string, configs []TenantOIDCConfig) (http.Handler, map[string]Middleware, []error)
NewOIDC creates a single http.Handler and a set of Middlewares for all tenants that is able to authenticate requests and provide the authorization code grant flow for users.
Types ¶
type MTLSConfig ¶
type MTLSConfig struct {
Tenant string
CAs []*x509.Certificate
}
MTLSConfig represents the mTLS configuration for a single tenant.
type Middleware ¶
Middleware is a convenience type for functions that wrap http.Handlers.
func WithTenantHeader ¶
func WithTenantHeader(header string, tenantIDs map[string]string) Middleware
WithTenantHeader returns a new middleware that adds the ID of the tenant to the specified header.
func WithTenantMiddlewares ¶
func WithTenantMiddlewares(middlewareSets ...map[string]Middleware) Middleware
WithTenantMiddlewares creates a single Middleware for all provided tenant-middleware sets.
type OIDCConfig ¶
type OIDCConfig struct {
IssuerCA *x509.Certificate
IssuerURL string
ClientID string
ClientSecret string
GroupClaim string
RedirectURL string
UsernameClaim string
}
OIDCConfig represents a generic OIDC configuration.
type OIDCProvider ¶
type OIDCProvider struct {
// contains filtered or unexported fields
}
OIDCProvider wraps the oidc.Provider in an opinionated way to create login and callback handlers as well as HTTP middlewares to authenticate requests against the provider.
func NewProvider ¶
func NewProvider(ctx context.Context, logger log.Logger, cookieName, redirectURL string, config OIDCConfig) (*OIDCProvider, error)
NewProvider creates a new OIDCProvider.
func (*OIDCProvider) CallbackHandler ¶
func (p *OIDCProvider) CallbackHandler() http.Handler
CallbackHandler returns a http.Handler, that is meant to be redirected to after the provider has authenticated the user.
func (*OIDCProvider) LoginHandler ¶
func (p *OIDCProvider) LoginHandler() http.Handler
LoginHandler returns a http.Handler, that starts the OIDC flow.
func (*OIDCProvider) Middleware ¶
func (p *OIDCProvider) Middleware() Middleware
Middleware creates an HTTP middleware, that can be used to wrap a http.Handler to authenticate requests for it.
func (*OIDCProvider) OIDCProvider ¶
func (p *OIDCProvider) OIDCProvider() *oidc.Provider
OIDCProvider returns the internal oidc.Provider, this can be used to for example access the UserInfo function of the provider.
type TenantOIDCConfig ¶
type TenantOIDCConfig struct {
Tenant string
OIDCConfig
}
TenantOIDCConfig represents the OIDC configuration for a single tenant.
Source Files