sdk

package module

v0.0.1 Latest Latest Go to latest Published: Dec 18, 2020 License: Apache-2.0 Imports: 12 Imported by: 4

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/pomerium/sdk-go

Links

Open Source Insights

README ¶

Pomerium's Go (Golang) SDK

TL;DR

See /_example/ for usage and example webapp.

todo(bdd): live demo version behind both pomerium and not behind.

Documentation ¶

Index ¶

type Attestation
- func New(ctx context.Context, o *Options) (*Attestation, error)
- func (a *Attestation) Verify(ctx context.Context, rawJWT string) (*Identity, error)
- func (a *Attestation) VerifyRequest(r *http.Request) (*Identity, error)
type Identity
type JSONWebKeyStore
type Options

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Attestation ¶

type Attestation struct {
	StaticJSONWebKey *jose.JSONWebKey
	// contains filtered or unexported fields
}

Attestation is r

func New ¶

func New(ctx context.Context, o *Options) (*Attestation, error)

New creates a new Attestation.

func (*Attestation) Verify ¶

func (a *Attestation) Verify(ctx context.Context, rawJWT string) (*Identity, error)

VerifyRequest takes a raw pomerium JWT and returns a verified identity, if valid.

func (*Attestation) VerifyRequest ¶

func (a *Attestation) VerifyRequest(r *http.Request) (*Identity, error)

VerifyRequest takes a http request and returns a verified identity, if valid.

type Identity ¶

type Identity struct {
	jwt.Claims          // standard JWT claims
	Groups     []string `json:"groups,omitempty"`
	User       string   `json:"user,omitempty"`
	Email      string   `json:"email,omitempty"`
	RawJWT     string   `json:"raw_jwt,omitempty"`
	PublicKey  string   `json:"public_key,omitempty"`
}

Identity is a pomerium attested identity.

type JSONWebKeyStore ¶

type JSONWebKeyStore interface {
	Get(key interface{}) (value interface{}, ok bool)
	Add(key, value interface{})
}

JSONWebKeyStore is the interface to support storing multiple web keys for more than one authenticate services.

type Options ¶

type Options struct {
	// 	AttestationHeader is the attestation header to look for the attestation JWT.
	AttestationHeader string
	// 	AttestationQueryParam is the query param to look for the attestation JWT.
	AttestationQueryParam string
	// MaxBodySize is the max size to read from the JWKS endpoint.
	MaxBodySize int64
	// JWKSEndpoint is the static JWKS endpoint to use to verify the attestation JWTs.
	// This setting is mutually exclusive with Datastore.
	JWKSEndpoint string
	// Datastore is the datastore system which implements JSONWebKeyStore that can be used to ad-hoc
	// grab the JSON Web Token. Useful when supporting multiple endpoints, but effectively
	// means verification is TOFU (trust on first use).
	// This setting is mutually exclusive with JWKSEndpoint.
	Datastore JSONWebKeyStore
	// HTTPClient is a custom http client which you provide.
	HTTPClient *http.Client
	// Logger is a custom logger which you provide.
	Logger *log.Logger
}

Options are the configurations for Pomerium's attestation.

Source Files ¶

View all Source files

sdk.go

Directories ¶

Path	Synopsis
_example
verify
verify/statik

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL