server

package
v0.0.0-...-f1188b4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 7, 2025 License: Apache-2.0 Imports: 36 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ErrClientIDAlreadyRegistered = errors.New("client ID already registered")
View Source 
var ErrInvalidClientSecret = errors.New("invalid client secret")
View Source 
var ErrNoSigningKey = errors.New("no signing key")
View Source 
var ErrUnknownClient = errors.New("unknown client")
View Source 
var ErrUserNotVerified = errors.New("user not verified")

Functions

func VerifyHandlerContext 

func VerifyHandlerContext(ctx context.Context, handler VerifyHandler, location *geoip.Location) context.Context

func VerifyHandlerContextValue 

func VerifyHandlerContextValue(ctx context.Context, handler VerifyHandler) *geoip.Location

Types

type CookieHandler 

type CookieHandler struct {
	// contains filtered or unexported fields
}

func NewCookieHandler 

func NewCookieHandler(name string, domain string, path string, secure bool, sameSite http.SameSite) *CookieHandler

func (*CookieHandler) Delete 

func (h *CookieHandler) Delete(w http.ResponseWriter)

func (*CookieHandler) Get 

func (h *CookieHandler) Get(r *http.Request) (string, bool)

func (*CookieHandler) Set 

func (h *CookieHandler) Set(w http.ResponseWriter, value string, remember bool) error

type EmailVerifyHandler 

type EmailVerifyHandler struct {
	// contains filtered or unexported fields
}

func NewEmailVerifyHandler 

func NewEmailVerifyHandler(mailer *mail.Mailer, database database.Driver, userStore userstore.Backend) *EmailVerifyHandler

func (*EmailVerifyHandler) GenerateChallenge 

func (h *EmailVerifyHandler) GenerateChallenge(ctx context.Context, subject string) (string, error)

func (*EmailVerifyHandler) Method 

func (*EmailVerifyHandler) Method() VerifyMethod

func (*EmailVerifyHandler) Taint 

func (h *EmailVerifyHandler) Taint()

func (*EmailVerifyHandler) Tainted 

func (h *EmailVerifyHandler) Tainted() bool

func (*EmailVerifyHandler) VerifyResponse 

func (h *EmailVerifyHandler) VerifyResponse(ctx context.Context, subject string, challenge string, response string) (bool, error)

type OAuth2Client 

type OAuth2Client struct {
	ID                     string
	Secret                 string
	RedirectURLs           []*url.URL
	PostLogoutRedirectURLs []*url.URL
}

type OAuth2Provider 

type OAuth2Provider struct {
	// contains filtered or unexported fields
}

func (*OAuth2Provider) AddClient 

func (p *OAuth2Provider) AddClient(client *OAuth2Client) error

func (*OAuth2Provider) AllowedOrigin 

func (p *OAuth2Provider) AllowedOrigin(origin string) bool

func (*OAuth2Provider) AuthRequestByCode 

func (p *OAuth2Provider) AuthRequestByCode(ctx context.Context, code string) (op.AuthRequest, error)

func (*OAuth2Provider) AuthRequestByID 

func (p *OAuth2Provider) AuthRequestByID(ctx context.Context, id string) (op.AuthRequest, error)

func (*OAuth2Provider) Authenticate 

func (p *OAuth2Provider) Authenticate(ctx context.Context, id string, subject string, password string, verifyHandler VerifyHandler, remember bool) (string, error)

func (*OAuth2Provider) AuthorizeClientIDSecret 

func (p *OAuth2Provider) AuthorizeClientIDSecret(ctx context.Context, clientID string, clientSecret string) error

func (*OAuth2Provider) ClientCredentials 

func (p *OAuth2Provider) ClientCredentials(ctx context.Context, clientID string, clientSecret string) (op.Client, error)

func (*OAuth2Provider) ClientCredentialsTokenRequest 

func (p *OAuth2Provider) ClientCredentialsTokenRequest(ctx context.Context, clientID string, scopes []string) (op.TokenRequest, error)

func (*OAuth2Provider) Close 

func (p *OAuth2Provider) Close() error

func (*OAuth2Provider) CreateAccessAndRefreshTokens 

func (p *OAuth2Provider) CreateAccessAndRefreshTokens(ctx context.Context, request op.TokenRequest, currentRefreshToken string) (string, string, time.Time, error)

func (*OAuth2Provider) CreateAccessToken 

func (p *OAuth2Provider) CreateAccessToken(ctx context.Context, request op.TokenRequest) (string, time.Time, error)

func (*OAuth2Provider) CreateAuthRequest 

func (p *OAuth2Provider) CreateAuthRequest(ctx context.Context, oidcAuthRequest *oidc.AuthRequest, userID string) (op.AuthRequest, error)

func (*OAuth2Provider) CreateTokenExchangeRequest 

func (p *OAuth2Provider) CreateTokenExchangeRequest(ctx context.Context, request op.TokenExchangeRequest) error

func (*OAuth2Provider) DeleteAuthRequest 

func (p *OAuth2Provider) DeleteAuthRequest(ctx context.Context, id string) error

func (*OAuth2Provider) GetClientByClientID 

func (p *OAuth2Provider) GetClientByClientID(ctx context.Context, clientID string) (op.Client, error)

func (*OAuth2Provider) GetDeviceAuthorizatonState 

func (p *OAuth2Provider) GetDeviceAuthorizatonState(ctx context.Context, clientID, deviceCode string) (*op.DeviceAuthorizationState, error)

func (*OAuth2Provider) GetKeyByIDAndClientID 

func (p *OAuth2Provider) GetKeyByIDAndClientID(ctx context.Context, keyID, clientID string) (*jose.JSONWebKey, error)

func (*OAuth2Provider) GetPrivateClaimsFromScopes 

func (p *OAuth2Provider) GetPrivateClaimsFromScopes(ctx context.Context, userID, clientID string, scopes []string) (map[string]any, error)

func (*OAuth2Provider) GetPrivateClaimsFromTokenExchangeRequest 

func (p *OAuth2Provider) GetPrivateClaimsFromTokenExchangeRequest(ctx context.Context, request op.TokenExchangeRequest) (claims map[string]any, err error)

func (*OAuth2Provider) GetRefreshTokenInfo 

func (p *OAuth2Provider) GetRefreshTokenInfo(ctx context.Context, clientID string, token string) (string, string, error)

func (*OAuth2Provider) Health 

func (p *OAuth2Provider) Health(ctx context.Context) error

func (*OAuth2Provider) KeySet 

func (p *OAuth2Provider) KeySet(ctx context.Context) ([]op.Key, error)

func (*OAuth2Provider) Mount 

func (p *OAuth2Provider) Mount(handler httpserver.Handler) *OAuth2Provider

func (*OAuth2Provider) RevokeToken 

func (p *OAuth2Provider) RevokeToken(ctx context.Context, tokenOrTokenID string, userID string, clientID string) *oidc.Error

func (*OAuth2Provider) SaveAuthCode 

func (p *OAuth2Provider) SaveAuthCode(ctx context.Context, id string, code string) error

func (*OAuth2Provider) SetIntrospectionFromToken 

func (p *OAuth2Provider) SetIntrospectionFromToken(ctx context.Context, userinfo *oidc.IntrospectionResponse, tokenID string, subject string, clientID string) error

func (*OAuth2Provider) SetUserinfoFromRequest 

func (p *OAuth2Provider) SetUserinfoFromRequest(ctx context.Context, userInfo *oidc.UserInfo, token op.IDTokenRequest, scopes []string) error

func (*OAuth2Provider) SetUserinfoFromScopes 

func (p *OAuth2Provider) SetUserinfoFromScopes(ctx context.Context, userInfo *oidc.UserInfo, userID string, clientID string, scopes []string) error

func (*OAuth2Provider) SetUserinfoFromToken 

func (p *OAuth2Provider) SetUserinfoFromToken(ctx context.Context, userInfo *oidc.UserInfo, tokenID string, subject string, origin string) error

func (*OAuth2Provider) SetUserinfoFromTokenExchangeRequest 

func (p *OAuth2Provider) SetUserinfoFromTokenExchangeRequest(ctx context.Context, userinfo *oidc.UserInfo, request op.TokenExchangeRequest) error

func (*OAuth2Provider) SignatureAlgorithms 

func (p *OAuth2Provider) SignatureAlgorithms(ctx context.Context) ([]jose.SignatureAlgorithm, error)

func (*OAuth2Provider) SigningKey 

func (p *OAuth2Provider) SigningKey(ctx context.Context) (op.SigningKey, error)

func (*OAuth2Provider) StoreDeviceAuthorization 

func (p *OAuth2Provider) StoreDeviceAuthorization(ctx context.Context, clientID, deviceCode, userCode string, expires time.Time, scopes []string) error

func (*OAuth2Provider) TerminateSession 

func (p *OAuth2Provider) TerminateSession(ctx context.Context, userID string, clientID string) error

func (*OAuth2Provider) TokenRequestByRefreshToken 

func (p *OAuth2Provider) TokenRequestByRefreshToken(ctx context.Context, refreshTokenID string) (op.RefreshTokenRequest, error)

func (*OAuth2Provider) ValidateJWTProfileScopes 

func (p *OAuth2Provider) ValidateJWTProfileScopes(ctx context.Context, userID string, scopes []string) ([]string, error)

func (*OAuth2Provider) ValidateTokenExchangeRequest 

func (p *OAuth2Provider) ValidateTokenExchangeRequest(ctx context.Context, request op.TokenExchangeRequest) error

func (*OAuth2Provider) Verify 

func (p *OAuth2Provider) Verify(ctx context.Context, id string, subject string, verifyHandler VerifyHandler, response string) (string, error)

type OAuth2ProviderConfig 

type OAuth2ProviderConfig struct {
	IssuerURL                *url.URL
	DefaultLogoutRedirectURL *url.URL
	SigningKeyAlgorithm      jose.SignatureAlgorithm
	CryptoKey                [32]byte
}

func (*OAuth2ProviderConfig) NewProvider 

func (config *OAuth2ProviderConfig) NewProvider(databaseDriver database.Driver, userStore userstore.Backend, opOpts ...op.Option) (*OAuth2Provider, error)

type PasskeyVerifyHandler 

type PasskeyVerifyHandler struct {
	// contains filtered or unexported fields
}

func NewPasskeyVerifyHandler 

func NewPasskeyVerifyHandler(database database.Driver, requestVerification bool) *PasskeyVerifyHandler

func (*PasskeyVerifyHandler) GenerateChallenge 

func (h *PasskeyVerifyHandler) GenerateChallenge(ctx context.Context, subject string) (string, error)

func (*PasskeyVerifyHandler) Method 

func (*PasskeyVerifyHandler) Method() VerifyMethod

func (*PasskeyVerifyHandler) Taint 

func (h *PasskeyVerifyHandler) Taint()

func (*PasskeyVerifyHandler) Tainted 

func (h *PasskeyVerifyHandler) Tainted() bool

func (*PasskeyVerifyHandler) VerifyResponse 

func (h *PasskeyVerifyHandler) VerifyResponse(ctx context.Context, subject string, challenge string, response string) (bool, error)

type TOTPConfig 

type TOTPConfig struct {
	Issuer string
	Period time.Duration
}

func (*TOTPConfig) NewTOTPProvider 

func (c *TOTPConfig) NewTOTPProvider() *TOTPProvider

type TOTPProvider 

type TOTPProvider struct {
	// contains filtered or unexported fields
}

func (*TOTPProvider) GenerateRegistrationRequest 

func (p *TOTPProvider) GenerateRegistrationRequest(subject string, width int, height int) (string, string, string, error)

func (*TOTPProvider) VerifyCode 

func (p *TOTPProvider) VerifyCode(secret string, code string) bool

type TOTPVerifyHandler 

type TOTPVerifyHandler struct {
	// contains filtered or unexported fields
}

func NewTOTPVerifyHandler 

func NewTOTPVerifyHandler(totpProvider *TOTPProvider, database database.Driver, requestVerification bool) *TOTPVerifyHandler

func (*TOTPVerifyHandler) GenerateChallenge 

func (h *TOTPVerifyHandler) GenerateChallenge(ctx context.Context, subject string) (string, error)

func (*TOTPVerifyHandler) Method 

func (*TOTPVerifyHandler) Method() VerifyMethod

func (*TOTPVerifyHandler) Taint 

func (h *TOTPVerifyHandler) Taint()

func (*TOTPVerifyHandler) Tainted 

func (h *TOTPVerifyHandler) Tainted() bool

func (*TOTPVerifyHandler) VerifyResponse 

func (h *TOTPVerifyHandler) VerifyResponse(ctx context.Context, subject string, challenge string, response string) (bool, error)

type VerifyHandler 

type VerifyHandler interface {
	Method() VerifyMethod
	Taint()
	Tainted() bool
	GenerateChallenge(ctx context.Context, subject string) (string, error)
	VerifyResponse(ctx context.Context, subject string, challenge string, response string) (bool, error)
}

func MockVerifyHandler 

func MockVerifyHandler() VerifyHandler

func NoneVerifyHandler 

func NoneVerifyHandler() VerifyHandler

type VerifyMethod 

type VerifyMethod string
const (
	VerifyMethodNone     VerifyMethod = ""
	VerifyMethodEmail    VerifyMethod = VerifyMethod(database.EmailKey)
	VerifyMethodTOTP     VerifyMethod = VerifyMethod(database.TOTPKey)
	VerifyMethodPasskey  VerifyMethod = VerifyMethod(database.PasskeyKey)
	VerifyMethodWebAuthn VerifyMethod = VerifyMethod(database.WebAuthnKey)
)

type WebAuthnConfig 

type WebAuthnConfig struct {
	RPID          string
	RPDisplayName string
	RPOrigins     []string
}

func (*WebAuthnConfig) NewWebAuthnProvider 

func (c *WebAuthnConfig) NewWebAuthnProvider() (*WebAuthnProvider, error)

type WebAuthnProvider 

type WebAuthnProvider struct {
	// contains filtered or unexported fields
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.