client

package

v3.22.1 Latest Latest Go to latest Published: Apr 22, 2024 License: Apache-2.0 Imports: 17 Imported by: 8

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/zitadel/oidc

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func CallDeviceAccessTokenEndpoint(ctx context.Context, request *DeviceAccessTokenRequest, ...) (*oidc.AccessTokenResponse, error)
func CallDeviceAuthorizationEndpoint(ctx context.Context, request *oidc.ClientCredentialsRequest, ...) (*oidc.DeviceAuthorizationResponse, error)
func CallEndSessionEndpoint(ctx context.Context, request any, authFn any, caller EndSessionCaller) (*url.URL, error)
func CallRevokeEndpoint(ctx context.Context, request any, authFn any, caller RevokeCaller) error
func CallTokenEndpoint(ctx context.Context, request any, caller TokenEndpointCaller) (newToken *oauth2.Token, err error)
func CallTokenExchangeEndpoint(ctx context.Context, request any, authFn any, caller TokenEndpointCaller) (resp *oidc.TokenExchangeResponse, err error)
func ClientAssertionCodeOptions(assertion string) []oauth2.AuthCodeOption
func ClientAssertionFormAuthorization(assertion string) http.FormAuthorization
func Discover(ctx context.Context, issuer string, httpClient *http.Client, ...) (*oidc.DiscoveryConfiguration, error)
func JWTProfileExchange(ctx context.Context, jwtProfileGrantRequest *oidc.JWTProfileGrantRequest, ...) (*oauth2.Token, error)
func NewSignerFromPrivateKeyByte(key []byte, keyID string) (jose.Signer, error)
func PollDeviceAccessTokenEndpoint(ctx context.Context, interval time.Duration, request *DeviceAccessTokenRequest, ...) (*oidc.AccessTokenResponse, error)
func SignedJWTProfileAssertion(clientID string, audience []string, expiration time.Duration, ...) (string, error)
type DeviceAccessTokenRequest
type DeviceAuthorizationCaller
type EndSessionCaller
type KeyFile
- func ConfigFromKeyFile(path string) (*KeyFile, error)
- func ConfigFromKeyFileData(data []byte) (*KeyFile, error)
type RevokeCaller
type RevokeRequest
type TokenEndpointCaller

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	Encoder = httphelper.Encoder(oidc.NewEncoder())
	Tracer  = otel.Tracer("github.com/zitadel/oidc/pkg/client")
)

View Source

var ErrEndpointNotSet = errors.New("endpoint not set")

Functions ¶

func CallDeviceAccessTokenEndpoint ¶

func CallDeviceAccessTokenEndpoint(ctx context.Context, request *DeviceAccessTokenRequest, caller TokenEndpointCaller) (*oidc.AccessTokenResponse, error)

func CallDeviceAuthorizationEndpoint ¶

func CallDeviceAuthorizationEndpoint(ctx context.Context, request *oidc.ClientCredentialsRequest, caller DeviceAuthorizationCaller, authFn any) (*oidc.DeviceAuthorizationResponse, error)

func CallEndSessionEndpoint ¶

func CallEndSessionEndpoint(ctx context.Context, request any, authFn any, caller EndSessionCaller) (*url.URL, error)

func CallRevokeEndpoint ¶

func CallRevokeEndpoint(ctx context.Context, request any, authFn any, caller RevokeCaller) error

func CallTokenEndpoint ¶

func CallTokenEndpoint(ctx context.Context, request any, caller TokenEndpointCaller) (newToken *oauth2.Token, err error)

func CallTokenExchangeEndpoint ¶

func CallTokenExchangeEndpoint(ctx context.Context, request any, authFn any, caller TokenEndpointCaller) (resp *oidc.TokenExchangeResponse, err error)

func ClientAssertionCodeOptions ¶

func ClientAssertionCodeOptions(assertion string) []oauth2.AuthCodeOption

func ClientAssertionFormAuthorization ¶

func ClientAssertionFormAuthorization(assertion string) http.FormAuthorization

func Discover ¶

func Discover(ctx context.Context, issuer string, httpClient *http.Client, wellKnownUrl ...string) (*oidc.DiscoveryConfiguration, error)

Discover calls the discovery endpoint of the provided issuer and returns its configuration It accepts an optional argument "wellknownUrl" which can be used to overide the dicovery endpoint url

func JWTProfileExchange ¶

func JWTProfileExchange(ctx context.Context, jwtProfileGrantRequest *oidc.JWTProfileGrantRequest, caller TokenEndpointCaller) (*oauth2.Token, error)

JWTProfileExchange handles the oauth2 jwt profile exchange

func NewSignerFromPrivateKeyByte ¶

func NewSignerFromPrivateKeyByte(key []byte, keyID string) (jose.Signer, error)

func PollDeviceAccessTokenEndpoint ¶

func PollDeviceAccessTokenEndpoint(ctx context.Context, interval time.Duration, request *DeviceAccessTokenRequest, caller TokenEndpointCaller) (*oidc.AccessTokenResponse, error)

func SignedJWTProfileAssertion ¶

func SignedJWTProfileAssertion(clientID string, audience []string, expiration time.Duration, signer jose.Signer) (string, error)

Types ¶

type DeviceAccessTokenRequest ¶

type DeviceAccessTokenRequest struct {
	*oidc.ClientCredentialsRequest
	oidc.DeviceAccessTokenRequest
}

type DeviceAuthorizationCaller ¶

type DeviceAuthorizationCaller interface {
	GetDeviceAuthorizationEndpoint() string
	HttpClient() *http.Client
}

type EndSessionCaller ¶

type EndSessionCaller interface {
	GetEndSessionEndpoint() string
	HttpClient() *http.Client
}

type KeyFile ¶

type KeyFile struct {
	Type   string `json:"type"` // serviceaccount or application
	KeyID  string `json:"keyId"`
	Key    string `json:"key"`
	Issuer string `json:"issuer"` // not yet in file

	// serviceaccount
	UserID string `json:"userId"`

	// application
	ClientID string `json:"clientId"`
}

func ConfigFromKeyFile ¶

func ConfigFromKeyFile(path string) (*KeyFile, error)

func ConfigFromKeyFileData ¶

func ConfigFromKeyFileData(data []byte) (*KeyFile, error)

type RevokeCaller ¶

type RevokeCaller interface {
	GetRevokeEndpoint() string
	HttpClient() *http.Client
}

type RevokeRequest ¶

type RevokeRequest struct {
	Token         string `schema:"token"`
	TokenTypeHint string `schema:"token_type_hint"`
	ClientID      string `schema:"client_id"`
	ClientSecret  string `schema:"client_secret"`
}

type TokenEndpointCaller ¶

type TokenEndpointCaller interface {
	TokenEndpoint() string
	HttpClient() *http.Client
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
profile
rp
cli
rs
tokenexchange

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL