Documentation
¶
Index ¶
- type Assertion
- type AssertionOptions
- type AssertionOptions1
- type AssertionOptionsResponse
- type Attestation
- type AttestationOptions
- type AttestationOptions1
- type AuthenticateRequest
- type AuthenticateRequestMessage
- type AuthenticateStatus
- type BackchannelAuthorization
- type ClientInfoResponse
- type ClientResponse
- type Content
- type CredentialCreationOptions
- type ErrorResponse
- type FIDO2configuration
- type GetClientTokenParams
- type GluuConfigurationResponse
- type IntrospectionResponse
- type JSONWebKey
- type Permission
- type RegisterParams
- type RegisterRequest
- type RegisterRequestMessage
- type RegisterResponseParam
- type RegisterSiteParams
- type RegisterStatus
- type RptIntrospectionResponse
- type RptIntrospectionResponse1
- type SessionStateObject
- type TokenResponse
- type TokenResponse1
- type TokenResponse2
- type U2FConfiguration
- type UMA2ConfigurationResponse
- type UMAPermissionList
- type UMAResource
- type UMAResourceResponse
- type UMAResourceWithID
- type UMAScopeDescription
- type User
- type WebKeysConfiguration
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Assertion ¶
type Assertion struct {
// fido2 assertion endpoint
BasePath string `json:"base_path,omitempty"`
// fido2 assertion options endpoint
OptionsEnpoint string `json:"options_enpoint,omitempty"`
// fido2 assertion result endpoint
ResultEnpoint string `json:"result_enpoint,omitempty"`
}
Assertion Assertion
list of fido2 assertion endpoints
swagger:model Assertion
func (*Assertion) MarshalBinary ¶
MarshalBinary interface implementation
func (*Assertion) UnmarshalBinary ¶
UnmarshalBinary interface implementation
type AssertionOptions ¶
type AssertionOptions struct {
// content
Content *Content `json:"content,omitempty"`
}
AssertionOptions AssertionOptions
swagger:model AssertionOptions
func (*AssertionOptions) MarshalBinary ¶
func (m *AssertionOptions) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*AssertionOptions) UnmarshalBinary ¶
func (m *AssertionOptions) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type AssertionOptions1 ¶
type AssertionOptions1 struct {
// The base64url encoded clientDataJSON returned by the client
// Required: true
ClientDataJSON []string `json:"clientDataJSON"`
// The base64url encoded id returned by the client
ID string `json:"id,omitempty"`
// The base64url encoded rawId returned by the client. If res.rawId is missing, res.id will be used instead. If both are missing an error will be thrown.
RawID string `json:"rawId,omitempty"`
// type
Type []string `json:"type"`
// The base64url encoded userHandle returned by the client. May be null or an empty string.
UserHandle string `json:"userHandle,omitempty"`
}
AssertionOptions1 AssertionOptions1
swagger:model AssertionOptions1
func (*AssertionOptions1) MarshalBinary ¶
func (m *AssertionOptions1) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*AssertionOptions1) UnmarshalBinary ¶
func (m *AssertionOptions1) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type AssertionOptionsResponse ¶
type AssertionOptionsResponse struct {
// allow credentials
// Required: true
AllowCredentials []string `json:"allowCredentials"`
// Websafe-base64 encoding of the challenge.
// Required: true
Challenge *string `json:"challenge"`
// extensions
// Required: true
Extensions *string `json:"extensions"`
// username
// Required: true
User *string `json:"user"`
// user verification
// Required: true
UserVerification *string `json:"userVerification"`
}
AssertionOptionsResponse AssertionOptionsResponse
swagger:model AssertionOptionsResponse
func (*AssertionOptionsResponse) MarshalBinary ¶
func (m *AssertionOptionsResponse) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*AssertionOptionsResponse) UnmarshalBinary ¶
func (m *AssertionOptionsResponse) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type Attestation ¶
type Attestation struct {
// fido2 attestation endpoint
BasePath string `json:"base_path,omitempty"`
// fido2 attestation options endpoint
OptionsEnpoint string `json:"options_enpoint,omitempty"`
// fido2 attestation result endpoint
ResultEnpoint string `json:"result_enpoint,omitempty"`
}
Attestation Attestation
list of fido2 attestation endpoints
swagger:model Attestation
func (*Attestation) MarshalBinary ¶
func (m *Attestation) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*Attestation) UnmarshalBinary ¶
func (m *Attestation) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type AttestationOptions ¶
type AttestationOptions struct {
// authenticator selection
AuthenticatorSelection []string `json:"authenticatorSelection"`
// credential type
CredentialType string `json:"credentialType,omitempty"`
// display name
DisplayName string `json:"displayName,omitempty"`
// document domain
DocumentDomain string `json:"documentDomain,omitempty"`
// extensions
Extensions string `json:"extensions,omitempty"`
// username
Username string `json:"username,omitempty"`
}
AttestationOptions AttestationOptions
An object containing various options for the option creation ¶
swagger:model AttestationOptions
func (*AttestationOptions) MarshalBinary ¶
func (m *AttestationOptions) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*AttestationOptions) UnmarshalBinary ¶
func (m *AttestationOptions) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type AttestationOptions1 ¶
type AttestationOptions1 struct {
// The base64url encoded clientDataJSON returned by the client
// Required: true
ClientDataJSON []string `json:"clientDataJSON"`
// id
ID string `json:"id,omitempty"`
// type
Type string `json:"type,omitempty"`
}
AttestationOptions1 AttestationOptions1
An object containing various options for the option creation ¶
swagger:model AttestationOptions1
func (*AttestationOptions1) MarshalBinary ¶
func (m *AttestationOptions1) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*AttestationOptions1) UnmarshalBinary ¶
func (m *AttestationOptions1) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type AuthenticateRequest ¶
type AuthenticateRequest struct {
// The application id that the RP would like to assert.
AppID string `json:"appId,omitempty"`
// The websafe-base64-encoded challenge.
Challenge string `json:"challenge,omitempty"`
// websafe-base64 encoding of the key handle obtained from the U2F token during registration
KeyHandle string `json:"keyHandle,omitempty"`
// Version of the protocol that the to-be-registered U2F token must speak.
Version string `json:"version,omitempty"`
}
AuthenticateRequest AuthenticateRequest
list of AuthenticateRequest
swagger:model AuthenticateRequest
func (*AuthenticateRequest) MarshalBinary ¶
func (m *AuthenticateRequest) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*AuthenticateRequest) UnmarshalBinary ¶
func (m *AuthenticateRequest) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type AuthenticateRequestMessage ¶
type AuthenticateRequestMessage struct {
// The application id that the RP would like to assert.
// Required: true
AppID *string `json:"appId"`
// The websafe-base64-encoded challenge.
// Required: true
Challenge *string `json:"challenge"`
// Websafe-base64 encoding of the key handle obtained from the U2F token during registration.
// Required: true
KeyHandle *string `json:"keyHandle"`
// Version of the protocol that the to-be-registered U2F token must speak.
// Required: true
Version *string `json:"version"`
}
AuthenticateRequestMessage AuthenticateRequestMessage
FIDO U2F device authentication request.
swagger:model AuthenticateRequestMessage
func (*AuthenticateRequestMessage) MarshalBinary ¶
func (m *AuthenticateRequestMessage) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*AuthenticateRequestMessage) UnmarshalBinary ¶
func (m *AuthenticateRequestMessage) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type AuthenticateStatus ¶
type AuthenticateStatus struct {
// The websafe-base64-encoded challenge.
// Required: true
Challenge *string `json:"challenge"`
// Version of the protocol that the to-be-registered U2F token must speak.
// Required: true
Status *string `json:"status"`
}
AuthenticateStatus AuthenticateStatus
FIDO U2F device authentication status.
swagger:model AuthenticateStatus
func (*AuthenticateStatus) MarshalBinary ¶
func (m *AuthenticateStatus) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*AuthenticateStatus) UnmarshalBinary ¶
func (m *AuthenticateStatus) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type BackchannelAuthorization ¶
type BackchannelAuthorization struct {
// a u t h r e q ID
// Required: true
AUTHREQID *string `json:"AUTH_REQ_ID"`
// e x p i r e s i n
// Required: true
EXPIRESIN *int32 `json:"EXPIRES_IN"`
// i n t e r v a l
// Required: true
INTERVAL *int32 `json:"INTERVAL"`
}
BackchannelAuthorization BackchannelAuthorization
swagger:model BackchannelAuthorization
func (*BackchannelAuthorization) MarshalBinary ¶
func (m *BackchannelAuthorization) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*BackchannelAuthorization) UnmarshalBinary ¶
func (m *BackchannelAuthorization) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type ClientInfoResponse ¶
type ClientInfoResponse struct {
// custom attributes
CustomAttributes []string `json:"custom_attributes"`
// display name
DisplayName string `json:"displayName,omitempty"`
// XRI i-number
Inum string `json:"inum,omitempty"`
// jansAuth Application type
JansAuthAppType string `json:"jansAuthAppType,omitempty"`
// jansAuth ID Token Signed Response Algorithm
JansAuthIDTokenSignedResponseAlg string `json:"jansAuthIdTokenSignedResponseAlg,omitempty"`
// Array of redirect URIs values used in the Authorization
JansAuthRedirectURI []string `json:"jansAuthRedirectURI"`
// jansAuth Attribute Scope Id
OxID string `json:"oxId,omitempty"`
}
ClientInfoResponse ClientInfoResponse
Client details in response.
swagger:model ClientInfoResponse
func (*ClientInfoResponse) MarshalBinary ¶
func (m *ClientInfoResponse) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*ClientInfoResponse) UnmarshalBinary ¶
func (m *ClientInfoResponse) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type ClientResponse ¶
type ClientResponse struct {
// Specifies whether access token as signed JWT.
AccessTokenAsJwt bool `json:"access_token_as_jwt,omitempty"`
// Specifies the Client-specific access token expiration.
AccessTokenLifetime int32 `json:"access_token_lifetime,omitempty"`
// Specifies signing algorithm that has to be used during JWT signing. If it's not specified, then the default OP signing algorithm will be used .
AccessTokenSigningAlg string `json:"access_token_signing_alg,omitempty"`
// Specifies whether to allow spontaneous scopes for client. The default value is false.
AllowSpontaneousScopes bool `json:"allow_spontaneous_scopes,omitempty"`
// specifies authorized JavaScript origins.
AuthorizedOrigins []string `json:"authorized_origins"`
// The JWS algorithm alg value that the Client will use for signing authentication request, as described in Section 7.1.1. of OAuth 2.0 [RFC6749]. When omitted, the Client will not send signed authentication requests.
BackchannelAuthenticationRequestSigningAlg string `json:"backchannel_authentication_request_signing_alg,omitempty"`
// Client Initiated Backchannel Authentication (CIBA) enables a Client to initiate the authentication of an end-user by means of out-of-band mechanisms. Upon receipt of the notification, the Client makes a request to the token endpoint to obtain the tokens.
BackchannelClientNotificationEndpoint string `json:"backchannel_client_notification_endpoint,omitempty"`
// Boolean value specifying whether the RP requires that a session ID Claim be included in the Logout Token to identify the RP session with the OP when the backchannel_logout_uri is used. If omitted, the default value is false.
BackchannelLogoutSessionRequired bool `json:"backchannel_logout_session_required,omitempty"`
// RP URL that will cause the RP to log itself out when sent a Logout Token by the OP.
BackchannelLogoutURI string `json:"backchannel_logout_uri,omitempty"`
// specifies how backchannel token will be deliveried.
BackchannelTokenDeliveryMode string `json:"backchannel_token_delivery_mode,omitempty"`
// Boolean value specifying whether the Client supports the user_code parameter. If omitted, the default value is false.
BackchannelUserCodeParameter bool `json:"backchannel_user_code_parameter,omitempty"`
// String containing a space-separated list of claims that can be requested individually.
Claims string `json:"claims,omitempty"`
// Array of The Claims Redirect URIs to which the client wishes the authorization server to direct the requesting party's user agent after completing its interaction.
ClaimsRedirectURI []string `json:"claims_redirect_uri"`
// Name of the Client to be presented to the user.
ClientName string `json:"client_name,omitempty"`
// URL of the home page of the Client. The value of this field must point to a valid Web page.
ClientURI string `json:"client_uri,omitempty"`
// e-mail addresses of people responsible for this Client.
Contacts []string `json:"contacts"`
// Array of default requested Authentication Context Class Reference values that the Authorization Server must use for processing requests from the Client.
DefaultAcrValues []string `json:"default_acr_values"`
// Specifies the Default Maximum Authentication Age.
DefaultMaxAge int32 `json:"default_max_age,omitempty"`
// Boolean value specifying whether the RP requires that a session ID query parameter be included to identify the RP session at the OP when the logout_uri is used. If omitted, the default value is false.
FrontchannelLogoutSessionRequired bool `json:"frontchannel_logout_session_required,omitempty"`
// RP URL that will cause the RP to log itself out when rendered in an iframe by the OP.
FrontchannelLogoutURI string `json:"frontchannel_logout_uri,omitempty"`
// A list of the OAuth 2.0 Grant Types that the Client is declaring that it will restrict itself to using.
GrantTypes []string `json:"grant_types"`
// JWE alg algorithm (JWA) required for encrypting the ID Token issued to this Client.
IDTokenEncryptedResponseAlg string `json:"id_token_encrypted_response_alg,omitempty"`
// JWE enc algorithm (JWA) required for encrypting the ID Token issued to this Client.
IDTokenEncryptedResponseEnc string `json:"id_token_encrypted_response_enc,omitempty"`
// JWS alg algorithm (JWA) required for signing the ID Token issued to this Client.
IDTokenSignedResponseAlg string `json:"id_token_signed_response_alg,omitempty"`
// Specifies the JWT Confirmation Method member name (e.g. tbh) that the Relying Party expects when receiving Token Bound ID Tokens. The presence of this parameter indicates that the Relying Party supports Token Binding of ID Tokens. If omitted, the default is that the Relying Party does not support Token Binding of ID Tokens.
IDTokenTokenBindingCnf string `json:"id_token_token_binding_cnf,omitempty"`
// Specifies the URI using the https scheme that the authorization server can call to initiate a login at the client.
InitiateLoginURI string `json:"initiate_login_uri,omitempty"`
// Client's JSON Web Key Set (JWK) document, passed by value. The semantics of the jwks parameter are the same as the jwks_uri parameter, other than that the JWK Set is passed by value, rather than by reference. This parameter is intended only to be used by Clients that, for some reason, are unable to use the jwks_uri parameter, for instance, by native applications that might not have a location to host the contents of the JWK Set. If a Client can use jwks_uri, it must not use jwks. One significant downside of jwks is that it does not enable key rotation. The jwks_uri and jwks parameters must not be used together.
JWKS string `json:"jwks,omitempty"`
// URL for the Client's JSON Web Key Set (JWK) document containing key(s) that are used for signing requests to the OP. The JWK Set may also contain the Client's encryption keys(s) that are used by the OP to encrypt the responses to the Client. When both signing and encryption keys are made available, a use (Key Use) parameter value is required for all keys in the document to indicate each key's intended usage .
JWKSURI string `json:"jwks_uri,omitempty"`
// Boolean value indicating if the client authorization will not be removed afer expiration (expiration date is same as client's expiration that created it). The default value is false.
KeepClientAuthorizationAfterExpiration bool `json:"keep_client_authorization_after_expiration,omitempty"`
// URL that references a logo for the Client application
LogoURI string `json:"logo_uri,omitempty"`
// URL that the Relying Party Client provides to the End-User to read about the how the profile data will be used.
PolicyURI string `json:"policy_uri,omitempty"`
// Provide the URLs supplied by the RP to request that the user be redirected to this location after a logout has been performed.
PostLogoutRedirectUris []string `json:"post_logout_redirect_uris"`
// Redirection URI values used by the Client. One of these registered Redirection URI values must exactly match the redirect_uri parameter value used in each Authorization Request
RedirectUris []string `json:"redirect_uris"`
// JWE alg algorithm (JWA) the RP is declaring that it may use for encrypting Request Objects sent to the OP.
RequestObjectEncryptionAlg string `json:"request_object_encryption_alg,omitempty"`
// JWE enc algorithm (JWA) the RP is declaring that it may use for encrypting Request Objects sent to the OP.
RequestObjectEncryptionEnc string `json:"request_object_encryption_enc,omitempty"`
// JWS alg algorithm (JWA) that must be used for signing Request Objects sent to the OP.
RequestObjectSigningAlg string `json:"request_object_signing_alg,omitempty"`
// Provide a list of request_uri values that are pre-registered by the Client for use at the Authorization Server.
RequestUris []string `json:"request_uris"`
// Boolean value specifying whether the auth_time Claim in the ID Token is required. It is required when the value is true.
RequireAuthTime bool `json:"require_auth_time,omitempty"`
// A list of the OAuth 2.0 response_type values that the Client is declaring that it will restrict itself to using. If omitted, the default is that the Client will use only the code Response Type. Allowed values are code, token, id_token.
ResponseTypes []string `json:"response_types"`
// Specifies whether RPT should be return as signed JWT.
RptAsJwt bool `json:"rpt_as_jwt,omitempty"`
// Boolean value with default value false. If true and access_token_as_jwt=true then run introspection script and transfer claims into JWT.
RunIntrospectionScriptBeforeAccessTokenAsJwtCreationAndIncludeClaims bool `json:"run_introspection_script_before_access_token_as_jwt_creation_and_include_claims,omitempty"`
// Provide list of scope which are used during authentication to authorize access to resource.
Scope []string `json:"scope"`
// This param will be removed in a future version because the correct is 'scope' not 'scopes', see (rfc7591).
Scopes string `json:"scopes,omitempty"`
// URL using the https scheme to be used in calculating Pseudonymous Identifiers by the OP.
SectorIdentifierURI string `json:"sector_identifier_uri,omitempty"`
// Specifies a unique identifier string (UUID) assigned by the client developer or software publisher used by registration endpoints to identify the client software to be dynamically registered.
SoftwareID string `json:"software_id,omitempty"`
// specifies a software statement containing client metadata values about the client software as claims. This is a string value containing the entire signed JWT.
SoftwareStatement string `json:"software_statement,omitempty"`
// Specifies a version identifier string for the client software identified by 'software_id'. The value of the 'software_version' should change on any update to the client software identified by the same 'software_id'.
SoftwareVersion string `json:"software_version,omitempty"`
// List of spontaneous scopes
SpontaneousScopes []string `json:"spontaneous_scopes"`
// Subject type requested for the Client ID. Valid types include pairwise and public.
SubjectType string `json:"subject_type,omitempty"`
// An string representation of the expected subject distinguished name of the certificate, which the OAuth client will use in mutual TLS authentication.
TLSClientAuthSubjectDn string `json:"tls_client_auth_subject_dn,omitempty"`
// Requested Client Authentication method for the Token Endpoint.
TokenEndpointAuthMethod string `json:"token_endpoint_auth_method,omitempty"`
// JWS alg algorithm (JWA) that must be used for signing the JWT used to authenticate the Client at the Token Endpoint for the private_key_jwt and client_secret_jwt authentication methods.
TokenEndpointAuthSigningAlg string `json:"token_endpoint_auth_signing_alg,omitempty"`
// URL that the Relying Party Client provides to the End-User to read about the Relying Party's terms of service.
TosURI string `json:"tos_uri,omitempty"`
// JWE alg algorithm (JWA) required for encrypting UserInfo Responses.
UserinfoEncryptedResponseAlg string `json:"userinfo_encrypted_response_alg,omitempty"`
// JWE enc algorithm (JWA) required for encrypting UserInfo Responses.
UserinfoEncryptedResponseEnc string `json:"userinfo_encrypted_response_enc,omitempty"`
// JWS alg algorithm (JWA) required for signing UserInfo Responses.
UserinfoSignedResponseAlg string `json:"userinfo_signed_response_alg,omitempty"`
}
ClientResponse ClientResponse
swagger:model ClientResponse
func (*ClientResponse) MarshalBinary ¶
func (m *ClientResponse) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*ClientResponse) UnmarshalBinary ¶
func (m *ClientResponse) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type Content ¶
type Content struct {
// authenticator selection
AuthenticatorSelection []string `json:"authenticatorSelection"`
// document domain
DocumentDomain string `json:"documentDomain,omitempty"`
// extensions
Extensions string `json:"extensions,omitempty"`
// username
Username string `json:"username,omitempty"`
}
Content Content
An object that contains the extensions to enable, and the options to use for each of them.
swagger:model Content
func (*Content) MarshalBinary ¶
MarshalBinary interface implementation
func (*Content) UnmarshalBinary ¶
UnmarshalBinary interface implementation
type CredentialCreationOptions ¶
type CredentialCreationOptions struct {
// attestation
// Required: true
Attestation *string `json:"attestation"`
// authenticator selection
// Required: true
AuthenticatorSelection []string `json:"authenticatorSelection"`
// The base64url encoded challenge that was sent to the client, as generated by assertionOptions.
// Required: true
Challenge *string `json:"challenge"`
// exclude credentials
// Required: true
ExcludeCredentials []string `json:"excludeCredentials"`
// extensions
// Required: true
Extensions *string `json:"extensions"`
// pub key cred params
// Required: true
PubKeyCredParams []string `json:"pubKeyCredParams"`
// RP credentials
// Required: true
Rp []string `json:"rp"`
// user
// Required: true
User *User `json:"user"`
}
CredentialCreationOptions CredentialCreationOptions
swagger:model CredentialCreationOptions
func (*CredentialCreationOptions) MarshalBinary ¶
func (m *CredentialCreationOptions) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*CredentialCreationOptions) UnmarshalBinary ¶
func (m *CredentialCreationOptions) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type ErrorResponse ¶
type ErrorResponse struct {
// details
Details string `json:"details,omitempty"`
// error
// Required: true
Error *string `json:"error"`
// error description
// Required: true
ErrorDescription *string `json:"error_description"`
}
ErrorResponse ErrorResponse
swagger:model ErrorResponse
func (*ErrorResponse) MarshalBinary ¶
func (m *ErrorResponse) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*ErrorResponse) UnmarshalBinary ¶
func (m *ErrorResponse) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type FIDO2configuration ¶
type FIDO2configuration struct {
// assertion
Assertion []*Assertion `json:"assertion"`
// attestation
// Required: true
Attestation []*Attestation `json:"attestation"`
// A URI indicating the party operating the FIDO U2F server.
// Required: true
Issuer *string `json:"issuer"`
// The version of the FIDO2 U2F core protocol to which this server conforms. The value MUST be the string 1.0.
// Required: true
Version *string `json:"version"`
}
FIDO2configuration FIDO2configuration
FIDO2 configuration.
swagger:model FIDO2configuration
func (*FIDO2configuration) MarshalBinary ¶
func (m *FIDO2configuration) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*FIDO2configuration) UnmarshalBinary ¶
func (m *FIDO2configuration) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type GetClientTokenParams ¶
type GetClientTokenParams struct {
// token response
// Required: true
TokenResponse *TokenResponse1 `json:"tokenResponse"`
// username
// Required: true
Username *string `json:"username"`
}
GetClientTokenParams GetClientTokenParams
swagger:model GetClientTokenParams
func (*GetClientTokenParams) MarshalBinary ¶
func (m *GetClientTokenParams) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*GetClientTokenParams) UnmarshalBinary ¶
func (m *GetClientTokenParams) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type GluuConfigurationResponse ¶
type GluuConfigurationResponse struct {
// auth level mapping
AuthLevelMapping map[string]string `json:"auth_level_mapping,omitempty"`
// id generation endpoint
// Required: true
IDGenerationEndpoint *string `json:"id_generation_endpoint"`
// introspection endpoint
// Required: true
IntrospectionEndpoint *string `json:"introspection_endpoint"`
// scope to claims mapping
ScopeToClaimsMapping map[string]string `json:"scope_to_claims_mapping,omitempty"`
}
GluuConfigurationResponse GluuConfigurationResponse
Client GluuAttribute by Dn(Distinguished Name) based on Authorization Scope.
swagger:model GluuConfigurationResponse
func (*GluuConfigurationResponse) MarshalBinary ¶
func (m *GluuConfigurationResponse) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*GluuConfigurationResponse) UnmarshalBinary ¶
func (m *GluuConfigurationResponse) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type IntrospectionResponse ¶
type IntrospectionResponse struct {
// Authentication Context Class Reference values.
AcrValues string `json:"acr_values,omitempty"`
// Boolean indicator of whether or not the presented token is currently active.
// Required: true
Active *bool `json:"active"`
// Service-specific string identifier or list of string identifiers representing the intended audience for this token, as defined in JWT [RFC7519].
Aud string `json:"aud,omitempty"`
// Client identifier for the OAuth 2.0 client that requested this token.
ClientID string `json:"client_id,omitempty"`
// Integer timestamp, measured in the number of seconds since January 1 1970 UTC, indicating when this permission will expire.
Exp int32 `json:"exp,omitempty"`
// iat
Iat int32 `json:"iat,omitempty"`
// String representing the issuer of this token, as defined in JWT [RFC7519].
Iss string `json:"iss,omitempty"`
// String identifier for the token, as defined in JWT.
Jti string `json:"jti,omitempty"`
// Provide list of scopes to which access was granted for this resource.
Scope []string `json:"scope"`
// Subject of the token, as defined in JWT [RFC7519].
Sub string `json:"sub,omitempty"`
// Type of the token as defined in Section 5.1 of OAuth 2.0 [RFC6749].
TokenType string `json:"token_type,omitempty"`
// Human-readable identifier for the resource owner who authorized this token.
Username string `json:"username,omitempty"`
}
IntrospectionResponse IntrospectionResponse
meta-information about token
swagger:model IntrospectionResponse
func (*IntrospectionResponse) MarshalBinary ¶
func (m *IntrospectionResponse) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*IntrospectionResponse) UnmarshalBinary ¶
func (m *IntrospectionResponse) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type JSONWebKey ¶
type JSONWebKey struct {
// alg
// Required: true
Alg *string `json:"alg"`
// crv
Crv string `json:"crv,omitempty"`
// e
E string `json:"e,omitempty"`
// exp
// Required: true
Exp *int64 `json:"exp"`
// kid
// Required: true
Kid *string `json:"kid"`
// kty
// Required: true
Kty *string `json:"kty"`
// n
N string `json:"n,omitempty"`
// use
// Required: true
Use *string `json:"use"`
// x
X string `json:"x,omitempty"`
// x5c
// Required: true
X5c []string `json:"x5c"`
// y
Y string `json:"y,omitempty"`
}
JSONWebKey JsonWebKey
swagger:model JsonWebKey
func (*JSONWebKey) MarshalBinary ¶
func (m *JSONWebKey) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*JSONWebKey) UnmarshalBinary ¶
func (m *JSONWebKey) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type Permission ¶
type Permission struct {
// Integer timestamp, measured in the number of seconds since January 1 1970 UTC, indicating when this permission will expire. If the token-level exp value pre-dates a permission-level exp value, the token-level value takes precedence.
Exp int32 `json:"exp,omitempty"`
// Integer timestamp, measured in the number of seconds since January 1 1970 UTC, indicating when this permission was originally issued. If the token-level iat value post-dates a permission-level iat value, the token-level value takes precedence.
Iat int32 `json:"iat,omitempty"`
// Integer timestamp, measured in the number of seconds since January 1 1970 UTC, indicating the time before which this permission is not valid. If the token-level nbf value post-dates a permission-level nbf value, the token-level value takes precedence.
Nbf int32 `json:"nbf,omitempty"`
// A string that uniquely identifies the protected resource, access to which has been granted to this client on behalf of this requesting party. The identifier MUST correspond to a resource that was previously registered as protected.
// Required: true
ResourceID *string `json:"resource_id"`
// An array referencing zero or more strings representing scopes to which access was granted for this resource. Each string MUST correspond to a scope that was registered by this resource server for the referenced resource.
// Required: true
ResourceScopes []string `json:"resource_scopes"`
}
Permission Permission
List of UmaPermission granted to RPT. A permission is (requested or granted) authorized access to a particular resource with some number of scopes bound to that resource.
swagger:model Permission
func (*Permission) MarshalBinary ¶
func (m *Permission) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*Permission) UnmarshalBinary ¶
func (m *Permission) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type RegisterParams ¶
type RegisterParams struct {
// Specifies whether access token as signed JWT.
AccessTokenAsJwt bool `json:"access_token_as_jwt,omitempty"`
// Specifies the Client-specific access token expiration.
AccessTokenLifetime int32 `json:"access_token_lifetime,omitempty"`
// Specifies signing algorithm that has to be used during JWT signing. If it's not specified, then the default OP signing algorithm will be used .
AccessTokenSigningAlg string `json:"access_token_signing_alg,omitempty"`
// Additional audiences.
AdditionalAudience []string `json:"additional_audience"`
// Specifies whether to allow spontaneous scopes for client. The default value is false.
AllowSpontaneousScopes bool `json:"allow_spontaneous_scopes,omitempty"`
// specifies authorized JavaScript origins.
AuthorizedOrigins []string `json:"authorized_origins"`
// The JWS algorithm alg value that the Client will use for signing authentication request, as described in Section 7.1.1. of OAuth 2.0 [RFC6749]. When omitted, the Client will not send signed authentication requests.
BackchannelAuthenticationRequestSigningAlg string `json:"backchannel_authentication_request_signing_alg,omitempty"`
// Client Initiated Backchannel Authentication (CIBA) enables a Client to initiate the authentication of an end-user by means of out-of-band mechanisms. Upon receipt of the notification, the Client makes a request to the token endpoint to obtain the tokens.
BackchannelClientNotificationEndpoint string `json:"backchannel_client_notification_endpoint,omitempty"`
// Boolean value specifying whether the RP requires that a session ID Claim be included in the Logout Token to identify the RP session with the OP when the backchannel_logout_uri is used. If omitted, the default value is false.
BackchannelLogoutSessionRequired bool `json:"backchannel_logout_session_required,omitempty"`
// RP URL that will cause the RP to log itself out when sent a Logout Token by the OP.
BackchannelLogoutURI string `json:"backchannel_logout_uri,omitempty"`
// specifies how backchannel token will be deliveried.
BackchannelTokenDeliveryMode string `json:"backchannel_token_delivery_mode,omitempty"`
// Boolean value specifying whether the Client supports the user_code parameter. If omitted, the default value is false.
BackchannelUserCodeParameter bool `json:"backchannel_user_code_parameter,omitempty"`
// String containing a space-separated list of claims that can be requested individually.
Claims string `json:"claims,omitempty"`
// Array of The Claims Redirect URIs to which the client wishes the authorization server to direct the requesting party's user agent after completing its interaction.
ClaimsRedirectURI []string `json:"claims_redirect_uri"`
// Name of the Client to be presented to the user.
ClientName string `json:"client_name,omitempty"`
// URL of the home page of the Client. The value of this field must point to a valid Web page.
ClientURI string `json:"client_uri,omitempty"`
// e-mail addresses of people responsible for this Client.
Contacts []string `json:"contacts"`
// Array of default requested Authentication Context Class Reference values that the Authorization Server must use for processing requests from the Client.
DefaultAcrValues []string `json:"default_acr_values"`
// Specifies the Default Maximum Authentication Age.
DefaultMaxAge int32 `json:"default_max_age,omitempty"`
// Boolean value specifying whether the RP requires that a session ID query parameter be included to identify the RP session at the OP when the logout_uri is used. If omitted, the default value is false.
FrontchannelLogoutSessionRequired bool `json:"frontchannel_logout_session_required,omitempty"`
// RP URL that will cause the RP to log itself out when rendered in an iframe by the OP.
FrontchannelLogoutURI string `json:"frontchannel_logout_uri,omitempty"`
// A list of the OAuth 2.0 Grant Types that the Client is declaring that it will restrict itself to using.
GrantTypes []string `json:"grant_types"`
// JWE alg algorithm (JWA) required for encrypting the ID Token issued to this Client.
IDTokenEncryptedResponseAlg string `json:"id_token_encrypted_response_alg,omitempty"`
// JWE enc algorithm (JWA) required for encrypting the ID Token issued to this Client.
IDTokenEncryptedResponseEnc string `json:"id_token_encrypted_response_enc,omitempty"`
// JWS alg algorithm (JWA) required for signing the ID Token issued to this Client.
IDTokenSignedResponseAlg string `json:"id_token_signed_response_alg,omitempty"`
// Specifies the JWT Confirmation Method member name (e.g. tbh) that the Relying Party expects when receiving Token Bound ID Tokens. The presence of this parameter indicates that the Relying Party supports Token Binding of ID Tokens. If omitted, the default is that the Relying Party does not support Token Binding of ID Tokens.
IDTokenTokenBindingCnf string `json:"id_token_token_binding_cnf,omitempty"`
// Specifies the URI using the https scheme that the authorization server can call to initiate a login at the client.
InitiateLoginURI string `json:"initiate_login_uri,omitempty"`
// List of JSON Web Key (JWK) - A JSON object that represents a cryptographic key. The members of the object represent properties of the key, including its value. "{ \"keys\" : [ { \"e\" : \"AQAB\", \"n\" : \"gmlDX_mgMcHX..\" ] }"
JWKS []*JSONWebKey `json:"jwks"`
// URL for the Client's JSON Web Key Set (JWK) document containing key(s) that are used for signing requests to the OP. The JWK Set may also contain the Client's encryption keys(s) that are used by the OP to encrypt the responses to the Client. When both signing and encryption keys are made available, a use (Key Use) parameter value is required for all keys in the document to indicate each key's intended usage .
JWKSURI string `json:"jwks_uri,omitempty"`
// Boolean value indicating if the client authorization will not be removed afer expiration (expiration date is same as client's expiration that created it). The default value is false.
KeepClientAuthorizationAfterExpiration bool `json:"keep_client_authorization_after_expiration,omitempty"`
// URL that references a logo for the Client application
LogoURI string `json:"logo_uri,omitempty"`
// URL that the Relying Party Client provides to the End-User to read about the how the profile data will be used.
PolicyURI string `json:"policy_uri,omitempty"`
// Provide the URLs supplied by the RP to request that the user be redirected to this location after a logout has been performed.
PostLogoutRedirectUris []string `json:"post_logout_redirect_uris"`
// Redirection URI values used by the Client. One of these registered Redirection URI values must exactly match the redirect_uri parameter value used in each Authorization Request
// Required: true
RedirectUris []string `json:"redirect_uris"`
// JWE alg algorithm (JWA) the RP is declaring that it may use for encrypting Request Objects sent to the OP.
RequestObjectEncryptionAlg string `json:"request_object_encryption_alg,omitempty"`
// JWE enc algorithm (JWA) the RP is declaring that it may use for encrypting Request Objects sent to the OP.
RequestObjectEncryptionEnc string `json:"request_object_encryption_enc,omitempty"`
// JWS alg algorithm (JWA) that must be used for signing Request Objects sent to the OP.
RequestObjectSigningAlg string `json:"request_object_signing_alg,omitempty"`
// Provide a list of request_uri values that are pre-registered by the Client for use at the Authorization Server.
RequestUris []string `json:"request_uris"`
// Boolean value specifying whether the auth_time Claim in the ID Token is required. It is required when the value is true.
RequireAuthTime bool `json:"require_auth_time,omitempty"`
// A list of the OAuth 2.0 response_type values that the Client is declaring that it will restrict itself to using. If omitted, the default is that the Client will use only the code Response Type. Allowed values are code, token, id_token.
ResponseTypes []string `json:"response_types"`
// Specifies whether RPT should be return as signed JWT.
RptAsJwt bool `json:"rpt_as_jwt,omitempty"`
// Boolean value with default value false. If true and access_token_as_jwt=true then run introspection script and transfer claims into JWT.
RunIntrospectionScriptBeforeAccessTokenAsJwtCreationAndIncludeClaims bool `json:"run_introspection_script_before_access_token_as_jwt_creation_and_include_claims,omitempty"`
// Provide list of scope which are used during authentication to authorize access to resource.
Scope []string `json:"scope"`
// This param will be removed in a future version because the correct is 'scope' not 'scopes', see (rfc7591).
Scopes string `json:"scopes,omitempty"`
// URL using the https scheme to be used in calculating Pseudonymous Identifiers by the OP.
SectorIdentifierURI string `json:"sector_identifier_uri,omitempty"`
// Specifies a unique identifier string (UUID) assigned by the client developer or software publisher used by registration endpoints to identify the client software to be dynamically registered.
SoftwareID string `json:"software_id,omitempty"`
// specifies a software statement containing client metadata values about the client software as claims. This is a string value containing the entire signed JWT.
SoftwareStatement string `json:"software_statement,omitempty"`
// Specifies a version identifier string for the client software identified by 'software_id'. The value of the 'software_version' should change on any update to the client software identified by the same 'software_id'.
SoftwareVersion string `json:"software_version,omitempty"`
// List of spontaneous scopes
SpontaneousScopes []string `json:"spontaneous_scopes"`
// Subject type requested for the Client ID. Valid types include pairwise and public.
SubjectType string `json:"subject_type,omitempty"`
// An string representation of the expected subject distinguished name of the certificate, which the OAuth client will use in mutual TLS authentication.
TLSClientAuthSubjectDn string `json:"tls_client_auth_subject_dn,omitempty"`
// Requested Client Authentication method for the Token Endpoint.
TokenEndpointAuthMethod string `json:"token_endpoint_auth_method,omitempty"`
// JWS alg algorithm (JWA) that must be used for signing the JWT used to authenticate the Client at the Token Endpoint for the private_key_jwt and client_secret_jwt authentication methods.
TokenEndpointAuthSigningAlg string `json:"token_endpoint_auth_signing_alg,omitempty"`
// URL that the Relying Party Client provides to the End-User to read about the Relying Party's terms of service.
TosURI string `json:"tos_uri,omitempty"`
// JWE alg algorithm (JWA) required for encrypting UserInfo Responses.
UserinfoEncryptedResponseAlg string `json:"userinfo_encrypted_response_alg,omitempty"`
// JWE enc algorithm (JWA) required for encrypting UserInfo Responses.
UserinfoEncryptedResponseEnc string `json:"userinfo_encrypted_response_enc,omitempty"`
// JWS alg algorithm (JWA) required for signing UserInfo Responses.
UserinfoSignedResponseAlg string `json:"userinfo_signed_response_alg,omitempty"`
}
RegisterParams RegisterParams
swagger:model RegisterParams
func (*RegisterParams) MarshalBinary ¶
func (m *RegisterParams) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*RegisterParams) UnmarshalBinary ¶
func (m *RegisterParams) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type RegisterRequest ¶
type RegisterRequest struct {
// The application id that the RP would like to assert.
AppID string `json:"appId,omitempty"`
// The websafe-base64-encoded challenge.
Challenge string `json:"challenge,omitempty"`
// Version of the protocol that the to-be-registered U2F token must speak.
Version string `json:"version,omitempty"`
}
RegisterRequest RegisterRequest
list of RegisterRequest
swagger:model RegisterRequest
func (*RegisterRequest) MarshalBinary ¶
func (m *RegisterRequest) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*RegisterRequest) UnmarshalBinary ¶
func (m *RegisterRequest) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type RegisterRequestMessage ¶
type RegisterRequestMessage struct {
// authenticate requests
// Required: true
AuthenticateRequests []*AuthenticateRequest `json:"authenticateRequests"`
// register requests
// Required: true
RegisterRequests []*RegisterRequest `json:"registerRequests"`
}
RegisterRequestMessage RegisterRequestMessage
RegisterRequestMessage ¶
swagger:model RegisterRequestMessage
func (*RegisterRequestMessage) MarshalBinary ¶
func (m *RegisterRequestMessage) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*RegisterRequestMessage) UnmarshalBinary ¶
func (m *RegisterRequestMessage) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type RegisterResponseParam ¶
type RegisterResponseParam struct {
// Unique Client Identifier. It MUST NOT be currently valid for any other registered Client.
// Required: true
ClientID *string `json:"client_id"`
// Time at which the Client Identifier was issued.
ClientIDIssuedAt int32 `json:"client_id_issued_at,omitempty"`
// This value is used by Confidential Clients to authenticate to the Token Endpoint
ClientSecret string `json:"client_secret,omitempty"`
// Time at which the client_secret will expire or 0 if it will not expire.
ClientSecretExpiresAt int32 `json:"client_secret_expires_at,omitempty"`
// Registration Access Token that can be used at the Client Configuration Endpoint to perform subsequent operations upon the Client registration.
RegistrationAccessToken string `json:"registration_access_token,omitempty"`
// Location of the Client Configuration Endpoint where the Registration Access Token can be used to perform subsequent operations upon the resulting Client registration.
RegistrationClientURI string `json:"registration_client_uri,omitempty"`
}
RegisterResponseParam RegisterResponseParam
swagger:model RegisterResponseParam
func (*RegisterResponseParam) MarshalBinary ¶
func (m *RegisterResponseParam) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*RegisterResponseParam) UnmarshalBinary ¶
func (m *RegisterResponseParam) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type RegisterSiteParams ¶
type RegisterSiteParams struct {
// token response
TokenResponse *TokenResponse2 `json:"tokenResponse,omitempty"`
// username
// Required: true
Username *string `json:"username"`
}
RegisterSiteParams RegisterSiteParams
swagger:model RegisterSiteParams
func (*RegisterSiteParams) MarshalBinary ¶
func (m *RegisterSiteParams) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*RegisterSiteParams) UnmarshalBinary ¶
func (m *RegisterSiteParams) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type RegisterStatus ¶
type RegisterStatus struct {
// challenge
Challenge string `json:"challenge,omitempty"`
// status
Status string `json:"status,omitempty"`
}
RegisterStatus RegisterStatus
RegisterRequestMessage ¶
swagger:model RegisterStatus
func (*RegisterStatus) MarshalBinary ¶
func (m *RegisterStatus) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*RegisterStatus) UnmarshalBinary ¶
func (m *RegisterStatus) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type RptIntrospectionResponse ¶
type RptIntrospectionResponse struct {
// Boolean indicator of whether or not the presented token is currently active.
// Required: true
Active *bool `json:"active"`
// Service-specific string identifier or list of string identifiers representing the intended audience for this token.
Aud string `json:"aud,omitempty"`
// Client id used to obtain RPT.
ClientID string `json:"clientId,omitempty"`
// Integer timestamp, in seconds since January 1 1970 UTC, indicating when this token will expire.
Exp int64 `json:"exp,omitempty"`
// Integer timestamp, measured in the number of seconds since January 1 1970 UTC, indicating when this permission was originally issued.
Iat int32 `json:"iat,omitempty"`
// String representing the issuer of this token, as defined in JWT [RFC7519].
Iss string `json:"iss,omitempty"`
// String identifier for the token, as defined in JWT [RFC7519].
Jti string `json:"jti,omitempty"`
// Integer timestamp, measured in the number of seconds since January 1 1970 UTC, indicating the time before which this permission is not valid.
Nbf int32 `json:"nbf,omitempty"`
// PCT token claims.
PctClaims map[string]string `json:"pct_claims,omitempty"`
// permissions
// Required: true
Permissions []*Permission `json:"permissions"`
// Resource ID.
// Required: true
ResourceID *string `json:"resource_id"`
// resource scopes
// Required: true
ResourceScopes []string `json:"resource_scopes"`
// Subject of the token. Usually a machine-readable identifier of the resource owner who authorized this token.
Sub string `json:"sub,omitempty"`
}
RptIntrospectionResponse RptIntrospectionResponse
swagger:model RptIntrospectionResponse
func (*RptIntrospectionResponse) MarshalBinary ¶
func (m *RptIntrospectionResponse) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*RptIntrospectionResponse) UnmarshalBinary ¶
func (m *RptIntrospectionResponse) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type RptIntrospectionResponse1 ¶
type RptIntrospectionResponse1 struct {
// Boolean indicator of whether or not the presented token is currently active.
// Required: true
Active *bool `json:"active"`
// Service-specific string identifier or list of string identifiers representing the intended audience for this token.
Aud string `json:"aud,omitempty"`
// Client id used to obtain RPT.
ClientID string `json:"clientId,omitempty"`
// Integer timestamp, in seconds since January 1 1970 UTC, indicating when this token will expire.
Exp int64 `json:"exp,omitempty"`
// Integer timestamp, measured in the number of seconds since January 1 1970 UTC, indicating when this permission was originally issued.
Iat int32 `json:"iat,omitempty"`
// String representing the issuer of this token, as defined in JWT [RFC7519].
Iss string `json:"iss,omitempty"`
// String identifier for the token, as defined in JWT [RFC7519].
Jti string `json:"jti,omitempty"`
// Integer timestamp, measured in the number of seconds since January 1 1970 UTC, indicating the time before which this permission is not valid.
Nbf int32 `json:"nbf,omitempty"`
// pct claims
PctClaims map[string]string `json:"pct_claims,omitempty"`
// permissions
// Required: true
Permissions []*Permission `json:"permissions"`
// Resource ID.
// Required: true
ResourceID *string `json:"resource_id"`
// resource scopes
// Required: true
ResourceScopes []string `json:"resource_scopes"`
// Subject of the token. Usually a machine-readable identifier of the resource owner who authorized this token.
Sub string `json:"sub,omitempty"`
}
RptIntrospectionResponse1 RptIntrospectionResponse1
swagger:model RptIntrospectionResponse1
func (*RptIntrospectionResponse1) MarshalBinary ¶
func (m *RptIntrospectionResponse1) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*RptIntrospectionResponse1) UnmarshalBinary ¶
func (m *RptIntrospectionResponse1) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type SessionStateObject ¶
type SessionStateObject struct {
// specifies the time at which session was authenticated.
AuthTime int32 `json:"auth_time,omitempty"`
// custom state
CustomState string `json:"custom_state,omitempty"`
// String that represents the End-User's login state at the OP. It MUST NOT contain the space (\" \") character.
State string `json:"state,omitempty"`
}
SessionStateObject SessionStateObject
swagger:model SessionStateObject
func (*SessionStateObject) MarshalBinary ¶
func (m *SessionStateObject) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*SessionStateObject) UnmarshalBinary ¶
func (m *SessionStateObject) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type TokenResponse ¶
type TokenResponse struct {
// The access token issued by the authorization server.
// Required: true
AccessToken *string `json:"access_token"`
// The lifetime in seconds of the access token. For example, the value \"3600\" denotes that the access token will expire in one hour from the time the response was generated.
ExpiresIn int32 `json:"expires_in,omitempty"`
// id token
IDToken string `json:"id_token,omitempty"`
// The refresh token, which can be used to obtain new access tokens using the same authorization grant
RefreshToken string `json:"refresh_token,omitempty"`
// scope
Scope []string `json:"scope"`
// The access token type provides the client with the information required to successfully utilize the access token to make a protected resource request (along with type-specific attributes).
// Required: true
TokenType *string `json:"token_type"`
}
TokenResponse TokenResponse
AccessTokenResponse.
swagger:model TokenResponse
func (*TokenResponse) MarshalBinary ¶
func (m *TokenResponse) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*TokenResponse) UnmarshalBinary ¶
func (m *TokenResponse) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type TokenResponse1 ¶
type TokenResponse1 struct {
// base64(UTF8(client data))
ClientData string `json:"clientData,omitempty"`
// keyHandle originally passed
KeyHandle string `json:"keyHandle,omitempty"`
// base64(raw response from U2F device)
SignatureData string `json:"signatureData,omitempty"`
}
TokenResponse1 TokenResponse1
swagger:model TokenResponse1
func (*TokenResponse1) MarshalBinary ¶
func (m *TokenResponse1) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*TokenResponse1) UnmarshalBinary ¶
func (m *TokenResponse1) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type TokenResponse2 ¶
type TokenResponse2 struct {
// client data
ClientData string `json:"clientData,omitempty"`
// device data
DeviceData string `json:"deviceData,omitempty"`
// registration data
RegistrationData string `json:"registrationData,omitempty"`
}
TokenResponse2 TokenResponse2
FIDO U2F device registration details ¶
swagger:model TokenResponse2
func (*TokenResponse2) MarshalBinary ¶
func (m *TokenResponse2) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*TokenResponse2) UnmarshalBinary ¶
func (m *TokenResponse2) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type U2FConfiguration ¶
type U2FConfiguration struct {
// authentication endpoint
AuthenticationEndpoint string `json:"authentication_endpoint,omitempty"`
// A URI indicating the party operating the FIDO U2F server.
// Required: true
Issuer *string `json:"issuer"`
// registration endpoint
RegistrationEndpoint string `json:"registration_endpoint,omitempty"`
// The version of the FIDO U2F core protocol to which this server conforms. The value MUST be the string 1.0.
// Required: true
Version *string `json:"version"`
}
U2FConfiguration U2fConfiguration
FIDO U2F Configuration.
swagger:model U2fConfiguration
func (*U2FConfiguration) MarshalBinary ¶
func (m *U2FConfiguration) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*U2FConfiguration) UnmarshalBinary ¶
func (m *U2FConfiguration) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type UMA2ConfigurationResponse ¶
type UMA2ConfigurationResponse struct {
// URL of the authorization server's authorization endpoint. example: https://sample.com/oxauth/restv1/authorize token_endpoint: type: string description: URL of the authorization server's token endpoint [RFC6749]. This is REQUIRED unless only the implicit grant type is used. example: https://sample.com/oxauth/restv1/token jwks_uri: type: string description: URL of the authorization server's JWK Set [JWK] document. The referenced document contains the signing key(s) the client uses to validate signatures from the authorization server. This URL MUST use the "https" scheme. The JWK Set MAY also contain the server's encryption key(s), which are used by clients to encrypt requests to the server. When both signing and encryption keys are made available, a "use" (public key use) parameter value is REQUIRED for all keys in the referenced JWK Set to indicate each key's intended usage. example: https://sample.com/oxauth/restv1/jwks registration_endpoint: type: string description: URL of the authorization server's OAuth 2.0 Dynamic Client Registration endpoint [RFC7591] example: https://sample.com/oxauth/restv1/register response_types_supported: type: array items: type: string description: JSON array containing a list of the OAuth 2.0 "response_type" values that this authorization server supports. The array values used are the same as those used with the "response_types" parameter defined by "OAuth 2.0 Dynamic Client Registration Protocol" [RFC7591]. example: - code - id_token - token grant_types_supported: type: array items: type: string description: JSON array containing a list of the OAuth 2.0 grant type values that this authorization server supports. The array values used are the same as those used with the "grant_types" parameter defined by "OAuth 2.0 Dynamic Client Registration Protocol" [RFC7591]. If omitted, the default value is "["authorization_code", "implicit"]". example: - authorization_code - implicit - client_credentials token_endpoint_auth_methods_supported: type: array items: type: string description: JSON array containing a list of client authentication methods supported by this token endpoint. Client authentication method values are used in the "token_endpoint_auth_method" parameter defined in Section 2 of [RFC7591]. If omitted, the default is "client_secret_basic" -- the HTTP Basic Authentication Scheme specified in Section 2.3.1 of OAuth 2.0 [RFC6749]. example: - client_secret_basic - client_secret_post - client_secret_jwt - private_key_jwt token_endpoint_auth_signing_alg_values_supported: type: array items: type: string description: JSON array containing a list of the JWS signing algorithms ("alg" values) supported by the token endpoint for the signature on the JWT [JWT] used to authenticate the client at the token endpoint for the "private_key_jwt" and "client_secret_jwt" authentication methods. Servers SHOULD support "RS256". The value "none" MUST NOT be used. example: - HS256 - HS384 - HS512 - RS256 - RS384 - RS512 - ES256 - ES384 - ES512 service_documentation: type: string description: URL of a page containing human-readable information that developers might want or need to know when using the authorization server. In particular, if the authorization server does not support Dynamic Client Registration, then information on how to register clients needs to be provided in this documentation. example: http://<op_docs> ui_locales_supported: type: array items: type: string description: Languages and scripts supported for the user interface, represented as a JSON array of BCP47 [RFC5646] language tag values. example: - en - es op_policy_uri: type: string description: URL that the authorization server provides to the person registering the client to read about the authorization server's requirements on how the client can use the data provided by the authorization server. The registration process SHOULD display this URL to the person registering the client if it is given. As described in Section 5, despite the identifier "op_policy_uri", appearing to be OpenID-specific, its usage in this specification is actually referring to a general OAuth 2.0 feature that is not specific to OpenID Connect. example: http://ox.sample.com/doku.php?id=oxauth:policy op_tos_uri: type: string description: URL that the authorization server provides to the person registering the client to read about the authorization server's terms of service. The registration process SHOULD display this URL to the person registering the client if it is given. As described in Section 5, despite the identifier "op_tos_uri", appearing to be OpenID-specific, its usage in this specification is actually referring to a general OAuth 2.0 feature that is not specific to OpenID Connect. example: http://ox.sample.com/doku.php?id=oxauth:tos introspection_endpoint: type: string description: URL of the authorization server's OAuth 2.0 introspection endpoint [RFC7662]. example: https://sample.com/oxauth/restv1/rpt/status code_challenge_methods_supported: type: array items: type: string description: JSON array containing a list of PKCE [RFC7636] code challenge methods supported by this authorization server. Code challenge method values are used in the "code_challenge_method" parameter defined in Section 4.3 of [RFC7636]. The valid code challenge method values are those registered in the IANA "PKCE Code Challenge Methods" registry [IANA.OAuth.Parameters] claims_interaction_endpoint: type: string description: Static endpoint URI at which the authorization server declares that it interacts with end-user requesting parties to gather claims. If the authorization server also provides a claims interaction endpoint URI as part of its redirect_user hint in a need_info response to a client on authorization failure (see Section 3.3.6), that value overrides this metadata value. Providing the static endpoint URI is useful for enabling interactive claims gathering prior to any pushed-claims flows taking place, so that, for example, it is possible to gather requesting party authorization interactively for collecting all other claims in a "silent" fashion.
// Required: true
AuthorizationEndpoint *string `json:"authorization_endpoint"`
// The authorization server's issuer identifier, which is\n a URL that uses the \"https\" scheme and has no query or fragment\n components. This is the location where \".well-known\" RFC 5785\n [RFC5785] resources containing information about the authorization\n server are published. Using these well-known resources is\n described in Section 3. The issuer identifier is used to prevent\n authorization server mix-up attacks, as described in \"OAuth 2.0 Mix-Up Mitigation\"
// Required: true
Issuer *string `json:"issuer"`
// The endpoint URI at which the resource server requests permissions on the client's behalf.
PermissionEndpoint string `json:"permission_endpoint,omitempty"`
// The endpoint URI at which the resource server registers resources to put them under authorization manager protection.
ResourceRegistrationEndpoint string `json:"resource_registration_endpoint,omitempty"`
// The Scope endpoint URI.
ScopeEndpoint string `json:"scope_endpoint,omitempty"`
// UMA profiles supported by this authorization server. The value is an array of string values, where each string value is a URI identifying an UMA profile
UMAProfilesSupported []string `json:"uma_profiles_supported"`
}
UMA2ConfigurationResponse Uma2ConfigurationResponse
UmaMetadata ¶
swagger:model Uma2ConfigurationResponse
func (*UMA2ConfigurationResponse) MarshalBinary ¶
func (m *UMA2ConfigurationResponse) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*UMA2ConfigurationResponse) UnmarshalBinary ¶
func (m *UMA2ConfigurationResponse) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type UMAPermissionList ¶
type UMAPermissionList struct {
// Number of seconds since January 1 1970 UTC, indicating when this token will expire.
Exp int64 `json:"exp,omitempty"`
// A key/value map that can contain custom parameters.
Params map[string]string `json:"params,omitempty"`
// The identifier for a resource to which this client is seeking access. The identifier MUST correspond to a resource that was previously registered.
// Required: true
ResourceID *string `json:"resource_id"`
// An array referencing zero or more strings representing scopes to which access was granted for this resource. Each string MUST correspond to a scope that was registered by this resource server for the referenced resource.
// Required: true
ResourceScopes []string `json:"resource_scopes"`
}
UMAPermissionList UmaPermissionList
swagger:model UmaPermissionList
func (*UMAPermissionList) MarshalBinary ¶
func (m *UMAPermissionList) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*UMAPermissionList) UnmarshalBinary ¶
func (m *UMAPermissionList) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type UMAResource ¶
type UMAResource struct {
// A human-readable string describing the resource
Description string `json:"description,omitempty"`
// number of seconds since January 1 1970 UTC, indicating when this token will expire.
Exp int64 `json:"exp,omitempty"`
// number of seconds since January 1 1970 UTC, indicating when the token was issued at
Iat int64 `json:"iat,omitempty"`
// A URI for a graphic icon representing the resource set. The referenced icon MAY be used by the authorization server in its resource owner user interface for the resource owner.
IconURI string `json:"icon_uri,omitempty"`
// A human-readable string describing a set of one or more resources. This name MAY be used by the authorization server in its resource owner user interface for the resource owner.
Name string `json:"name,omitempty"`
// An array of strings, any of which MAY be a URI, indicating the available scopes for this resource set. URIs MUST resolve to scope descriptions as defined in Section 2.1. Published scope descriptions MAY reside anywhere on the web; a resource server is not required to self-host scope descriptions and may wish to point to standardized scope descriptions residing elsewhere. It is the resource server's responsibility to ensure that scope description documents are accessible to authorization servers through GET calls to support any user interface requirements. The resource server and authorization server are presumed to have separately negotiated any required interpretation of scope handling not conveyed through scope descriptions.
// Required: true
ResourceScopes []string `json:"resource_scopes"`
// scope expression
ScopeExpression string `json:"scope_expression,omitempty"`
// A string uniquely identifying the semantics of the resource set. For example, if the resource set consists of a single resource that is an identity claim that leverages standardized claim semantics for \"verified email address\", the value of this property could be an identifying URI for this claim.
Type string `json:"type,omitempty"`
}
UMAResource UmaResource
Resource description ¶
swagger:model UmaResource
func (*UMAResource) MarshalBinary ¶
func (m *UMAResource) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*UMAResource) UnmarshalBinary ¶
func (m *UMAResource) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type UMAResourceResponse ¶
type UMAResourceResponse struct {
// UMA Resource identifier
// Required: true
ID *string `json:"_id"`
// user access policy uri
UserAccessPolicyURI string `json:"user_access_policy_uri,omitempty"`
}
UMAResourceResponse UmaResourceResponse
UmaResourceResponse Resource created.
swagger:model UmaResourceResponse
func (*UMAResourceResponse) MarshalBinary ¶
func (m *UMAResourceResponse) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*UMAResourceResponse) UnmarshalBinary ¶
func (m *UMAResourceResponse) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type UMAResourceWithID ¶
type UMAResourceWithID struct {
// UMA Resource identifier
// Required: true
ID *string `json:"_id"`
// A human-readable string describing the resource
Description string `json:"description,omitempty"`
// number of seconds since January 1 1970 UTC, indicating when this token will expire.
// Required: true
Exp *int64 `json:"exp"`
// number of seconds since January 1 1970 UTC, indicating when the token was issued at
// Required: true
Iat *int64 `json:"iat"`
// A URI for a graphic icon representing the resource set. The referenced icon MAY be used by the authorization server in its resource owner user interface for the resource owner.
IconURI string `json:"icon_uri,omitempty"`
// A human-readable string describing a set of one or more resources. This name MAY be used by the authorization server in its resource owner user interface for the resource owner.
Name string `json:"name,omitempty"`
// scope expression
ScopeExpression string `json:"scope_expression,omitempty"`
// An array of strings, any of which MAY be a URI, indicating the available scopes for this resource set. URIs MUST resolve to scope descriptions as defined in Section 2.1. Published scope descriptions MAY reside anywhere on the web; a resource server is not required to self-host scope descriptions and may wish to point to standardized scope descriptions residing elsewhere. It is the resource server's responsibility to ensure that scope description documents are accessible to authorization servers through GET calls to support any user interface requirements. The resource server and authorization server are presumed to have separately negotiated any required interpretation of scope handling not conveyed through scope descriptions.
Scopes []string `json:"scopes"`
// A string uniquely identifying the semantics of the resource set. For example, if the resource set consists of a single resource that is an identity claim that leverages standardized claim semantics for \"verified email address\", the value of this property could be an identifying URI for this claim.
Type string `json:"type,omitempty"`
// A human-readable string describing the resource
URI string `json:"uri,omitempty"`
}
UMAResourceWithID UmaResourceWithId
Uma Resource details ¶
swagger:model UmaResourceWithId
func (*UMAResourceWithID) MarshalBinary ¶
func (m *UMAResourceWithID) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*UMAResourceWithID) UnmarshalBinary ¶
func (m *UMAResourceWithID) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type UMAScopeDescription ¶
type UMAScopeDescription struct {
// A human-readable string describing the resource at length. The authorization server MAY use this description in any user interface it presents to a resource owner, for example, for resource protection monitoring or policy setting.
Description string `json:"description,omitempty"`
// A URI for a graphic icon representing the scope. The referenced icon MAY be used by the authorization server in any user interface it presents to the resource owner.
IconURI string `json:"iconUri,omitempty"`
// A human-readable string describing some scope (extent) of access. This name MAY be used by the authorization server in any user interface it presents to the resource owner.
// Required: true
Name *string `json:"name"`
}
UMAScopeDescription UmaScopeDescription
swagger:model UmaScopeDescription
func (*UMAScopeDescription) MarshalBinary ¶
func (m *UMAScopeDescription) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*UMAScopeDescription) UnmarshalBinary ¶
func (m *UMAScopeDescription) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type User ¶
type User struct {
// display name
// Required: true
DisplayName *string `json:"displayName"`
// id
// Required: true
ID *string `json:"id"`
// name
// Required: true
Name *string `json:"name"`
}
User User
User object ¶
swagger:model User
func (*User) MarshalBinary ¶
MarshalBinary interface implementation
func (*User) UnmarshalBinary ¶
UnmarshalBinary interface implementation
type WebKeysConfiguration ¶
type WebKeysConfiguration struct {
// List of JWK - A JSON object that represents a cryptographic key. The members of the object represent properties of the key, including its value.
// Required: true
Keys []*JSONWebKey `json:"keys"`
}
WebKeysConfiguration WebKeysConfiguration
JSON Web Key Set - A JSON object that represents a set of JWKs. The JSON object MUST have a keys member, which is an array of JWKs.
swagger:model WebKeysConfiguration
func (*WebKeysConfiguration) MarshalBinary ¶
func (m *WebKeysConfiguration) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*WebKeysConfiguration) UnmarshalBinary ¶
func (m *WebKeysConfiguration) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
Source Files
¶
- assertion.go
- assertion_options.go
- assertion_options1.go
- assertion_options_response.go
- attestation.go
- attestation_options.go
- attestation_options1.go
- authenticate_request.go
- authenticate_request_message.go
- authenticate_status.go
- backchannel_authorization.go
- client_info_response.go
- client_response.go
- content.go
- credential_creation_options.go
- error_response.go
- fido_2configuration.go
- get_client_token_params.go
- gluu_configuration_response.go
- introspection_response.go
- json_web_key.go
- permission.go
- register_params.go
- register_request.go
- register_request_message.go
- register_response_param.go
- register_site_params.go
- register_status.go
- rpt_introspection_response.go
- rpt_introspection_response1.go
- session_state_object.go
- token_response.go
- token_response1.go
- token_response2.go
- u2f_configuration.go
- uma2_configuration_response.go
- uma_permission_list.go
- uma_resource.go
- uma_resource_response.go
- uma_resource_with_id.go
- uma_scope_description.go
- user.go
- web_keys_configuration.go
Click to show internal directories.
Click to hide internal directories.