Documentation
¶
Overview ¶
Package downstreamsession provides some shared helpers for creating downstream OIDC sessions.
Index ¶
- func DownstreamLDAPSubject(uid string, ldapURL url.URL) string
- func DownstreamSubjectFromUpstreamLDAP(ldapUpstream provider.UpstreamLDAPIdentityProviderI, ...) string
- func ExtractStringClaimValue(claimName string, upstreamIDPName string, idTokenClaims map[string]interface{}) (string, error)
- func GetDownstreamIdentityFromUpstreamIDToken(upstreamIDPConfig provider.UpstreamOIDCIdentityProviderI, ...) (string, string, []string, error)
- func GetGroupsFromUpstreamIDToken(upstreamIDPConfig provider.UpstreamOIDCIdentityProviderI, ...) ([]string, error)
- func GrantScopesIfRequested(authorizeRequester fosite.AuthorizeRequester)
- func MakeDownstreamLDAPOrADCustomSessionData(ldapUpstream provider.UpstreamLDAPIdentityProviderI, ...) *psession.CustomSessionData
- func MakeDownstreamOIDCCustomSessionData(oidcUpstream provider.UpstreamOIDCIdentityProviderI, token *oidctypes.Token) (*psession.CustomSessionData, error)
- func MakeDownstreamSession(subject string, username string, groups []string, ...) *psession.PinnipedSession
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DownstreamLDAPSubject ¶ added in v0.13.0
func DownstreamSubjectFromUpstreamLDAP ¶ added in v0.18.0
func DownstreamSubjectFromUpstreamLDAP(ldapUpstream provider.UpstreamLDAPIdentityProviderI, authenticateResponse *authenticators.Response) string
func ExtractStringClaimValue ¶ added in v0.13.0
func GetDownstreamIdentityFromUpstreamIDToken ¶ added in v0.11.0
func GetDownstreamIdentityFromUpstreamIDToken( upstreamIDPConfig provider.UpstreamOIDCIdentityProviderI, idTokenClaims map[string]interface{}, ) (string, string, []string, error)
GetDownstreamIdentityFromUpstreamIDToken returns the mapped subject, username, and group names, in that order.
func GetGroupsFromUpstreamIDToken ¶ added in v0.13.0
func GetGroupsFromUpstreamIDToken( upstreamIDPConfig provider.UpstreamOIDCIdentityProviderI, idTokenClaims map[string]interface{}, ) ([]string, error)
GetGroupsFromUpstreamIDToken returns mapped group names coerced into a slice of strings. It returns nil when there is no configured groups claim name, or then when the configured claim name is not found in the provided map of claims. It returns an error when the claim exists but its value cannot be parsed.
func GrantScopesIfRequested ¶
func GrantScopesIfRequested(authorizeRequester fosite.AuthorizeRequester)
GrantScopesIfRequested auto-grants the scopes for which we do not require end-user approval, if they were requested.
func MakeDownstreamLDAPOrADCustomSessionData ¶ added in v0.18.0
func MakeDownstreamLDAPOrADCustomSessionData( ldapUpstream provider.UpstreamLDAPIdentityProviderI, idpType psession.ProviderType, authenticateResponse *authenticators.Response, ) *psession.CustomSessionData
func MakeDownstreamOIDCCustomSessionData ¶ added in v0.13.0
func MakeDownstreamOIDCCustomSessionData(oidcUpstream provider.UpstreamOIDCIdentityProviderI, token *oidctypes.Token) (*psession.CustomSessionData, error)
func MakeDownstreamSession ¶
func MakeDownstreamSession(subject string, username string, groups []string, custom *psession.CustomSessionData) *psession.PinnipedSession
MakeDownstreamSession creates a downstream OIDC session.
Types ¶
This section is empty.
Source Files