rfc7523

package

v0.46.1 Latest Latest Go to latest Published: Feb 15, 2024 License: Apache-2.0 Imports: 8 Imported by: 9

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/ory/fosite

Links

Open Source Insights

Documentation ¶

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Handler ¶

type Handler struct {
	Storage RFC7523KeyStorage

	Config interface {
		fosite.AccessTokenLifespanProvider
		fosite.TokenURLProvider
		fosite.GrantTypeJWTBearerCanSkipClientAuthProvider
		fosite.GrantTypeJWTBearerIDOptionalProvider
		fosite.GrantTypeJWTBearerIssuedDateOptionalProvider
		fosite.GetJWTMaxDurationProvider
		fosite.AudienceStrategyProvider
		fosite.ScopeStrategyProvider
	}

	*oauth2.HandleHelper
}

func (*Handler) CanHandleTokenEndpointRequest ¶

func (c *Handler) CanHandleTokenEndpointRequest(ctx context.Context, requester fosite.AccessRequester) bool

func (*Handler) CanSkipClientAuth ¶

func (c *Handler) CanSkipClientAuth(ctx context.Context, requester fosite.AccessRequester) bool

func (*Handler) CheckRequest ¶

func (c *Handler) CheckRequest(ctx context.Context, request fosite.AccessRequester) error

func (*Handler) HandleTokenEndpointRequest ¶

func (c *Handler) HandleTokenEndpointRequest(ctx context.Context, request fosite.AccessRequester) error

HandleTokenEndpointRequest implements https://tools.ietf.org/html/rfc6749#section-4.1.3 (everything) and https://tools.ietf.org/html/rfc7523#section-2.1 (everything)

func (*Handler) PopulateTokenEndpointResponse ¶

func (c *Handler) PopulateTokenEndpointResponse(ctx context.Context, request fosite.AccessRequester, response fosite.AccessResponder) error

type RFC7523KeyStorage ¶

type RFC7523KeyStorage interface {
	// GetPublicKey returns public key, issued by 'issuer', and assigned for subject. Public key is used to check
	// signature of jwt assertion in authorization grants.
	GetPublicKey(ctx context.Context, issuer string, subject string, keyId string) (*jose.JSONWebKey, error)

	// GetPublicKeys returns public key, set issued by 'issuer', and assigned for subject.
	GetPublicKeys(ctx context.Context, issuer string, subject string) (*jose.JSONWebKeySet, error)

	// GetPublicKeyScopes returns assigned scope for assertion, identified by public key, issued by 'issuer'.
	GetPublicKeyScopes(ctx context.Context, issuer string, subject string, keyId string) ([]string, error)

	// IsJWTUsed returns true, if JWT is not known yet or it can not be considered valid, because it must be already
	// expired.
	IsJWTUsed(ctx context.Context, jti string) (bool, error)

	// MarkJWTUsedForTime marks JWT as used for a time passed in exp parameter. This helps ensure that JWTs are not
	// replayed by maintaining the set of used "jti" values for the length of time for which the JWT would be
	// considered valid based on the applicable "exp" instant. (https://tools.ietf.org/html/rfc7523#section-3)
	MarkJWTUsedForTime(ctx context.Context, jti string, exp time.Time) error
}

RFC7523KeyStorage holds information needed to validate jwt assertion in authorization grants.

type Session ¶

type Session interface {
	// SetSubject sets the session's subject.
	SetSubject(subject string)
}

Session must be implemented by the session if RFC7523 is to be supported.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL