server

package
v0.0.0-...-f1188b4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 7, 2025 License: Apache-2.0 Imports: 36 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var ErrClientIDAlreadyRegistered = errors.New("client ID already registered")
View Source
var ErrInvalidClientSecret = errors.New("invalid client secret")
View Source
var ErrNoSigningKey = errors.New("no signing key")
View Source
var ErrUnknownClient = errors.New("unknown client")
View Source
var ErrUserNotVerified = errors.New("user not verified")

Functions

func VerifyHandlerContext

func VerifyHandlerContext(ctx context.Context, handler VerifyHandler, location *geoip.Location) context.Context

func VerifyHandlerContextValue

func VerifyHandlerContextValue(ctx context.Context, handler VerifyHandler) *geoip.Location

Types

type CookieHandler

type CookieHandler struct {
	// contains filtered or unexported fields
}

func NewCookieHandler

func NewCookieHandler(name string, domain string, path string, secure bool, sameSite http.SameSite) *CookieHandler

func (*CookieHandler) Delete

func (h *CookieHandler) Delete(w http.ResponseWriter)

func (*CookieHandler) Get

func (h *CookieHandler) Get(r *http.Request) (string, bool)

func (*CookieHandler) Set

func (h *CookieHandler) Set(w http.ResponseWriter, value string, remember bool) error

type EmailVerifyHandler

type EmailVerifyHandler struct {
	// contains filtered or unexported fields
}

func NewEmailVerifyHandler

func NewEmailVerifyHandler(mailer *mail.Mailer, database database.Driver, userStore userstore.Backend) *EmailVerifyHandler

func (*EmailVerifyHandler) GenerateChallenge

func (h *EmailVerifyHandler) GenerateChallenge(ctx context.Context, subject string) (string, error)

func (*EmailVerifyHandler) Method

func (*EmailVerifyHandler) Method() VerifyMethod

func (*EmailVerifyHandler) Taint

func (h *EmailVerifyHandler) Taint()

func (*EmailVerifyHandler) Tainted

func (h *EmailVerifyHandler) Tainted() bool

func (*EmailVerifyHandler) VerifyResponse

func (h *EmailVerifyHandler) VerifyResponse(ctx context.Context, subject string, challenge string, response string) (bool, error)

type OAuth2Client

type OAuth2Client struct {
	ID                     string
	Secret                 string
	RedirectURLs           []*url.URL
	PostLogoutRedirectURLs []*url.URL
}

type OAuth2Provider

type OAuth2Provider struct {
	// contains filtered or unexported fields
}

func (*OAuth2Provider) AddClient

func (p *OAuth2Provider) AddClient(client *OAuth2Client) error

func (*OAuth2Provider) AllowedOrigin

func (p *OAuth2Provider) AllowedOrigin(origin string) bool

func (*OAuth2Provider) AuthRequestByCode

func (p *OAuth2Provider) AuthRequestByCode(ctx context.Context, code string) (op.AuthRequest, error)

func (*OAuth2Provider) AuthRequestByID

func (p *OAuth2Provider) AuthRequestByID(ctx context.Context, id string) (op.AuthRequest, error)

func (*OAuth2Provider) Authenticate

func (p *OAuth2Provider) Authenticate(ctx context.Context, id string, subject string, password string, verifyHandler VerifyHandler, remember bool) (string, error)

func (*OAuth2Provider) AuthorizeClientIDSecret

func (p *OAuth2Provider) AuthorizeClientIDSecret(ctx context.Context, clientID string, clientSecret string) error

func (*OAuth2Provider) ClientCredentials

func (p *OAuth2Provider) ClientCredentials(ctx context.Context, clientID string, clientSecret string) (op.Client, error)

func (*OAuth2Provider) ClientCredentialsTokenRequest

func (p *OAuth2Provider) ClientCredentialsTokenRequest(ctx context.Context, clientID string, scopes []string) (op.TokenRequest, error)

func (*OAuth2Provider) Close

func (p *OAuth2Provider) Close() error

func (*OAuth2Provider) CreateAccessAndRefreshTokens

func (p *OAuth2Provider) CreateAccessAndRefreshTokens(ctx context.Context, request op.TokenRequest, currentRefreshToken string) (string, string, time.Time, error)

func (*OAuth2Provider) CreateAccessToken

func (p *OAuth2Provider) CreateAccessToken(ctx context.Context, request op.TokenRequest) (string, time.Time, error)

func (*OAuth2Provider) CreateAuthRequest

func (p *OAuth2Provider) CreateAuthRequest(ctx context.Context, oidcAuthRequest *oidc.AuthRequest, userID string) (op.AuthRequest, error)

func (*OAuth2Provider) CreateTokenExchangeRequest

func (p *OAuth2Provider) CreateTokenExchangeRequest(ctx context.Context, request op.TokenExchangeRequest) error

func (*OAuth2Provider) DeleteAuthRequest

func (p *OAuth2Provider) DeleteAuthRequest(ctx context.Context, id string) error

func (*OAuth2Provider) GetClientByClientID

func (p *OAuth2Provider) GetClientByClientID(ctx context.Context, clientID string) (op.Client, error)

func (*OAuth2Provider) GetDeviceAuthorizatonState

func (p *OAuth2Provider) GetDeviceAuthorizatonState(ctx context.Context, clientID, deviceCode string) (*op.DeviceAuthorizationState, error)

func (*OAuth2Provider) GetKeyByIDAndClientID

func (p *OAuth2Provider) GetKeyByIDAndClientID(ctx context.Context, keyID, clientID string) (*jose.JSONWebKey, error)

func (*OAuth2Provider) GetPrivateClaimsFromScopes

func (p *OAuth2Provider) GetPrivateClaimsFromScopes(ctx context.Context, userID, clientID string, scopes []string) (map[string]any, error)

func (*OAuth2Provider) GetPrivateClaimsFromTokenExchangeRequest

func (p *OAuth2Provider) GetPrivateClaimsFromTokenExchangeRequest(ctx context.Context, request op.TokenExchangeRequest) (claims map[string]any, err error)

func (*OAuth2Provider) GetRefreshTokenInfo

func (p *OAuth2Provider) GetRefreshTokenInfo(ctx context.Context, clientID string, token string) (string, string, error)

func (*OAuth2Provider) Health

func (p *OAuth2Provider) Health(ctx context.Context) error

func (*OAuth2Provider) KeySet

func (p *OAuth2Provider) KeySet(ctx context.Context) ([]op.Key, error)

func (*OAuth2Provider) Mount

func (p *OAuth2Provider) Mount(handler httpserver.Handler) *OAuth2Provider

func (*OAuth2Provider) RevokeToken

func (p *OAuth2Provider) RevokeToken(ctx context.Context, tokenOrTokenID string, userID string, clientID string) *oidc.Error

func (*OAuth2Provider) SaveAuthCode

func (p *OAuth2Provider) SaveAuthCode(ctx context.Context, id string, code string) error

func (*OAuth2Provider) SetIntrospectionFromToken

func (p *OAuth2Provider) SetIntrospectionFromToken(ctx context.Context, userinfo *oidc.IntrospectionResponse, tokenID string, subject string, clientID string) error

func (*OAuth2Provider) SetUserinfoFromRequest

func (p *OAuth2Provider) SetUserinfoFromRequest(ctx context.Context, userInfo *oidc.UserInfo, token op.IDTokenRequest, scopes []string) error

func (*OAuth2Provider) SetUserinfoFromScopes

func (p *OAuth2Provider) SetUserinfoFromScopes(ctx context.Context, userInfo *oidc.UserInfo, userID string, clientID string, scopes []string) error

func (*OAuth2Provider) SetUserinfoFromToken

func (p *OAuth2Provider) SetUserinfoFromToken(ctx context.Context, userInfo *oidc.UserInfo, tokenID string, subject string, origin string) error

func (*OAuth2Provider) SetUserinfoFromTokenExchangeRequest

func (p *OAuth2Provider) SetUserinfoFromTokenExchangeRequest(ctx context.Context, userinfo *oidc.UserInfo, request op.TokenExchangeRequest) error

func (*OAuth2Provider) SignatureAlgorithms

func (p *OAuth2Provider) SignatureAlgorithms(ctx context.Context) ([]jose.SignatureAlgorithm, error)

func (*OAuth2Provider) SigningKey

func (p *OAuth2Provider) SigningKey(ctx context.Context) (op.SigningKey, error)

func (*OAuth2Provider) StoreDeviceAuthorization

func (p *OAuth2Provider) StoreDeviceAuthorization(ctx context.Context, clientID, deviceCode, userCode string, expires time.Time, scopes []string) error

func (*OAuth2Provider) TerminateSession

func (p *OAuth2Provider) TerminateSession(ctx context.Context, userID string, clientID string) error

func (*OAuth2Provider) TokenRequestByRefreshToken

func (p *OAuth2Provider) TokenRequestByRefreshToken(ctx context.Context, refreshTokenID string) (op.RefreshTokenRequest, error)

func (*OAuth2Provider) ValidateJWTProfileScopes

func (p *OAuth2Provider) ValidateJWTProfileScopes(ctx context.Context, userID string, scopes []string) ([]string, error)

func (*OAuth2Provider) ValidateTokenExchangeRequest

func (p *OAuth2Provider) ValidateTokenExchangeRequest(ctx context.Context, request op.TokenExchangeRequest) error

func (*OAuth2Provider) Verify

func (p *OAuth2Provider) Verify(ctx context.Context, id string, subject string, verifyHandler VerifyHandler, response string) (string, error)

type OAuth2ProviderConfig

type OAuth2ProviderConfig struct {
	IssuerURL                *url.URL
	DefaultLogoutRedirectURL *url.URL
	SigningKeyAlgorithm      jose.SignatureAlgorithm
	CryptoKey                [32]byte
}

func (*OAuth2ProviderConfig) NewProvider

func (config *OAuth2ProviderConfig) NewProvider(databaseDriver database.Driver, userStore userstore.Backend, opOpts ...op.Option) (*OAuth2Provider, error)

type PasskeyVerifyHandler

type PasskeyVerifyHandler struct {
	// contains filtered or unexported fields
}

func NewPasskeyVerifyHandler

func NewPasskeyVerifyHandler(database database.Driver, requestVerification bool) *PasskeyVerifyHandler

func (*PasskeyVerifyHandler) GenerateChallenge

func (h *PasskeyVerifyHandler) GenerateChallenge(ctx context.Context, subject string) (string, error)

func (*PasskeyVerifyHandler) Method

func (*PasskeyVerifyHandler) Taint

func (h *PasskeyVerifyHandler) Taint()

func (*PasskeyVerifyHandler) Tainted

func (h *PasskeyVerifyHandler) Tainted() bool

func (*PasskeyVerifyHandler) VerifyResponse

func (h *PasskeyVerifyHandler) VerifyResponse(ctx context.Context, subject string, challenge string, response string) (bool, error)

type TOTPConfig

type TOTPConfig struct {
	Issuer string
	Period time.Duration
}

func (*TOTPConfig) NewTOTPProvider

func (c *TOTPConfig) NewTOTPProvider() *TOTPProvider

type TOTPProvider

type TOTPProvider struct {
	// contains filtered or unexported fields
}

func (*TOTPProvider) GenerateRegistrationRequest

func (p *TOTPProvider) GenerateRegistrationRequest(subject string, width int, height int) (string, string, string, error)

func (*TOTPProvider) VerifyCode

func (p *TOTPProvider) VerifyCode(secret string, code string) bool

type TOTPVerifyHandler

type TOTPVerifyHandler struct {
	// contains filtered or unexported fields
}

func NewTOTPVerifyHandler

func NewTOTPVerifyHandler(totpProvider *TOTPProvider, database database.Driver, requestVerification bool) *TOTPVerifyHandler

func (*TOTPVerifyHandler) GenerateChallenge

func (h *TOTPVerifyHandler) GenerateChallenge(ctx context.Context, subject string) (string, error)

func (*TOTPVerifyHandler) Method

func (*TOTPVerifyHandler) Method() VerifyMethod

func (*TOTPVerifyHandler) Taint

func (h *TOTPVerifyHandler) Taint()

func (*TOTPVerifyHandler) Tainted

func (h *TOTPVerifyHandler) Tainted() bool

func (*TOTPVerifyHandler) VerifyResponse

func (h *TOTPVerifyHandler) VerifyResponse(ctx context.Context, subject string, challenge string, response string) (bool, error)

type VerifyHandler

type VerifyHandler interface {
	Method() VerifyMethod
	Taint()
	Tainted() bool
	GenerateChallenge(ctx context.Context, subject string) (string, error)
	VerifyResponse(ctx context.Context, subject string, challenge string, response string) (bool, error)
}

func MockVerifyHandler

func MockVerifyHandler() VerifyHandler

func NoneVerifyHandler

func NoneVerifyHandler() VerifyHandler

type VerifyMethod

type VerifyMethod string
const (
	VerifyMethodNone     VerifyMethod = ""
	VerifyMethodEmail    VerifyMethod = VerifyMethod(database.EmailKey)
	VerifyMethodTOTP     VerifyMethod = VerifyMethod(database.TOTPKey)
	VerifyMethodPasskey  VerifyMethod = VerifyMethod(database.PasskeyKey)
	VerifyMethodWebAuthn VerifyMethod = VerifyMethod(database.WebAuthnKey)
)

type WebAuthnConfig

type WebAuthnConfig struct {
	RPID          string
	RPDisplayName string
	RPOrigins     []string
}

func (*WebAuthnConfig) NewWebAuthnProvider

func (c *WebAuthnConfig) NewWebAuthnProvider() (*WebAuthnProvider, error)

type WebAuthnProvider

type WebAuthnProvider struct {
	// contains filtered or unexported fields
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL