provider

package
v0.34.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 6, 2021 License: Apache-2.0 Imports: 35 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Config 

type Config struct {
	Config *config.Config

	IssuerIdentifier       string
	WellKnownPath          string
	JwksPath               string
	AuthorizationPath      string
	TokenPath              string
	UserInfoPath           string
	EndSessionPath         string
	CheckSessionIframePath string
	RegistrationPath       string

	BrowserStateCookiePath string
	BrowserStateCookieName string

	SessionCookiePath string
	SessionCookieName string

	AccessTokenDuration  time.Duration
	IDTokenDuration      time.Duration
	RefreshTokenDuration time.Duration
}

Config defines a Provider's configuration settings.

type Provider 

type Provider struct {
	Config *Config
	// contains filtered or unexported fields
}

Provider defines an OIDC provider with the handlers for the OIDC endpoints.

func NewProvider 

func NewProvider(c *Config) (*Provider, error)

NewProvider returns a new Provider.

func (*Provider) AuthorizeHandler 

func (p *Provider) AuthorizeHandler(rw http.ResponseWriter, req *http.Request)

AuthorizeHandler implements the HTTP authorization endpoint for OpenID Connect 1.0 as specified at http://openid.net/specs/openid-connect-core-1_0.html#ImplicitAuthorizationEndpoint

Currently AuthorizeHandler implements only the Implicit Flow as specified at http://openid.net/specs/openid-connect-core-1_0.html#ImplicitFlowAuth

func (*Provider) AuthorizeResponse 

func (p *Provider) AuthorizeResponse(rw http.ResponseWriter, req *http.Request, ar *payload.AuthenticationRequest, auth identity.AuthRecord, err error)

AuthorizeResponse writes the result according to the provided parameters to the provided http.ResponseWriter.

func (*Provider) CheckSessionIframeHandler 

func (p *Provider) CheckSessionIframeHandler(rw http.ResponseWriter, req *http.Request)

CheckSessionIframeHandler implements the HTTP endpoint for OP iframe with OpenID Connect Session Management 1.0 as specified at https://openid.net/specs/openid-connect-session-1_0.html#OPiframe

func (*Provider) EndSessionHandler 

func (p *Provider) EndSessionHandler(rw http.ResponseWriter, req *http.Request)

EndSessionHandler implements the HTTP endpoint for RP initiated logout with OpenID Connect Session Management 1.0 as specified at https://openid.net/specs/openid-connect-session-1_0.html#RPLogout

func (*Provider) ErrorPage 

func (p *Provider) ErrorPage(rw http.ResponseWriter, code int, title string, message string)

ErrorPage writes a HTML error page to the provided ResponseWriter.

func (*Provider) Found 

func (p *Provider) Found(rw http.ResponseWriter, uri *url.URL, params interface{}, asFragment bool)

Found writes a HTTP 302 to the provided ResponseWriter with the appropriate Location header creates from the other parameters.

func (*Provider) GetAccessTokenClaimsFromRequest 

func (p *Provider) GetAccessTokenClaimsFromRequest(req *http.Request) (*konnect.AccessTokenClaims, error)

GetAccessTokenClaimsFromRequest reads incoming request, validates the access token and returns the validated claims.

func (*Provider) GetSigningKey 

func (p *Provider) GetSigningKey(signingMethod jwt.SigningMethod) (*SigningKey, bool)

GetSigningKey returns a matching signing key for the provided signing method.

func (*Provider) GetValidationKey 

func (p *Provider) GetValidationKey(id string) (crypto.PublicKey, bool)

GetValidationKey returns the validation key for the provided id.

func (*Provider) InitializeMetadata 

func (p *Provider) InitializeMetadata() error

InitializeMetadata creates the accociated providers meta data document. Call this once all other settings at the provider have been done.

func (*Provider) JwksHandler 

func (p *Provider) JwksHandler(rw http.ResponseWriter, req *http.Request)

JwksHandler implements the HTTP provider JWKS endpoint for OpenID provider metadata used with OpenID Connect Discovery 1.0 as specified at https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata

func (*Provider) LoginRequiredPage 

func (p *Provider) LoginRequiredPage(rw http.ResponseWriter, req *http.Request, uri *url.URL)

LoginRequiredPage writes a HTTP 30 to the provided ResponseWrite with the URL of the provided request (set to the scheme and host of issuer) as continue parameter.

func (*Provider) MakeAccessToken 

func (p *Provider) MakeAccessToken(ctx context.Context, audience string, auth identity.AuthRecord) (string, error)

MakeAccessToken implements the oidc.AccessTokenProvider interface.

func (*Provider) PublicSubjectFromAuth 

func (p *Provider) PublicSubjectFromAuth(auth identity.AuthRecord) (string, error)

PublicSubjectFromAuth creates the provideds auth Subject value with the accociated provider. This subject can be used as URL safe value to uniquely identify the provided auth user with remote systems.

func (*Provider) RegisterManagers 

func (p *Provider) RegisterManagers(mgrs *managers.Managers) error

RegisterManagers registers the provided managers from the

func (*Provider) RegistrationHandler 

func (p *Provider) RegistrationHandler(rw http.ResponseWriter, req *http.Request)

RegistrationHandler implements the HTTP endpoint for client self registration with OpenID Connect Registration 1.0 as specified at https://openid.net/specs/openid-connect-registration-1_0.html#ClientRegistration

func (*Provider) ServeHTTP 

func (p *Provider) ServeHTTP(rw http.ResponseWriter, req *http.Request)

ServerHTTP implements the http.HandlerFunc interface.

func (*Provider) SetSigningKey 

func (p *Provider) SetSigningKey(id string, key crypto.Signer) error

SetSigningKey sets the provided signer as key for token signing with the provided id as key id. The public key of the provided signer is also added as validation key with the same key id.

func (*Provider) SetSigningMethod 

func (p *Provider) SetSigningMethod(signingMethod jwt.SigningMethod) error

SetSigningMethod sets the provided signing method as default signing method of the associated provider.

func (*Provider) SetValidationKey 

func (p *Provider) SetValidationKey(id string, key crypto.PublicKey) error

SetValidationKey sets the provider public key as validation key for token validation for tokens with the provided key.

func (*Provider) TokenHandler 

func (p *Provider) TokenHandler(rw http.ResponseWriter, req *http.Request)

TokenHandler implements the HTTP token endpoint for OpenID Connect 1.0 as specified at http://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint

func (*Provider) UserInfoHandler 

func (p *Provider) UserInfoHandler(rw http.ResponseWriter, req *http.Request)

UserInfoHandler implements the HTTP userinfo endpoint for OpenID Connect 1.0 as specified at https://openid.net/specs/openid-connect-core-1_0.html#UserInfo

func (*Provider) WellKnownHandler 

func (p *Provider) WellKnownHandler(rw http.ResponseWriter, req *http.Request)

WellKnownHandler implements the HTTP provider configuration endpoint for OpenID Connect 1.0 as specified at https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig

type SigningKey 

type SigningKey struct {
	ID            string
	PrivateKey    crypto.Signer
	SigningMethod jwt.SigningMethod
}

A SigningKey bundles a signer with meta data and a signign method.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.