Documentation ¶
Index ¶
- type AuthCosigner
- func (c *AuthCosigner) InitAuth(pkt *pktoken.PKToken, sig []byte) (string, error)
- func (c *AuthCosigner) IssueSignature(pkt *pktoken.PKToken, authState AuthState, authID string) ([]byte, error)
- func (c *AuthCosigner) NewAuthcode(authID string) (string, error)
- func (c *AuthCosigner) RedeemAuthcode(sig []byte) ([]byte, error)
- type AuthIDIssuer
- type AuthState
- type AuthStateStore
- type Cosigner
- type CosignerVerifierOpts
- type DefaultCosignerVerifier
- type UserKey
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthCosigner ¶
type AuthCosigner struct { Cosigner Issuer string KeyID string AuthStateStore AuthStateStore }
func New ¶
func New(signer crypto.Signer, alg jwa.SignatureAlgorithm, issuer, keyID string, store AuthStateStore) (*AuthCosigner, error)
func (*AuthCosigner) IssueSignature ¶
func (*AuthCosigner) NewAuthcode ¶
func (c *AuthCosigner) NewAuthcode(authID string) (string, error)
func (*AuthCosigner) RedeemAuthcode ¶
func (c *AuthCosigner) RedeemAuthcode(sig []byte) ([]byte, error)
type AuthIDIssuer ¶
type AuthIDIssuer struct {
// contains filtered or unexported fields
}
func NewAuthIDIssuer ¶
func NewAuthIDIssuer(hmacKey []byte) *AuthIDIssuer
func (*AuthIDIssuer) CreateAuthID ¶
func (i *AuthIDIssuer) CreateAuthID(timeNow uint64) (string, error)
type AuthState ¶
type AuthState struct { Pkt *pktoken.PKToken Issuer string // ID Token issuer (iss) Aud string // ID Token audience (aud) Sub string // ID Token subject ID (sub) Username string // ID Token email or username DisplayName string // ID Token display name (or username if none given) RedirectURI string // Redirect URI Nonce string // Nonce supplied by user AuthcodeIssued bool // Has an authcode been issued for this auth session AuthcodeRedeemed bool // Was the pkt cosigned }
func NewAuthState ¶
type AuthStateStore ¶
type AuthStateStore interface { CreateNewAuthSession(pkt *pktoken.PKToken, ruri string, nonce string) (authID string, err error) LookupAuthState(authID string) (*AuthState, bool) UpdateAuthState(authID string, authState AuthState) error CreateAuthcode(authID string) (authcode string, err error) RedeemAuthcode(authcode string) (authState AuthState, authID string, err error) }
type CosignerVerifierOpts ¶
type CosignerVerifierOpts struct { // Strict specifies whether or not a pk token MUST contain a signature by this cosigner. // Defaults to true. Strict *bool // Allows users to set custom function for discovering public key of Cosigner DiscoverPublicKey *discover.PublicKeyFinder }
type DefaultCosignerVerifier ¶
type DefaultCosignerVerifier struct {
// contains filtered or unexported fields
}
func NewCosignerVerifier ¶
func NewCosignerVerifier(issuer string, options CosignerVerifierOpts) *DefaultCosignerVerifier
func (*DefaultCosignerVerifier) Issuer ¶
func (v *DefaultCosignerVerifier) Issuer() string
func (*DefaultCosignerVerifier) Strict ¶
func (v *DefaultCosignerVerifier) Strict() bool
func (*DefaultCosignerVerifier) VerifyCosigner ¶
Source Files ¶
Click to show internal directories.
Click to hide internal directories.