Documentation ¶
Index ¶
- Variables
- func HasAnyRole(holder TokenRoles, clientId string, roles ...string) bool
- func HasRoles(holder TokenRoles, clientId string, roles ...string) bool
- func RealmFromIDToken(oidcToken *oidc.IDToken) (string, error)
- func WithJwtContext(ctx context.Context, realmUrl string, jwtContext JwtContext) context.Context
- func WithJwtContextStorage(ctx context.Context) context.Context
- func WithRawTokenSource(ctx context.Context, rawTokenSource RawTokenSource) context.Context
- func WrapError(err error) error
- type JwtContext
- type JwtContextImpl
- func (c *JwtContextImpl) ExchangeToken(ctx context.Context, token string, fromClient string, toClient string) (*oauth2.Token, error)deprecated
- func (c *JwtContextImpl) ExchangeTokenWithConfig(ctx context.Context, token string, toClient string, oauthConfig oauth2.Config) (*oauth2.Token, error)deprecated
- func (c *JwtContextImpl) GetToken(ctx context.Context, client string, username string, pwd string) (*oauth2.Token, error)
- func (c *JwtContextImpl) GetTokenFromLiteralAccessToken(ctx context.Context, literalAccessToken, clientId string, ...) (*oauth2.Token, error)
- func (c *JwtContextImpl) GetTokenFromLiteralAccessTokenWithConfig(ctx context.Context, literalAccessToken string, withOfflineRefresh bool, ...) (*oauth2.Token, error)
- func (c *JwtContextImpl) IdToken(ctx context.Context, token, clientId string) (*oidc.IDToken, error)
- func (c *JwtContextImpl) OAuthConfig(ctx context.Context, clientId string, clientSecret string) (*oauth2.Config, error)
- func (c *JwtContextImpl) OAuthEndpoint(ctx context.Context) (*oauth2.Endpoint, error)
- func (c *JwtContextImpl) RefreshToken(ctx context.Context, refreshToken string, client string) (*oauth2.Token, error)
- func (c *JwtContextImpl) RefreshTokenWithConfig(ctx context.Context, refreshToken string, oauthConfig oauth2.Config) (*oauth2.Token, error)
- func (c *JwtContextImpl) RolesFromToken(ctx context.Context, token, clientId string) (TokenRoles, error)
- func (c *JwtContextImpl) Sourcify(ctx context.Context, token *oauth2.Token, client string) (oauth2.TokenSource, error)
- type RawTokenSource
- type RoleCheckFailedError
- type RoleCheckingHandlerFunc
- type TokenRoles
Constants ¶
This section is empty.
Variables ¶
View Source
var MissingRolesError = fmt.Errorf("missing roles")
Functions ¶
func HasAnyRole ¶ added in v2.2.3
func HasAnyRole(holder TokenRoles, clientId string, roles ...string) bool
func RealmFromIDToken ¶ added in v2.0.14
func WithJwtContext ¶
func WithRawTokenSource ¶ added in v2.2.11
func WithRawTokenSource(ctx context.Context, rawTokenSource RawTokenSource) context.Context
Types ¶
type JwtContext ¶
type JwtContext interface { RolesFromToken(ctx context.Context, token string, clientId string) (TokenRoles, error) OAuthConfig(ctx context.Context, clientId string, clientSecret string) (*oauth2.Config, error) ExchangeToken(ctx context.Context, token string, fromClient string, toClient string) (*oauth2.Token, error) ExchangeTokenWithConfig(ctx context.Context, token string, toClient string, oauthConfig oauth2.Config) (*oauth2.Token, error) GetToken(ctx context.Context, client string, username string, pwd string) (*oauth2.Token, error) GetTokenFromLiteralAccessToken(ctx context.Context, literalAccessToken, clientId string, withOfflineRefresh bool) (*oauth2.Token, error) GetTokenFromLiteralAccessTokenWithConfig(ctx context.Context, literalAccessToken string, withOfflineRefresh bool, oauthConfig oauth2.Config) (*oauth2.Token, error) RefreshToken(ctx context.Context, refreshToken string, client string) (*oauth2.Token, error) RefreshTokenWithConfig(ctx context.Context, refreshToken string, oauthConfig oauth2.Config) (*oauth2.Token, error) Sourcify(ctx context.Context, token *oauth2.Token, client string) (oauth2.TokenSource, error) OAuthEndpoint(ctx context.Context) (*oauth2.Endpoint, error) IdToken(ctx context.Context, token, clientId string) (*oidc.IDToken, error) }
func JwtContextFromContext ¶
func JwtContextFromContext(ctx context.Context, realmUrl string) JwtContext
type JwtContextImpl ¶
func (*JwtContextImpl) ExchangeToken
deprecated
func (*JwtContextImpl) GetTokenFromLiteralAccessToken ¶
func (*JwtContextImpl) GetTokenFromLiteralAccessTokenWithConfig ¶
func (*JwtContextImpl) IdToken ¶ added in v2.1.0
func (c *JwtContextImpl) IdToken(ctx context.Context, token, clientId string) (*oidc.IDToken, error)
func (*JwtContextImpl) OAuthConfig ¶
func (*JwtContextImpl) OAuthEndpoint ¶
func (*JwtContextImpl) RefreshToken ¶
func (*JwtContextImpl) RefreshTokenWithConfig ¶
func (*JwtContextImpl) RolesFromToken ¶ added in v2.0.14
func (c *JwtContextImpl) RolesFromToken(ctx context.Context, token, clientId string) (TokenRoles, error)
type RawTokenSource ¶ added in v2.2.11
func RawTokenSourceFromContext ¶ added in v2.2.11
func RawTokenSourceFromContext(ctx context.Context) RawTokenSource
type RoleCheckFailedError ¶ added in v2.2.11
type RoleCheckFailedError struct {
Cause error
}
func (*RoleCheckFailedError) Error ¶ added in v2.2.11
func (r *RoleCheckFailedError) Error() string
func (*RoleCheckFailedError) Unwrap ¶ added in v2.2.11
func (r *RoleCheckFailedError) Unwrap() error
type RoleCheckingHandlerFunc ¶ added in v2.2.11
type RoleCheckingHandlerFunc func(loginClientId string, tokenRoles TokenRoles) error
RoleCheckingHandlerFunc should return MissingRolesError if the check failed due to a missing role or unsatisfied user capabilities
func ClientRoleCheckingHandlerFunc ¶ added in v2.2.11
func ClientRoleCheckingHandlerFunc(clientId string, roles ...string) RoleCheckingHandlerFunc
ClientRoleCheckingHandlerFunc uses the given clientId to look for the requested roles If an error occurs it will always be an RoleCheckFailedError
func DefaultRoleCheckingHandlerFunc ¶ added in v2.2.11
func DefaultRoleCheckingHandlerFunc(roles ...string) RoleCheckingHandlerFunc
DefaultRoleCheckingHandlerFunc uses the login client to look for the requested roles If an error occurs it will always be an RoleCheckFailedError
type TokenRoles ¶
func ResolveTokenRoles ¶ added in v2.2.11
func ResolveTokenRoles(ctx context.Context, jwtIssuer string, rawToken string, loginClientId string) (TokenRoles, error)
ResolveTokenRoles validates <rawToken>; checks if it is from <jwtIssuer>. Extracts all user roles and returns the roles container If an error occurs it will always be an RoleCheckFailedError
func TokenRolesFromIDToken ¶ added in v2.0.13
func TokenRolesFromIDToken(oidcToken *oidc.IDToken) (TokenRoles, error)
Click to show internal directories.
Click to hide internal directories.