Documentation
¶
Index ¶
- type AzureProvider
- type FacebookProvider
- type GitHubProvider
- type GitLabProvider
- type GoogleProvider
- func (p *GoogleProvider) Redeem(redirectURL, code string) (s *SessionState, err error)
- func (p *GoogleProvider) RefreshSessionIfNeeded(s *SessionState) (bool, error)
- func (p *GoogleProvider) SetGroupRestriction(groups []string, adminEmail string, credentialsReader io.Reader)
- func (p *GoogleProvider) ValidateGroup(email string) bool
- type LinkedInProvider
- type OIDCProvider
- type Provider
- type ProviderData
- func (p *ProviderData) CookieForSession(s *SessionState, c *cookie.Cipher) (string, error)
- func (p *ProviderData) Data() *ProviderData
- func (p *ProviderData) GetEmailAddress(s *SessionState) (string, error)
- func (p *ProviderData) GetLoginURL(redirectURI, state string) string
- func (p *ProviderData) GetUserName(s *SessionState) (string, error)
- func (p *ProviderData) Redeem(redirectURL, code string) (s *SessionState, err error)
- func (p *ProviderData) RefreshSessionIfNeeded(s *SessionState) (bool, error)
- func (p *ProviderData) SessionFromCookie(v string, c *cookie.Cipher) (s *SessionState, err error)
- func (p *ProviderData) ValidateGroup(email string) bool
- func (p *ProviderData) ValidateSessionState(s *SessionState) bool
- type SessionState
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AzureProvider ¶
type AzureProvider struct {
*ProviderData
Tenant string
}
func NewAzureProvider ¶
func NewAzureProvider(p *ProviderData) *AzureProvider
func (*AzureProvider) Configure ¶
func (p *AzureProvider) Configure(tenant string)
func (*AzureProvider) GetEmailAddress ¶
func (p *AzureProvider) GetEmailAddress(s *SessionState) (string, error)
type FacebookProvider ¶
type FacebookProvider struct {
*ProviderData
}
func NewFacebookProvider ¶
func NewFacebookProvider(p *ProviderData) *FacebookProvider
func (*FacebookProvider) GetEmailAddress ¶
func (p *FacebookProvider) GetEmailAddress(s *SessionState) (string, error)
func (*FacebookProvider) ValidateSessionState ¶
func (p *FacebookProvider) ValidateSessionState(s *SessionState) bool
type GitHubProvider ¶
type GitHubProvider struct {
*ProviderData
Org string
Team string
}
func NewGitHubProvider ¶
func NewGitHubProvider(p *ProviderData) *GitHubProvider
func (*GitHubProvider) GetEmailAddress ¶
func (p *GitHubProvider) GetEmailAddress(s *SessionState) (string, error)
func (*GitHubProvider) GetUserName ¶
func (p *GitHubProvider) GetUserName(s *SessionState) (string, error)
func (*GitHubProvider) SetOrgTeam ¶
func (p *GitHubProvider) SetOrgTeam(org, team string)
type GitLabProvider ¶
type GitLabProvider struct {
*ProviderData
}
func NewGitLabProvider ¶
func NewGitLabProvider(p *ProviderData) *GitLabProvider
func (*GitLabProvider) GetEmailAddress ¶
func (p *GitLabProvider) GetEmailAddress(s *SessionState) (string, error)
type GoogleProvider ¶
type GoogleProvider struct {
*ProviderData
RedeemRefreshURL *url.URL
// GroupValidator is a function that determines if the passed email is in
// the configured Google group.
GroupValidator func(string) bool
}
func NewGoogleProvider ¶
func NewGoogleProvider(p *ProviderData) *GoogleProvider
func (*GoogleProvider) Redeem ¶
func (p *GoogleProvider) Redeem(redirectURL, code string) (s *SessionState, err error)
func (*GoogleProvider) RefreshSessionIfNeeded ¶
func (p *GoogleProvider) RefreshSessionIfNeeded(s *SessionState) (bool, error)
func (*GoogleProvider) SetGroupRestriction ¶
func (p *GoogleProvider) SetGroupRestriction(groups []string, adminEmail string, credentialsReader io.Reader)
SetGroupRestriction configures the GoogleProvider to restrict access to the specified group(s). AdminEmail has to be an administrative email on the domain that is checked. CredentialsFile is the path to a json file containing a Google service account credentials.
func (*GoogleProvider) ValidateGroup ¶
func (p *GoogleProvider) ValidateGroup(email string) bool
ValidateGroup validates that the provided email exists in the configured Google group(s).
type LinkedInProvider ¶
type LinkedInProvider struct {
*ProviderData
}
func NewLinkedInProvider ¶
func NewLinkedInProvider(p *ProviderData) *LinkedInProvider
func (*LinkedInProvider) GetEmailAddress ¶
func (p *LinkedInProvider) GetEmailAddress(s *SessionState) (string, error)
func (*LinkedInProvider) ValidateSessionState ¶
func (p *LinkedInProvider) ValidateSessionState(s *SessionState) bool
type OIDCProvider ¶
type OIDCProvider struct {
*ProviderData
Verifier *oidc.IDTokenVerifier
}
func NewOIDCProvider ¶
func NewOIDCProvider(p *ProviderData) *OIDCProvider
func (*OIDCProvider) Redeem ¶
func (p *OIDCProvider) Redeem(redirectURL, code string) (s *SessionState, err error)
func (*OIDCProvider) RefreshSessionIfNeeded ¶
func (p *OIDCProvider) RefreshSessionIfNeeded(s *SessionState) (bool, error)
type Provider ¶
type Provider interface {
Data() *ProviderData
GetEmailAddress(*SessionState) (string, error)
GetUserName(*SessionState) (string, error)
Redeem(string, string) (*SessionState, error)
ValidateGroup(string) bool
ValidateSessionState(*SessionState) bool
GetLoginURL(redirectURI, finalRedirect string) string
RefreshSessionIfNeeded(*SessionState) (bool, error)
SessionFromCookie(string, *cookie.Cipher) (*SessionState, error)
CookieForSession(*SessionState, *cookie.Cipher) (string, error)
}
func New ¶
func New(provider string, p *ProviderData) Provider
type ProviderData ¶
type ProviderData struct {
ProviderName string
ClientID string
ClientSecret string
LoginURL *url.URL
RedeemURL *url.URL
ProfileURL *url.URL
ProtectedResource *url.URL
ValidateURL *url.URL
Scope string
ApprovalPrompt string
}
func (*ProviderData) CookieForSession ¶
func (p *ProviderData) CookieForSession(s *SessionState, c *cookie.Cipher) (string, error)
CookieForSession serializes a session state for storage in a cookie
func (*ProviderData) Data ¶
func (p *ProviderData) Data() *ProviderData
func (*ProviderData) GetEmailAddress ¶
func (p *ProviderData) GetEmailAddress(s *SessionState) (string, error)
func (*ProviderData) GetLoginURL ¶
func (p *ProviderData) GetLoginURL(redirectURI, state string) string
GetLoginURL with typical oauth parameters
func (*ProviderData) GetUserName ¶
func (p *ProviderData) GetUserName(s *SessionState) (string, error)
GetUserName returns the Account username
func (*ProviderData) Redeem ¶
func (p *ProviderData) Redeem(redirectURL, code string) (s *SessionState, err error)
func (*ProviderData) RefreshSessionIfNeeded ¶
func (p *ProviderData) RefreshSessionIfNeeded(s *SessionState) (bool, error)
RefreshSessionIfNeeded
func (*ProviderData) SessionFromCookie ¶
func (p *ProviderData) SessionFromCookie(v string, c *cookie.Cipher) (s *SessionState, err error)
SessionFromCookie deserializes a session from a cookie value
func (*ProviderData) ValidateGroup ¶
func (p *ProviderData) ValidateGroup(email string) bool
ValidateGroup validates that the provided email exists in the configured provider email group(s).
func (*ProviderData) ValidateSessionState ¶
func (p *ProviderData) ValidateSessionState(s *SessionState) bool
type SessionState ¶
type SessionState struct {
AccessToken string
ExpiresOn time.Time
RefreshToken string
Email string
User string
}
func DecodeSessionState ¶
func DecodeSessionState(v string, c *cookie.Cipher) (s *SessionState, err error)
func (*SessionState) EncodeSessionState ¶
func (s *SessionState) EncodeSessionState(c *cookie.Cipher) (string, error)
func (*SessionState) EncryptedString ¶
func (s *SessionState) EncryptedString(c *cookie.Cipher) (string, error)
func (*SessionState) IsExpired ¶
func (s *SessionState) IsExpired() bool
func (*SessionState) String ¶
func (s *SessionState) String() string
Source Files
Click to show internal directories.
Click to hide internal directories.