This section is empty.


This section is empty.


This section is empty.


type TokenVerifier

type TokenVerifier struct {
	ProviderURL    string
	ClientID       string
	ClientSecret   string
	Scopes         []string
	RedirectURL    string
	NonceSize      int
	CookieDuration time.Duration
	// contains filtered or unexported fields

    TokenVerifier is an OIDC validator.

    func NewClient

    func NewClient(ctx context.Context, v *TokenVerifier) (*TokenVerifier, error)

      NewClient creates a new validator client

      func (*TokenVerifier) Callback

      func (v *TokenVerifier) Callback(ctx context.Context, u *url.URL) (string, string, int, error)

        Callback is the function that is called back by the IDP to catch the token and perform all other validations. It will return the resulting token, the original URL that was called to initiate the protocol, and the http status response.

        func (*TokenVerifier) IssueRedirect

        func (v *TokenVerifier) IssueRedirect(originURL string) string

          IssueRedirect creates the redirect URL. The URI is created by the provider and it includes a state that is random. The state will be remembered for the return. There is an assumption here that the LBs in front of applications are sticky or the TCP session is re-used. Otherwise, we will need a global state that could introduce additional calls to a central system. TODO: add support for a global state.

          func (*TokenVerifier) Validate

          func (v *TokenVerifier) Validate(ctx context.Context, token string) ([]string, bool, string, error)

            Validate checks if the token is valid and returns the claims. The validator maintains an internal cache with tokens to accelerate performance. If the token is not in the cache, it will validate it with the central authorizer.

            func (*TokenVerifier) VerifierType

            func (v *TokenVerifier) VerifierType() common.JWTType

              VerifierType returns the type of the TokenVerifier.

              Source Files