auth

package

v0.0.0-...-5c2e7a1 Latest Latest Go to latest Published: Dec 8, 2022 License: EUPL-1.2 Imports: 25 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

gitlab.com/edea-dev/edea-server

Links

Open Source Insights

Documentation ¶

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	CallbackURL string
	Endpoint    string // where our OIDC server resides

)

Functions ¶

func Authenticate ¶

func Authenticate() gin.HandlerFunc

Authenticate checks if an authorization header or cookie is present and processes it

func CallbackHandler ¶

func CallbackHandler(c *gin.Context)

CallbackHandler http handler

func Init ¶

func Init(a *OIDC) (err error)

Init the OIDC provider

func InitOIDCServer ¶

func InitOIDCServer()

InitOIDCServer initialises a keyset and provides a new authenticator

func Keys ¶

func Keys(c *gin.Context)

Keys endpoint provides our JSON Web Key Set (should be at /keys)

func LoginFormHandler ¶

func LoginFormHandler(c *gin.Context)

LoginFormHandler provides a simple local login form for test purposes

func LoginHandler ¶

func LoginHandler(c *gin.Context)

LoginHandler http handler

func LoginPostHandler ¶

func LoginPostHandler(c *gin.Context)

LoginPostHandler processes the login request

func LogoutCallbackHandler ¶

func LogoutCallbackHandler(c *gin.Context)

LogoutCallbackHandler verifies the CSRF token (if set) and removes the session cookie

func LogoutEndpoint ¶

func LogoutEndpoint(c *gin.Context)

LogoutEndpoint handles logging out the user, e.g. this should invalidate the token auth-side so that if it is presented to us again we know that it has been invalidated

func LogoutHandler ¶

func LogoutHandler(c *gin.Context)

LogoutHandler http handler

func RequireAuth ¶

func RequireAuth() gin.HandlerFunc

RequireAuth checks if there is a valid json web token in the request

func Token ¶

func Token(c *gin.Context)

Token exchanges a "code" against a token which contains the id_token of the requested user specified in "code"

func Userinfo ¶

func Userinfo(c *gin.Context)

Userinfo endpoint provides the claims for a logged in user given a bearer token returns an id_token

func WellKnown ¶

func WellKnown(c *gin.Context)

WellKnown provides the URLs of our endpoints, should be accessible at "/.well-known/openid-configuration"

Types ¶

type OIDC ¶

type OIDC struct {
	ClientID                   string
	ClientSecret               string
	RedirectURL                string
	ProviderURL                string
	LogoutURL                  string // provider logout endpoint
	PostLogoutURL              string
	LogoutIDTokenHint          bool
	LogoutNonce                bool
	LogoutClientID             bool
	PostLoginRedirectURIField  string // defaults to "post_login_redirect_uri"
	PostLogoutRedirectURIField string // defaults to "post_logout_redirect_uri"

	OIDCConfig *oidc.Config
}

OIDC Provider

type Provider ¶

type Provider interface {
	CallbackHandler(w http.ResponseWriter, r *http.Request)
	LoginHandler(w http.ResponseWriter, r *http.Request)
	LogoutHandler(w http.ResponseWriter, r *http.Request)
	LogoutCallbackHandler(w http.ResponseWriter, r *http.Request)
	Init() error
}

Provider interface to be implemented by Identity Providers

type User ¶

type User struct {
	Subject       string `json:"sub"`
	Profile       string `json:"profile"`
	Email         string `json:"email"`
	EmailVerified bool   `json:"email_verified"`
	IsAdmin       bool   `json:"is_admin"`
	Password      string `json:"password"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL