Documentation
¶
Index ¶
- Constants
- Variables
- func AuthCheckHandler(w http.ResponseWriter, r *http.Request)
- func Initialize() error
- func IsEnabled() bool
- func IsOIDCEnabled() bool
- func RequireAuth(next http.HandlerFunc) http.HandlerFunc
- func WriteBlockPage(w http.ResponseWriter, status int, error string, logoutURL string)
- type IDTokenClaims
- type OIDCProvider
- func (auth *OIDCProvider) CheckToken(r *http.Request) error
- func (auth *OIDCProvider) HandleAuth(w http.ResponseWriter, r *http.Request)
- func (auth *OIDCProvider) LoginHandler(w http.ResponseWriter, r *http.Request)
- func (auth *OIDCProvider) LogoutHandler(w http.ResponseWriter, r *http.Request)
- func (auth *OIDCProvider) PostAuthCallbackHandler(w http.ResponseWriter, r *http.Request)
- func (auth *OIDCProvider) SetAllowedGroups(groups []string)
- func (auth *OIDCProvider) SetAllowedUsers(users []string)
- func (auth *OIDCProvider) TryRefreshToken(w http.ResponseWriter, r *http.Request, sessionJWT string) error
- type Provider
- type Session
- type UserPassAuth
- func (auth *UserPassAuth) CheckToken(r *http.Request) error
- func (auth *UserPassAuth) LoginHandler(w http.ResponseWriter, r *http.Request)
- func (auth *UserPassAuth) LogoutHandler(w http.ResponseWriter, r *http.Request)
- func (auth *UserPassAuth) NewToken() (token string, err error)
- func (auth *UserPassAuth) PostAuthCallbackHandler(w http.ResponseWriter, r *http.Request)
- func (auth *UserPassAuth) TokenCookieName() string
- type UserPassClaims
Constants ¶
View Source
const ( CookieOauthState = "godoxy_oidc_state" CookieOauthToken = "godoxy_oauth_token" CookieOauthSessionToken = "godoxy_session_token" )
View Source
const ( OIDCAuthInitPath = "/" OIDCPostAuthPath = "/auth/callback" OIDCLogoutPath = "/auth/logout" )
Variables ¶
View Source
var ( ErrInvalidUsername = gperr.New("invalid username") ErrInvalidPassword = gperr.New("invalid password") )
View Source
var ( ErrMissingOAuthToken = gperr.New("missing oauth token") ErrMissingSessionToken = gperr.New("missing session token") ErrInvalidOAuthToken = gperr.New("invalid oauth token") ErrInvalidSessionToken = gperr.New("invalid session token") ErrUserNotAllowed = gperr.New("user not allowed") )
View Source
var (
ErrRefreshTokenFailure = errors.New("failed to refresh token")
)
Functions ¶
func AuthCheckHandler ¶
func AuthCheckHandler(w http.ResponseWriter, r *http.Request)
func IsOIDCEnabled ¶
func IsOIDCEnabled() bool
func RequireAuth ¶
func RequireAuth(next http.HandlerFunc) http.HandlerFunc
func WriteBlockPage ¶
func WriteBlockPage(w http.ResponseWriter, status int, error string, logoutURL string)
Types ¶
type IDTokenClaims ¶
type OIDCProvider ¶
type OIDCProvider struct {
// contains filtered or unexported fields
}
func NewOIDCProvider ¶
func NewOIDCProvider(issuerURL, clientID, clientSecret string, allowedUsers, allowedGroups []string) (*OIDCProvider, error)
func NewOIDCProviderFromEnv ¶
func NewOIDCProviderFromEnv() (*OIDCProvider, error)
NewOIDCProviderFromEnv creates a new OIDCProvider from environment variables.
func (*OIDCProvider) CheckToken ¶
func (auth *OIDCProvider) CheckToken(r *http.Request) error
func (*OIDCProvider) HandleAuth ¶
func (auth *OIDCProvider) HandleAuth(w http.ResponseWriter, r *http.Request)
func (*OIDCProvider) LoginHandler ¶
func (auth *OIDCProvider) LoginHandler(w http.ResponseWriter, r *http.Request)
func (*OIDCProvider) LogoutHandler ¶
func (auth *OIDCProvider) LogoutHandler(w http.ResponseWriter, r *http.Request)
func (*OIDCProvider) PostAuthCallbackHandler ¶
func (auth *OIDCProvider) PostAuthCallbackHandler(w http.ResponseWriter, r *http.Request)
func (*OIDCProvider) SetAllowedGroups ¶
func (auth *OIDCProvider) SetAllowedGroups(groups []string)
func (*OIDCProvider) SetAllowedUsers ¶
func (auth *OIDCProvider) SetAllowedUsers(users []string)
func (*OIDCProvider) TryRefreshToken ¶
func (auth *OIDCProvider) TryRefreshToken(w http.ResponseWriter, r *http.Request, sessionJWT string) error
type Provider ¶
type Provider interface {
CheckToken(r *http.Request) error
LoginHandler(w http.ResponseWriter, r *http.Request)
PostAuthCallbackHandler(w http.ResponseWriter, r *http.Request)
LogoutHandler(w http.ResponseWriter, r *http.Request)
}
func GetDefaultAuth ¶
func GetDefaultAuth() Provider
type UserPassAuth ¶
type UserPassAuth struct {
// contains filtered or unexported fields
}
func NewUserPassAuth ¶
func NewUserPassAuthFromEnv ¶
func NewUserPassAuthFromEnv() (*UserPassAuth, error)
func (*UserPassAuth) CheckToken ¶
func (auth *UserPassAuth) CheckToken(r *http.Request) error
func (*UserPassAuth) LoginHandler ¶
func (auth *UserPassAuth) LoginHandler(w http.ResponseWriter, r *http.Request)
func (*UserPassAuth) LogoutHandler ¶
func (auth *UserPassAuth) LogoutHandler(w http.ResponseWriter, r *http.Request)
func (*UserPassAuth) NewToken ¶
func (auth *UserPassAuth) NewToken() (token string, err error)
func (*UserPassAuth) PostAuthCallbackHandler ¶
func (auth *UserPassAuth) PostAuthCallbackHandler(w http.ResponseWriter, r *http.Request)
func (*UserPassAuth) TokenCookieName ¶
func (auth *UserPassAuth) TokenCookieName() string
type UserPassClaims ¶
type UserPassClaims struct {
Username string `json:"username"`
jwt.RegisteredClaims
}
Source Files
Click to show internal directories.
Click to hide internal directories.