authflow

package

v0.0.0-...-afa1830 Latest Latest Go to latest Published: Apr 13, 2021 License: AGPL-3.0 Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

Repository URL not available.

Documentation ¶

Index ¶

func AssertLegalScopes(requested []string, consented []string) error
func HasNoLoginHint(authURL string) bool
func HasNonePrompt(authURL string) bool
type Client
type HydraHTTP
- func NewHydraHTTP(publicJSONRester rester.Client, adminJSONRester rester.Client, ...) *HydraHTTP
type Service
- func NewService(identityService identity.Service, authFlow authFlowRepo, ...) Service

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func AssertLegalScopes ¶

func AssertLegalScopes(requested []string, consented []string) error

AssertLegalScopes returns an error if any legal scopes contained in requested parameter is missing from the consented parameter

func HasNoLoginHint ¶

func HasNoLoginHint(authURL string) bool

HasNoLoginHint returns true if the received string contains no `login_hint=` string

func HasNonePrompt ¶

func HasNonePrompt(authURL string) bool

HasNonePrompt returns true if the received string contains `promt=none` string

Types ¶

type Client ¶

type Client struct {
	ID string `json:"client_id"`

	Name    string `json:"client_name"`
	LogoURI string `json:"logo_uri"`

	Scope         string   `json:"scope"`
	GrantTypes    []string `json:"grant_types"`
	RedirectURIs  []string `json:"redirect_uris"`
	ResponseTypes []string `json:"response_types"`

	Audience           []string `json:"audience"`
	AllowedCorsOrigins []string `json:"allowed_cors_origins"`

	SubjectType               string `json:"subject_type"`
	UserinfoSignedResponseALG string `json:"userinfo_signed_response_ald"`
	TokenEndpointAuthMethod   string `json:"token_endpoint_auth_method"`
	Secret                    string `json:"client_secret"`
	SecretExpiresAt           int    `json:"client_secret_expires_at"`
}

type HydraHTTP ¶

type HydraHTTP struct {
	// contains filtered or unexported fields
}

HydraHTTP implements Hydra repository interface using HTTP REST

func NewHydraHTTP ¶

func NewHydraHTTP(
	publicJSONRester rester.Client,
	adminJSONRester rester.Client,
	adminFormRester rester.Client,

	protectedPublicFormRester rester.Client,
) *HydraHTTP

NewHydraHTTP is HTTP hydra structure constructor

func (h *HydraHTTP) Consent(ctx context.Context, consentChallenge string, acceptance consent.Acceptance) (consent.Redirect, error)

Consent user's scope to hydra

func (*HydraHTTP) CreateClient ¶

func (h *HydraHTTP) CreateClient(ctx context.Context, cli *Client) error

CreateClient on hydra service

func (*HydraHTTP) DeleteSession ¶

func (h *HydraHTTP) DeleteSession(ctx context.Context, subject string) error

DeleteSession authentication for a subject

func (*HydraHTTP) GetClient ¶

func (h *HydraHTTP) GetClient(ctx context.Context, id string) (Client, error)

GetClient from hydra service using its id

func (*HydraHTTP) GetConsentContext ¶

func (h *HydraHTTP) GetConsentContext(ctx context.Context, consentChallenge string) (consent.Context, error)

GetConsentContext from hydra

func (*HydraHTTP) GetConsentSessions ¶

func (h *HydraHTTP) GetConsentSessions(ctx context.Context, identityID string) ([]consent.Session, error)

GetConsentSessions for a given Identity

func (HydraHTTP) GetLoginContext ¶

func (h HydraHTTP) GetLoginContext(ctx context.Context, loginChallenge string) (login.Context, error)

GetLoginContext from hydra

func (*HydraHTTP) GetUserInfo ¶

func (h *HydraHTTP) GetUserInfo(ctx context.Context, token string) (*userinfo.UserInfo, error)

UserInfo ...

func (h HydraHTTP) Login(ctx context.Context, loginChallenge string, acceptance login.Acceptance) (string, error)

Login user to hydra

func (*HydraHTTP) RevokeToken ¶

func (h *HydraHTTP) RevokeToken(ctx context.Context, accessToken string) error

RevokeToken ...

func (*HydraHTTP) UpdateClient ¶

func (h *HydraHTTP) UpdateClient(ctx context.Context, cli *Client) error

UpdateClient on hydra service

type Service ¶

type Service struct {
	// contains filtered or unexported fields
}

Service ...

func NewService ¶

func NewService(
	identityService identity.Service,
	authFlow authFlowRepo,
	homePageURI, loginPageURI, consentPageURI, selfCliID string,
) Service

NewService ...

func (Service) BuildAndAcceptConsent ¶

func (afs Service) BuildAndAcceptConsent(
	ctx context.Context,
	consentCtx consent.Context,
	identifierValue string,
) string

BuildAndAcceptConsent takes the RequestedScope as consented. It builds the acceptance object and sends it as accepted to the authorization server

func (Service) BuildAndAcceptLogin ¶

func (afs Service) BuildAndAcceptLogin(ctx context.Context, loginCtx login.Context) (string, error)

BuildAndAcceptLogin takes the OIDCContext as the one used to login It builds the acceptance object and sends it as accepted to the authorization server

func (Service) BuildConsentURL ¶

func (afs Service) BuildConsentURL(consentChallenge string) string

BuildConsentURL helper

func (Service) BuildLoginURL ¶

func (afs Service) BuildLoginURL(loginChallenge string) string

BuildLoginURL ...

func (Service) BuildResetURL ¶

func (afs Service) BuildResetURL(authURL string) string

BuildResetURL ...

func (Service) ConsentRedirectErr ¶

func (afs Service) ConsentRedirectErr(err error) string

ConsentRedirectErr helper

func (Service) ConsentRequiredErr ¶

func (afs Service) ConsentRequiredErr() string

ConsentRequiredErr helper

func (Service) GetConsentContext ¶

func (afs Service) GetConsentContext(ctx context.Context, consentChallenge string) (consent.Context, error)

GetConsentContext ...

func (Service) GetLoginContext ¶

func (afs Service) GetLoginContext(ctx context.Context, loginChallenge string) (login.Context, error)

GetLoginContext using a login challenge

func (Service) GetUserInfo ¶

func (afs Service) GetUserInfo(ctx context.Context, token string) (*userinfo.UserInfo, error)

func (Service) LoginRedirectErr ¶

func (afs Service) LoginRedirectErr(err error) string

LoginRedirectErr helper

func (Service) LoginRequiredErr ¶

func (afs Service) LoginRequiredErr() string

LoginRequiredErr helper

func (Service) Logout ¶

func (afs Service) Logout(ctx context.Context, subject string, token string) error

Logout ...

func (Service) ShouldSkipConsent ¶

func (afs Service) ShouldSkipConsent(
	ctx context.Context, exec boil.ContextExecutor,
	requestedScopes []string, ssoClientID string, accountID string,
) (bool, error)

ShouldSkipConsent returns a boolean corresponding to Skipable and a potential error that may occur during the computation of the boolean. the ssoClientID (currently involved client) is used to check if the implicit consent is allowed (the other identities' consent linked to the account make the consent automatic)

func (Service) UpdateClientSecret ¶

func (afs Service) UpdateClientSecret(ctx context.Context, cliID string, newSecret string) error

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
consent
login
userinfo

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL