Version: v1.8.6 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Nov 15, 2019 License: Apache-2.0 Imports: 18 Imported by: 0




This section is empty.


This section is empty.


func AuthCodeURL

func AuthCodeURL(state string) (string, error)

AuthCodeURL returns the URL for OIDC provider's consent page. The state should be verified when user is redirected back to Harbor.

func SetHardcodeVerifierForTest

func SetHardcodeVerifierForTest(s string)

SetHardcodeVerifierForTest overwrite the default secret manager for testing. Be reminded this is for testing only.

func VerifyAndPersistToken

func VerifyAndPersistToken(ctx context.Context, user *models.OIDCUser) error

VerifyAndPersistToken calls the manager to verify token and persist it if it's refreshed.

func VerifySecret

func VerifySecret(ctx context.Context, userID int, secret string) error

VerifySecret calls the manager to verify the secret.

func VerifyToken

func VerifyToken(ctx context.Context, rawIDToken string) (*gooidc.IDToken, error)

VerifyToken verifies the ID token based on the OIDC settings


type SecretManager

type SecretManager interface {
	// VerifySecret verifies the secret and the token associated with it, it refreshes the token in the DB if it's
	// refreshed during the verification
	VerifySecret(ctx context.Context, userID int, secret string) error
	// VerifyToken verifies the token in the model from parm,
	// and refreshes the token in the DB if it's refreshed during the verification.
	VerifyToken(ctx context.Context, user *models.OIDCUser) error

SecretManager is the interface for store and verify the secret

type SecretVerifyError

type SecretVerifyError struct {
	// contains filtered or unexported fields

SecretVerifyError wraps the different errors happened when verifying a secret for OIDC user. When seeing this error, the caller should consider this an authentication error.

func (*SecretVerifyError) Error

func (se *SecretVerifyError) Error() string

type Token

type Token struct {
	IDToken string `json:"id_token"`

Token wraps the attributes of a oauth2 token plus the attribute of ID token

func ExchangeToken

func ExchangeToken(ctx context.Context, code string) (*Token, error)

ExchangeToken get the token from token provider via the code

func RefreshToken

func RefreshToken(ctx context.Context, token *Token) (*Token, error)

RefreshToken refreshes the token passed in parameter, and return the new token.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL