The highest tagged major version is
Documentation
¶
Index ¶
- Constants
- Variables
- func MustValidate(l *logrusx.Logger, p *Provider)
- type Provider
- func (p *Provider) AccessTokenLifespan() time.Duration
- func (p *Provider) AccessTokenStrategy() string
- func (p *Provider) AdminCORS() (cors.Options, bool)
- func (p *Provider) AdminDisableHealthAccessLog() bool
- func (p *Provider) AdminListenOn() string
- func (p *Provider) AdminSocketPermission() *UnixPermission
- func (p *Provider) AllowTLSTerminationFrom() []string
- func (p *Provider) AuthCodeLifespan() time.Duration
- func (p *Provider) BCryptCost() int
- func (p *Provider) CGroupsV1AutoMaxProcsEnabled() bool
- func (p *Provider) CORS(iface string) (cors.Options, bool)
- func (p *Provider) ConsentRequestMaxAge() time.Duration
- func (p *Provider) ConsentURL() *url.URL
- func (p *Provider) CookieSameSiteLegacyWorkaround() bool
- func (p *Provider) CookieSameSiteMode() http.SameSite
- func (p *Provider) DSN() string
- func (p *Provider) DataSourcePlugin() string
- func (p *Provider) DefaultClientScope() []string
- func (p *Provider) EncryptSessionData() bool
- func (p *Provider) EnforcePKCEForPublicClients() bool
- func (p *Provider) ErrorURL() *url.URL
- func (p *Provider) GetCookieSecrets() [][]byte
- func (p *Provider) GetRotatedSystemSecrets() [][]byte
- func (p *Provider) GetSystemSecret() []byte
- func (p *Provider) GrantAllClientCredentialsScopesPerDefault() bool
- func (p *Provider) IDTokenLifespan() time.Duration
- func (p *Provider) InsecureRedirects() []string
- func (p *Provider) IsUsingJWTAsAccessTokens() bool
- func (p *Provider) IssuerURL() *url.URL
- func (p *Provider) JWKSURL() *url.URL
- func (p *Provider) LoginURL() *url.URL
- func (p *Provider) LogoutRedirectURL() *url.URL
- func (p *Provider) LogoutURL() *url.URL
- func (p *Provider) MustSet(key string, value interface{})
- func (p *Provider) OAuth2AuthURL() *url.URL
- func (p *Provider) OAuth2ClientRegistrationURL() *url.URL
- func (p *Provider) OAuth2LegacyErrors() bool
- func (p *Provider) OAuth2TokenURL() *url.URL
- func (p *Provider) OIDCDiscoverySupportedClaims() []string
- func (p *Provider) OIDCDiscoverySupportedScope() []string
- func (p *Provider) OIDCDiscoveryUserinfoEndpoint() *url.URL
- func (p *Provider) PKCEEnforced() bool
- func (p *Provider) PublicCORS() (cors.Options, bool)
- func (p *Provider) PublicDisableHealthAccessLog() bool
- func (p *Provider) PublicListenOn() string
- func (p *Provider) PublicSocketPermission() *UnixPermission
- func (p *Provider) PublicURL() *url.URL
- func (p *Provider) RefreshTokenLifespan() time.Duration
- func (p *Provider) ScopeStrategy() string
- func (p *Provider) ServesHTTPS() bool
- func (p *Provider) Set(key string, value interface{}) error
- func (p *Provider) ShareOAuth2Debug() bool
- func (p *Provider) Source() *configx.Provider
- func (p *Provider) SubjectIdentifierAlgorithmSalt() string
- func (p *Provider) SubjectTypesSupported() []string
- func (p *Provider) Tracing() *tracing.Config
- func (p *Provider) WellKnownKeys(include ...string) []string
- type UnixPermission
Constants ¶
View Source
const ( KeyWellKnownKeys = "webfinger.jwks.broadcast_keys" KeyOAuth2ClientRegistrationURL = "webfinger.oidc_discovery.client_registration_url" KeyOAuth2TokenURL = "webfinger.oidc_discovery.token_url" // #nosec G101 KeyOAuth2AuthURL = "webfinger.oidc_discovery.auth_url" KeyJWKSURL = "webfinger.oidc_discovery.jwks_url" KeyOIDCDiscoverySupportedClaims = "webfinger.oidc_discovery.supported_claims" KeyOIDCDiscoverySupportedScope = "webfinger.oidc_discovery.supported_scope" KeyOIDCDiscoveryUserinfoEndpoint = "webfinger.oidc_discovery.userinfo_url" KeySubjectTypesSupported = "oidc.subject_identifiers.supported_types" KeyDefaultClientScope = "oidc.dynamic_client_registration.default_scope" KeyDSN = "dsn" KeyBCryptCost = "oauth2.hashers.bcrypt.cost" KeyEncryptSessionData = "oauth2.session.encrypt_at_rest" KeyAdminListenOnHost = "serve.admin.host" KeyAdminListenOnPort = "serve.admin.port" KeyAdminSocketOwner = "serve.admin.socket.owner" KeyAdminSocketGroup = "serve.admin.socket.group" KeyAdminSocketMode = "serve.admin.socket.mode" KeyAdminDisableHealthAccessLog = "serve.admin.access_log.disable_for_health" KeyPublicListenOnHost = "serve.public.host" KeyPublicListenOnPort = "serve.public.port" KeyPublicSocketOwner = "serve.public.socket.owner" KeyPublicSocketGroup = "serve.public.socket.group" KeyPublicSocketMode = "serve.public.socket.mode" KeyPublicDisableHealthAccessLog = "serve.public.access_log.disable_for_health" KeyCookieSameSiteMode = "serve.cookies.same_site_mode" KeyCookieSameSiteLegacyWorkaround = "serve.cookies.same_site_legacy_workaround" KeyConsentRequestMaxAge = "ttl.login_consent_request" KeyAccessTokenLifespan = "ttl.access_token" // #nosec G101 KeyRefreshTokenLifespan = "ttl.refresh_token" // #nosec G101 KeyIDTokenLifespan = "ttl.id_token" // #nosec G101 KeyAuthCodeLifespan = "ttl.auth_code" KeyScopeStrategy = "strategies.scope" KeyGetCookieSecrets = "secrets.cookie" KeyGetSystemSecret = "secrets.system" KeyLogoutRedirectURL = "urls.post_logout_redirect" KeyLoginURL = "urls.login" KeyLogoutURL = "urls.logout" KeyConsentURL = "urls.consent" KeyErrorURL = "urls.error" KeyPublicURL = "urls.self.public" KeyIssuerURL = "urls.self.issuer" KeyAllowTLSTerminationFrom = "serve.tls.allow_termination_from" KeyAccessTokenStrategy = "strategies.access_token" KeySubjectIdentifierAlgorithmSalt = "oidc.subject_identifiers.pairwise.salt" KeyPKCEEnforced = "oauth2.pkce.enforced" KeyPKCEEnforcedForPublicClients = "oauth2.pkce.enforced_for_public_clients" KeyLogLevel = "log.level" KeyCGroupsV1AutoMaxProcsEnabled = "cgroups.v1.auto_max_procs_enabled" KeyGrantAllClientCredentialsScopesPerDefault = "oauth2.client_credentials.default_grant_allowed_scope" KeyExposeOAuth2Debug = "oauth2.expose_internal_errors" KeyOAuth2LegacyErrors = "oauth2.include_legacy_error_fields" )
View Source
const DSNMemory = "memory"
Variables ¶
View Source
var ( Version = "master" Date = "undefined" Commit = "undefined" )
Functions ¶
func MustValidate ¶
Types ¶
type Provider ¶
type Provider struct {
// contains filtered or unexported fields
}
func (*Provider) AccessTokenLifespan ¶
func (*Provider) AccessTokenStrategy ¶
func (*Provider) AdminDisableHealthAccessLog ¶
func (*Provider) AdminListenOn ¶
func (*Provider) AdminSocketPermission ¶
func (p *Provider) AdminSocketPermission() *UnixPermission
func (*Provider) AllowTLSTerminationFrom ¶
func (*Provider) AuthCodeLifespan ¶
func (*Provider) BCryptCost ¶
func (*Provider) CGroupsV1AutoMaxProcsEnabled ¶
func (*Provider) ConsentRequestMaxAge ¶
func (*Provider) ConsentURL ¶
func (*Provider) CookieSameSiteLegacyWorkaround ¶
func (*Provider) CookieSameSiteMode ¶
func (*Provider) DataSourcePlugin ¶
func (*Provider) DefaultClientScope ¶
func (*Provider) EncryptSessionData ¶
func (*Provider) EnforcePKCEForPublicClients ¶
func (*Provider) GetCookieSecrets ¶
func (*Provider) GetRotatedSystemSecrets ¶
func (*Provider) GetSystemSecret ¶
func (*Provider) GrantAllClientCredentialsScopesPerDefault ¶
func (*Provider) IDTokenLifespan ¶
func (*Provider) InsecureRedirects ¶
func (*Provider) IsUsingJWTAsAccessTokens ¶
func (*Provider) LogoutRedirectURL ¶
func (*Provider) OAuth2AuthURL ¶
func (*Provider) OAuth2ClientRegistrationURL ¶
func (*Provider) OAuth2LegacyErrors ¶
func (*Provider) OAuth2TokenURL ¶
func (*Provider) OIDCDiscoverySupportedClaims ¶
func (*Provider) OIDCDiscoverySupportedScope ¶
func (*Provider) OIDCDiscoveryUserinfoEndpoint ¶
func (*Provider) PKCEEnforced ¶
func (*Provider) PublicDisableHealthAccessLog ¶
func (*Provider) PublicListenOn ¶
func (*Provider) PublicSocketPermission ¶
func (p *Provider) PublicSocketPermission() *UnixPermission
func (*Provider) RefreshTokenLifespan ¶
func (*Provider) ScopeStrategy ¶
func (*Provider) ServesHTTPS ¶
func (*Provider) ShareOAuth2Debug ¶
func (*Provider) SubjectIdentifierAlgorithmSalt ¶
func (*Provider) SubjectTypesSupported ¶
func (*Provider) WellKnownKeys ¶
type UnixPermission ¶
func (*UnixPermission) SetPermission ¶
func (p *UnixPermission) SetPermission(file string) error
Source Files
Click to show internal directories.
Click to hide internal directories.