Documentation
¶
Index ¶
- Variables
- func VerifyHandlerContext(ctx context.Context, handler VerifyHandler, location *geoip.Location) context.Context
- func VerifyHandlerContextValue(ctx context.Context, handler VerifyHandler) *geoip.Location
- type CookieHandler
- type EmailVerifyHandler
- func (h *EmailVerifyHandler) GenerateChallenge(ctx context.Context, subject string) (string, error)
- func (*EmailVerifyHandler) Method() VerifyMethod
- func (h *EmailVerifyHandler) Taint()
- func (h *EmailVerifyHandler) Tainted() bool
- func (h *EmailVerifyHandler) VerifyResponse(ctx context.Context, subject string, challenge string, response string) (bool, error)
- type OAuth2Client
- type OAuth2Provider
- func (p *OAuth2Provider) AddClient(client *OAuth2Client) error
- func (p *OAuth2Provider) AllowedOrigin(origin string) bool
- func (p *OAuth2Provider) AuthRequestByCode(ctx context.Context, code string) (op.AuthRequest, error)
- func (p *OAuth2Provider) AuthRequestByID(ctx context.Context, id string) (op.AuthRequest, error)
- func (p *OAuth2Provider) Authenticate(ctx context.Context, id string, subject string, password string, ...) (string, error)
- func (p *OAuth2Provider) AuthorizeClientIDSecret(ctx context.Context, clientID string, clientSecret string) error
- func (p *OAuth2Provider) ClientCredentials(ctx context.Context, clientID string, clientSecret string) (op.Client, error)
- func (p *OAuth2Provider) ClientCredentialsTokenRequest(ctx context.Context, clientID string, scopes []string) (op.TokenRequest, error)
- func (p *OAuth2Provider) Close() error
- func (p *OAuth2Provider) CreateAccessAndRefreshTokens(ctx context.Context, request op.TokenRequest, currentRefreshToken string) (string, string, time.Time, error)
- func (p *OAuth2Provider) CreateAccessToken(ctx context.Context, request op.TokenRequest) (string, time.Time, error)
- func (p *OAuth2Provider) CreateAuthRequest(ctx context.Context, oidcAuthRequest *oidc.AuthRequest, userID string) (op.AuthRequest, error)
- func (p *OAuth2Provider) CreateTokenExchangeRequest(ctx context.Context, request op.TokenExchangeRequest) error
- func (p *OAuth2Provider) DeleteAuthRequest(ctx context.Context, id string) error
- func (p *OAuth2Provider) GetClientByClientID(ctx context.Context, clientID string) (op.Client, error)
- func (p *OAuth2Provider) GetDeviceAuthorizatonState(ctx context.Context, clientID, deviceCode string) (*op.DeviceAuthorizationState, error)
- func (p *OAuth2Provider) GetKeyByIDAndClientID(ctx context.Context, keyID, clientID string) (*jose.JSONWebKey, error)
- func (p *OAuth2Provider) GetPrivateClaimsFromScopes(ctx context.Context, userID, clientID string, scopes []string) (map[string]any, error)
- func (p *OAuth2Provider) GetPrivateClaimsFromTokenExchangeRequest(ctx context.Context, request op.TokenExchangeRequest) (claims map[string]any, err error)
- func (p *OAuth2Provider) GetRefreshTokenInfo(ctx context.Context, clientID string, token string) (string, string, error)
- func (p *OAuth2Provider) Health(ctx context.Context) error
- func (p *OAuth2Provider) KeySet(ctx context.Context) ([]op.Key, error)
- func (p *OAuth2Provider) Mount(handler httpserver.Handler) *OAuth2Provider
- func (p *OAuth2Provider) RevokeToken(ctx context.Context, tokenOrTokenID string, userID string, clientID string) *oidc.Error
- func (p *OAuth2Provider) SaveAuthCode(ctx context.Context, id string, code string) error
- func (p *OAuth2Provider) SetIntrospectionFromToken(ctx context.Context, userinfo *oidc.IntrospectionResponse, tokenID string, ...) error
- func (p *OAuth2Provider) SetUserinfoFromRequest(ctx context.Context, userInfo *oidc.UserInfo, token op.IDTokenRequest, ...) error
- func (p *OAuth2Provider) SetUserinfoFromScopes(ctx context.Context, userInfo *oidc.UserInfo, userID string, clientID string, ...) error
- func (p *OAuth2Provider) SetUserinfoFromToken(ctx context.Context, userInfo *oidc.UserInfo, tokenID string, subject string, ...) error
- func (p *OAuth2Provider) SetUserinfoFromTokenExchangeRequest(ctx context.Context, userinfo *oidc.UserInfo, request op.TokenExchangeRequest) error
- func (p *OAuth2Provider) SignatureAlgorithms(ctx context.Context) ([]jose.SignatureAlgorithm, error)
- func (p *OAuth2Provider) SigningKey(ctx context.Context) (op.SigningKey, error)
- func (p *OAuth2Provider) StoreDeviceAuthorization(ctx context.Context, clientID, deviceCode, userCode string, expires time.Time, ...) error
- func (p *OAuth2Provider) TerminateSession(ctx context.Context, userID string, clientID string) error
- func (p *OAuth2Provider) TokenRequestByRefreshToken(ctx context.Context, refreshTokenID string) (op.RefreshTokenRequest, error)
- func (p *OAuth2Provider) ValidateJWTProfileScopes(ctx context.Context, userID string, scopes []string) ([]string, error)
- func (p *OAuth2Provider) ValidateTokenExchangeRequest(ctx context.Context, request op.TokenExchangeRequest) error
- func (p *OAuth2Provider) Verify(ctx context.Context, id string, subject string, verifyHandler VerifyHandler, ...) (string, error)
- type OAuth2ProviderConfig
- type PasskeyVerifyHandler
- func (h *PasskeyVerifyHandler) GenerateChallenge(ctx context.Context, subject string) (string, error)
- func (*PasskeyVerifyHandler) Method() VerifyMethod
- func (h *PasskeyVerifyHandler) Taint()
- func (h *PasskeyVerifyHandler) Tainted() bool
- func (h *PasskeyVerifyHandler) VerifyResponse(ctx context.Context, subject string, challenge string, response string) (bool, error)
- type TOTPConfig
- type TOTPProvider
- type TOTPVerifyHandler
- func (h *TOTPVerifyHandler) GenerateChallenge(ctx context.Context, subject string) (string, error)
- func (*TOTPVerifyHandler) Method() VerifyMethod
- func (h *TOTPVerifyHandler) Taint()
- func (h *TOTPVerifyHandler) Tainted() bool
- func (h *TOTPVerifyHandler) VerifyResponse(ctx context.Context, subject string, challenge string, response string) (bool, error)
- type VerifyHandler
- type VerifyMethod
- type WebAuthnConfig
- type WebAuthnProvider
Constants ¶
This section is empty.
Variables ¶
View Source
var ErrClientIDAlreadyRegistered = errors.New("client ID already registered")
View Source
var ErrInvalidClientSecret = errors.New("invalid client secret")
View Source
var ErrNoSigningKey = errors.New("no signing key")
View Source
var ErrUnknownClient = errors.New("unknown client")
View Source
var ErrUserNotVerified = errors.New("user not verified")
Functions ¶
func VerifyHandlerContext ¶
func VerifyHandlerContextValue ¶
func VerifyHandlerContextValue(ctx context.Context, handler VerifyHandler) *geoip.Location
Types ¶
type CookieHandler ¶
type CookieHandler struct {
// contains filtered or unexported fields
}
func NewCookieHandler ¶
func (*CookieHandler) Delete ¶
func (h *CookieHandler) Delete(w http.ResponseWriter)
func (*CookieHandler) Set ¶
func (h *CookieHandler) Set(w http.ResponseWriter, value string, remember bool) error
type EmailVerifyHandler ¶
type EmailVerifyHandler struct {
// contains filtered or unexported fields
}
func NewEmailVerifyHandler ¶
func (*EmailVerifyHandler) GenerateChallenge ¶
func (*EmailVerifyHandler) Method ¶
func (*EmailVerifyHandler) Method() VerifyMethod
func (*EmailVerifyHandler) Taint ¶
func (h *EmailVerifyHandler) Taint()
func (*EmailVerifyHandler) Tainted ¶
func (h *EmailVerifyHandler) Tainted() bool
func (*EmailVerifyHandler) VerifyResponse ¶
type OAuth2Client ¶
type OAuth2Provider ¶
type OAuth2Provider struct {
// contains filtered or unexported fields
}
func (*OAuth2Provider) AddClient ¶
func (p *OAuth2Provider) AddClient(client *OAuth2Client) error
func (*OAuth2Provider) AllowedOrigin ¶
func (p *OAuth2Provider) AllowedOrigin(origin string) bool
func (*OAuth2Provider) AuthRequestByCode ¶
func (p *OAuth2Provider) AuthRequestByCode(ctx context.Context, code string) (op.AuthRequest, error)
func (*OAuth2Provider) AuthRequestByID ¶
func (p *OAuth2Provider) AuthRequestByID(ctx context.Context, id string) (op.AuthRequest, error)
func (*OAuth2Provider) Authenticate ¶
func (p *OAuth2Provider) Authenticate(ctx context.Context, id string, subject string, password string, verifyHandler VerifyHandler, remember bool) (string, error)
func (*OAuth2Provider) AuthorizeClientIDSecret ¶
func (*OAuth2Provider) ClientCredentials ¶
func (*OAuth2Provider) ClientCredentialsTokenRequest ¶
func (p *OAuth2Provider) ClientCredentialsTokenRequest(ctx context.Context, clientID string, scopes []string) (op.TokenRequest, error)
func (*OAuth2Provider) Close ¶
func (p *OAuth2Provider) Close() error
func (*OAuth2Provider) CreateAccessAndRefreshTokens ¶
func (*OAuth2Provider) CreateAccessToken ¶
func (p *OAuth2Provider) CreateAccessToken(ctx context.Context, request op.TokenRequest) (string, time.Time, error)
func (*OAuth2Provider) CreateAuthRequest ¶
func (p *OAuth2Provider) CreateAuthRequest(ctx context.Context, oidcAuthRequest *oidc.AuthRequest, userID string) (op.AuthRequest, error)
func (*OAuth2Provider) CreateTokenExchangeRequest ¶
func (p *OAuth2Provider) CreateTokenExchangeRequest(ctx context.Context, request op.TokenExchangeRequest) error
func (*OAuth2Provider) DeleteAuthRequest ¶
func (p *OAuth2Provider) DeleteAuthRequest(ctx context.Context, id string) error
func (*OAuth2Provider) GetClientByClientID ¶
func (*OAuth2Provider) GetDeviceAuthorizatonState ¶
func (p *OAuth2Provider) GetDeviceAuthorizatonState(ctx context.Context, clientID, deviceCode string) (*op.DeviceAuthorizationState, error)
func (*OAuth2Provider) GetKeyByIDAndClientID ¶
func (p *OAuth2Provider) GetKeyByIDAndClientID(ctx context.Context, keyID, clientID string) (*jose.JSONWebKey, error)
func (*OAuth2Provider) GetPrivateClaimsFromScopes ¶
func (*OAuth2Provider) GetPrivateClaimsFromTokenExchangeRequest ¶
func (p *OAuth2Provider) GetPrivateClaimsFromTokenExchangeRequest(ctx context.Context, request op.TokenExchangeRequest) (claims map[string]any, err error)
func (*OAuth2Provider) GetRefreshTokenInfo ¶
func (*OAuth2Provider) Mount ¶
func (p *OAuth2Provider) Mount(handler httpserver.Handler) *OAuth2Provider
func (*OAuth2Provider) RevokeToken ¶
func (*OAuth2Provider) SaveAuthCode ¶
func (*OAuth2Provider) SetIntrospectionFromToken ¶
func (p *OAuth2Provider) SetIntrospectionFromToken(ctx context.Context, userinfo *oidc.IntrospectionResponse, tokenID string, subject string, clientID string) error
func (*OAuth2Provider) SetUserinfoFromRequest ¶
func (p *OAuth2Provider) SetUserinfoFromRequest(ctx context.Context, userInfo *oidc.UserInfo, token op.IDTokenRequest, scopes []string) error
func (*OAuth2Provider) SetUserinfoFromScopes ¶
func (*OAuth2Provider) SetUserinfoFromToken ¶
func (*OAuth2Provider) SetUserinfoFromTokenExchangeRequest ¶
func (p *OAuth2Provider) SetUserinfoFromTokenExchangeRequest(ctx context.Context, userinfo *oidc.UserInfo, request op.TokenExchangeRequest) error
func (*OAuth2Provider) SignatureAlgorithms ¶
func (p *OAuth2Provider) SignatureAlgorithms(ctx context.Context) ([]jose.SignatureAlgorithm, error)
func (*OAuth2Provider) SigningKey ¶
func (p *OAuth2Provider) SigningKey(ctx context.Context) (op.SigningKey, error)
func (*OAuth2Provider) StoreDeviceAuthorization ¶
func (*OAuth2Provider) TerminateSession ¶
func (*OAuth2Provider) TokenRequestByRefreshToken ¶
func (p *OAuth2Provider) TokenRequestByRefreshToken(ctx context.Context, refreshTokenID string) (op.RefreshTokenRequest, error)
func (*OAuth2Provider) ValidateJWTProfileScopes ¶
func (*OAuth2Provider) ValidateTokenExchangeRequest ¶
func (p *OAuth2Provider) ValidateTokenExchangeRequest(ctx context.Context, request op.TokenExchangeRequest) error
type OAuth2ProviderConfig ¶
type OAuth2ProviderConfig struct { IssuerURL *url.URL DefaultLogoutRedirectURL *url.URL SigningKeyAlgorithm jose.SignatureAlgorithm CryptoKey [32]byte }
func (*OAuth2ProviderConfig) NewProvider ¶
func (config *OAuth2ProviderConfig) NewProvider(databaseDriver database.Driver, userStore userstore.Backend, opOpts ...op.Option) (*OAuth2Provider, error)
type PasskeyVerifyHandler ¶
type PasskeyVerifyHandler struct {
// contains filtered or unexported fields
}
func NewPasskeyVerifyHandler ¶
func NewPasskeyVerifyHandler(database database.Driver, requestVerification bool) *PasskeyVerifyHandler
func (*PasskeyVerifyHandler) GenerateChallenge ¶
func (*PasskeyVerifyHandler) Method ¶
func (*PasskeyVerifyHandler) Method() VerifyMethod
func (*PasskeyVerifyHandler) Taint ¶
func (h *PasskeyVerifyHandler) Taint()
func (*PasskeyVerifyHandler) Tainted ¶
func (h *PasskeyVerifyHandler) Tainted() bool
func (*PasskeyVerifyHandler) VerifyResponse ¶
type TOTPConfig ¶
func (*TOTPConfig) NewTOTPProvider ¶
func (c *TOTPConfig) NewTOTPProvider() *TOTPProvider
type TOTPProvider ¶
type TOTPProvider struct {
// contains filtered or unexported fields
}
func (*TOTPProvider) GenerateRegistrationRequest ¶
func (*TOTPProvider) VerifyCode ¶
func (p *TOTPProvider) VerifyCode(secret string, code string) bool
type TOTPVerifyHandler ¶
type TOTPVerifyHandler struct {
// contains filtered or unexported fields
}
func NewTOTPVerifyHandler ¶
func NewTOTPVerifyHandler(totpProvider *TOTPProvider, database database.Driver, requestVerification bool) *TOTPVerifyHandler
func (*TOTPVerifyHandler) GenerateChallenge ¶
func (*TOTPVerifyHandler) Method ¶
func (*TOTPVerifyHandler) Method() VerifyMethod
func (*TOTPVerifyHandler) Taint ¶
func (h *TOTPVerifyHandler) Taint()
func (*TOTPVerifyHandler) Tainted ¶
func (h *TOTPVerifyHandler) Tainted() bool
func (*TOTPVerifyHandler) VerifyResponse ¶
type VerifyHandler ¶
type VerifyHandler interface { Method() VerifyMethod Taint() Tainted() bool GenerateChallenge(ctx context.Context, subject string) (string, error) VerifyResponse(ctx context.Context, subject string, challenge string, response string) (bool, error) }
func MockVerifyHandler ¶
func MockVerifyHandler() VerifyHandler
func NoneVerifyHandler ¶
func NoneVerifyHandler() VerifyHandler
type VerifyMethod ¶
type VerifyMethod string
const ( VerifyMethodNone VerifyMethod = "" VerifyMethodEmail VerifyMethod = VerifyMethod(database.EmailKey) VerifyMethodTOTP VerifyMethod = VerifyMethod(database.TOTPKey) VerifyMethodPasskey VerifyMethod = VerifyMethod(database.PasskeyKey) VerifyMethodWebAuthn VerifyMethod = VerifyMethod(database.WebAuthnKey) )
type WebAuthnConfig ¶
func (*WebAuthnConfig) NewWebAuthnProvider ¶
func (c *WebAuthnConfig) NewWebAuthnProvider() (*WebAuthnProvider, error)
type WebAuthnProvider ¶
type WebAuthnProvider struct {
// contains filtered or unexported fields
}
Source Files
¶
Click to show internal directories.
Click to hide internal directories.