oidc

package
v1.24.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 28, 2024 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	DiscoveryEndpoint = "/.well-known/openid-configuration"
	JWKSPath          = "/keys"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type DiscoveryConfiguration added in v1.24.1 

type DiscoveryConfiguration struct {
	Issuer                           string   `json:"issuer,omitempty"`
	JwksURI                          string   `json:"jwks_uri,omitempty"`
	IDTokenSigningAlgValuesSupported []string `json:"id_token_signing_alg_values_supported,omitempty"`
}

nolint: tagliatelle

type LocalAuthStorage 

type LocalAuthStorage struct {
	Certs tls.Certificate
	// contains filtered or unexported fields
}

func (LocalAuthStorage) AuthRequestByCode 

func (s LocalAuthStorage) AuthRequestByCode(_ context.Context, _ string) (op.AuthRequest, error)

func (LocalAuthStorage) AuthRequestByID 

func (s LocalAuthStorage) AuthRequestByID(_ context.Context, _ string) (op.AuthRequest, error)

func (LocalAuthStorage) CreateAccessAndRefreshTokens 

func (s LocalAuthStorage) CreateAccessAndRefreshTokens(
	ctx context.Context, request op.TokenRequest, currentRefreshToken string,
) (accessTokenID string, newRefreshTokenID string, expiration time.Time, err error)

The TokenRequest parameter of CreateAccessAndRefreshTokens can be any of:

* TokenRequest as returned by ClientCredentialsStorage.ClientCredentialsTokenRequest

* RefreshTokenRequest as returned by AuthStorage.TokenRequestByRefreshToken

  • AuthRequest as by returned by the AuthRequestByID or AuthRequestByCode (above). Used for the authorization code flow which requested offline_access scope and registered the refresh_token grant type in advance

func (LocalAuthStorage) CreateAccessToken 

func (s LocalAuthStorage) CreateAccessToken(_ context.Context, _ op.TokenRequest) (accessTokenID string, expiration time.Time, err error)

The TokenRequest parameter of CreateAccessToken can be any of:

* TokenRequest as returned by ClientCredentialsStorage.ClientCredentialsTokenRequest,

* AuthRequest as returned by AuthRequestByID or AuthRequestByCode (above)

func (LocalAuthStorage) CreateAuthRequest 

func (s LocalAuthStorage) CreateAuthRequest(_ context.Context, _ *oidc.AuthRequest, _ string) (op.AuthRequest, error)

func (LocalAuthStorage) DeleteAuthRequest 

func (s LocalAuthStorage) DeleteAuthRequest(_ context.Context, _ string) error

func (LocalAuthStorage) GetKeySet 

func (s LocalAuthStorage) GetKeySet(ctx context.Context) (*jose.JSONWebKeySet, error)

func (LocalAuthStorage) GetSigningKey 

func (s LocalAuthStorage) GetSigningKey(ctx context.Context, signkey chan<- jose.SigningKey)

func (LocalAuthStorage) RevokeToken 

func (s LocalAuthStorage) RevokeToken(ctx context.Context, tokenID string, userID string, clientID string) *oidc.Error

func (LocalAuthStorage) SaveAuthCode 

func (s LocalAuthStorage) SaveAuthCode(_ context.Context, _ string, _ string) error

func (LocalAuthStorage) TerminateSession 

func (s LocalAuthStorage) TerminateSession(ctx context.Context, userID string, clientID string) error

func (LocalAuthStorage) TokenRequestByRefreshToken 

func (s LocalAuthStorage) TokenRequestByRefreshToken(ctx context.Context, refreshTokenID string) (op.RefreshTokenRequest, error)

type LocalOPStorage 

type LocalOPStorage struct{}

func (LocalOPStorage) AuthorizeClientIDSecret 

func (s LocalOPStorage) AuthorizeClientIDSecret(ctx context.Context, clientID string, clientSecret string) error

func (LocalOPStorage) GetClientByClientID 

func (s LocalOPStorage) GetClientByClientID(ctx context.Context, clientID string) (op.Client, error)

func (LocalOPStorage) GetKeyByIDAndUserID 

func (s LocalOPStorage) GetKeyByIDAndUserID(ctx context.Context, keyID string, userID string) (*jose.JSONWebKey, error)

func (LocalOPStorage) GetPrivateClaimsFromScopes 

func (s LocalOPStorage) GetPrivateClaimsFromScopes(ctx context.Context, userID string, clientID string, scopes []string) (map[string]interface{}, error)

func (LocalOPStorage) SetIntrospectionFromToken 

func (s LocalOPStorage) SetIntrospectionFromToken(
	ctx context.Context, userinfo oidc.IntrospectionResponse, tokenID string, subject string, clientID string,
) error

func (LocalOPStorage) SetUserinfoFromScopes 

func (s LocalOPStorage) SetUserinfoFromScopes(ctx context.Context, userinfo oidc.UserInfoSetter, userID string, clientID string, scopes []string) error

func (LocalOPStorage) SetUserinfoFromToken 

func (s LocalOPStorage) SetUserinfoFromToken(ctx context.Context, userinfo oidc.UserInfoSetter, tokenID string, subject string, origin string) error

func (LocalOPStorage) ValidateJWTProfileScopes 

func (s LocalOPStorage) ValidateJWTProfileScopes(ctx context.Context, userID string, scopes []string) ([]string, error)

type LocalStorage 

type LocalStorage struct {
	LocalOPStorage
	LocalAuthStorage
}

func NewLocalStorage 

func NewLocalStorage(ctx context.Context, options *OIDCOptions) (*LocalStorage, error)

func (*LocalStorage) Health 

func (s *LocalStorage) Health(context.Context) error

type OIDCOptions 

type OIDCOptions struct {
	Issuer   string
	CertFile string
	KeyFile  string
}

type OIDCProvider 

type OIDCProvider struct {
	// contains filtered or unexported fields
}

func NewProvider 

func NewProvider(ctx context.Context, options *OIDCOptions) (*OIDCProvider, error)

func (*OIDCProvider) Discovery added in v1.24.1 

func (m *OIDCProvider) Discovery(w http.ResponseWriter, r *http.Request)

func (*OIDCProvider) JWKS added in v1.24.1 

func (m *OIDCProvider) JWKS(w http.ResponseWriter, r *http.Request)

func (*OIDCProvider) RegisterRoute 

func (m *OIDCProvider) RegisterRoute(g *api.Group)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.