login

package

v0.20.0 Latest Latest Go to latest Published: Sep 27, 2022 License: Apache-2.0 Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/vmware-tanzu/pinniped

Links

Open Source Insights

Documentation ¶

Index ¶

func NewHandler(stateDecoder oidc.Decoder, cookieDecoder oidc.Decoder, getHandler HandlerFunc, ...) http.Handler
func RedirectToLoginPage(r *http.Request, w http.ResponseWriter, downstreamIssuer string, ...) error
type ErrorParamValue
type HandlerFunc
- func NewGetHandler(loginPath string) HandlerFunc
- func NewPostHandler(issuerURL string, upstreamIDPs oidc.UpstreamIdentityProvidersLister, ...) HandlerFunc

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewHandler ¶

func NewHandler(
	stateDecoder oidc.Decoder,
	cookieDecoder oidc.Decoder,
	getHandler HandlerFunc,
	postHandler HandlerFunc,
) http.Handler

NewHandler returns a http.Handler that serves the login endpoint for IDPs that don't have their own web UI for login.

This handler takes care of the shared concerns between the GET and POST methods of the login endpoint: checking the method, checking the CSRF cookie, decoding the state param, and adding security headers. Then it defers the rest of the handling to the passed in handler functions for GET and POST requests. Note that CSRF protection isn't needed on GET requests, but it doesn't hurt. Putting it here keeps the implementations and tests of HandlerFunc simpler since they won't need to deal with any decoders. Users should always initially get redirected to this page from the authorization endpoint, and never need to navigate directly to this page in their browser without going through the authorization endpoint first. Once their browser has landed on this page, it should be okay for the user to refresh the browser.

func RedirectToLoginPage ¶

func RedirectToLoginPage(
	r *http.Request,
	w http.ResponseWriter,
	downstreamIssuer string,
	encodedStateParamValue string,
	errToDisplay ErrorParamValue,
) error

RedirectToLoginPage redirects to the GET /login page of the specified issuer. The specified issuer should never end with a "/", which is validated by provider.FederationDomainIssuer when the issuer string comes from that type.

Types ¶

type ErrorParamValue ¶

type ErrorParamValue string

const (
	ShowNoError        ErrorParamValue = ""
	ShowInternalError  ErrorParamValue = "internal_error"
	ShowBadUserPassErr ErrorParamValue = "login_error"
)

type HandlerFunc ¶

type HandlerFunc func(
	w http.ResponseWriter,
	r *http.Request,
	encodedState string,
	decodedState *oidc.UpstreamStateParamData,
) error

HandlerFunc is a function that can handle either a GET or POST request for the login endpoint.

func NewGetHandler ¶

func NewGetHandler(loginPath string) HandlerFunc

func NewPostHandler ¶

func NewPostHandler(issuerURL string, upstreamIDPs oidc.UpstreamIdentityProvidersLister, oauthHelper fosite.OAuth2Provider) HandlerFunc

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
loginhtml Package loginhtml defines HTML templates used by the Supervisor.	Package loginhtml defines HTML templates used by the Supervisor.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL