Documentation ¶
Index ¶
- func DecodeRequest(rel interface{}) (*fosite.Request, error)
- func NewOIDCServer(oidc_handler *OIDCHandler, cfg *viper.Viper) error
- func NewProvider(c OIDCNamespaceConfig, h handlers.MobilityAccountsHandler, s storage.Storage, ...) fosite.OAuth2Provider
- func Run(done chan error, cfg *viper.Viper, handler handlers.MobilityAccountsHandler, ...)
- func ToBytes() mapstructure.DecodeHookFunc
- func ToTimeHookFunc() mapstructure.DecodeHookFunc
- type IssuerPublicKeys
- type OIDCClient
- type OIDCConfig
- type OIDCHandler
- func (op *OIDCHandler) AuthEndpoint(w http.ResponseWriter, r *http.Request)
- func (op *OIDCHandler) IntrospectionEndpoint(w http.ResponseWriter, r *http.Request)
- func (op *OIDCHandler) TokenEndpoint(w http.ResponseWriter, req *http.Request)
- func (op *OIDCHandler) UserinfoEndpoint(w http.ResponseWriter, req *http.Request)
- func (op *OIDCHandler) WellKnownJWKSEndpoint(w http.ResponseWriter, r *http.Request)
- func (op *OIDCHandler) WellKnownOIDCEndpoint(w http.ResponseWriter, r *http.Request)
- type OIDCNamespaceConfig
- type OIDCProviderStore
- func (s *OIDCProviderStore) Authenticate(_ context.Context, name string, secret string) error
- func (s *OIDCProviderStore) ClientAssertionJWTValid(_ context.Context, jti string) error
- func (s *OIDCProviderStore) CreateAccessTokenSession(_ context.Context, signature string, req fosite.Requester) error
- func (s *OIDCProviderStore) CreateAuthorizeCodeSession(_ context.Context, code string, req fosite.Requester) error
- func (s *OIDCProviderStore) CreateOpenIDConnectSession(_ context.Context, authorizeCode string, requester fosite.Requester) error
- func (s *OIDCProviderStore) CreatePARSession(ctx context.Context, requestURI string, request fosite.AuthorizeRequester) error
- func (s *OIDCProviderStore) CreatePKCERequestSession(_ context.Context, code string, req fosite.Requester) error
- func (s *OIDCProviderStore) CreateRefreshTokenSession(_ context.Context, signature string, req fosite.Requester) error
- func (s *OIDCProviderStore) DeleteAccessTokenSession(_ context.Context, signature string) error
- func (s *OIDCProviderStore) DeleteOpenIDConnectSession(_ context.Context, authorizeCode string) error
- func (s *OIDCProviderStore) DeletePARSession(ctx context.Context, requestURI string) error
- func (s *OIDCProviderStore) DeletePKCERequestSession(_ context.Context, code string) error
- func (s *OIDCProviderStore) DeleteRefreshTokenSession(_ context.Context, signature string) error
- func (s *OIDCProviderStore) GetAccessTokenSession(_ context.Context, signature string, _ fosite.Session) (fosite.Requester, error)
- func (s *OIDCProviderStore) GetAuthorizeCodeSession(_ context.Context, code string, _ fosite.Session) (fosite.Requester, error)
- func (s *OIDCProviderStore) GetClient(_ context.Context, id string) (fosite.Client, error)
- func (s *OIDCProviderStore) GetOpenIDConnectSession(_ context.Context, authorizeCode string, requester fosite.Requester) (fosite.Requester, error)
- func (s *OIDCProviderStore) GetPARSession(ctx context.Context, requestURI string) (fosite.AuthorizeRequester, error)
- func (s *OIDCProviderStore) GetPKCERequestSession(_ context.Context, code string, _ fosite.Session) (fosite.Requester, error)
- func (s *OIDCProviderStore) GetPublicKey(ctx context.Context, issuer string, subject string, keyId string) (*jose.JSONWebKey, error)
- func (s *OIDCProviderStore) GetPublicKeyScopes(ctx context.Context, issuer string, subject string, keyId string) ([]string, error)
- func (s *OIDCProviderStore) GetPublicKeys(ctx context.Context, issuer string, subject string) (*jose.JSONWebKeySet, error)
- func (s *OIDCProviderStore) GetRefreshTokenSession(_ context.Context, signature string, _ fosite.Session) (fosite.Requester, error)
- func (s *OIDCProviderStore) InvalidateAuthorizeCodeSession(ctx context.Context, code string) error
- func (s *OIDCProviderStore) IsJWTUsed(ctx context.Context, jti string) (bool, error)
- func (s *OIDCProviderStore) MarkJWTUsedForTime(ctx context.Context, jti string, exp time.Time) error
- func (s *OIDCProviderStore) RevokeAccessToken(ctx context.Context, requestID string) error
- func (s *OIDCProviderStore) RevokeRefreshToken(ctx context.Context, requestID string) error
- func (s *OIDCProviderStore) RevokeRefreshTokenMaybeGracePeriod(ctx context.Context, requestID string, signature string) error
- func (s *OIDCProviderStore) SetClientAssertionJWT(_ context.Context, jti string, exp time.Time) error
- type PublicKeyScopes
- type StoreAuthorizeCode
- type StoreRefreshToken
- type SubjectPublicKeys
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DecodeRequest ¶
func NewOIDCServer ¶
func NewOIDCServer(oidc_handler *OIDCHandler, cfg *viper.Viper) error
func NewProvider ¶
func NewProvider(c OIDCNamespaceConfig, h handlers.MobilityAccountsHandler, s storage.Storage, privateKey *rsa.PrivateKey) fosite.OAuth2Provider
func ToBytes ¶
func ToBytes() mapstructure.DecodeHookFunc
func ToTimeHookFunc ¶
func ToTimeHookFunc() mapstructure.DecodeHookFunc
Types ¶
type IssuerPublicKeys ¶
type IssuerPublicKeys struct { Issuer string KeysBySub map[string]SubjectPublicKeys `mapstructure:"keys_by_sub"` }
type OIDCClient ¶
type OIDCClient struct { ID string OIDC bool Secret string RedirectURIs []string `mapstructure:"redirect_uris"` ResponseTypes []string `mapstructure:"response_types"` GrantTypes []string `mapstructure:"grant_types"` Scopes []string Audience []string Public bool //OIDC specific TokenEndpointAuthMethod string `mapstructure:"token_endpoint_auth_method"` }
type OIDCConfig ¶
type OIDCConfig struct { Enable bool CSRFKey bool `mapstructure:"csrf_key"` Port bool Namespaces map[string]OIDCNamespaceConfig }
type OIDCHandler ¶
type OIDCHandler struct { NamespaceProviders map[string]fosite.OAuth2Provider Protocol string //HTTP (dev env) or HTTPS PrivateKey *rsa.PrivateKey // contains filtered or unexported fields }
func NewOIDCHandler ¶
func NewOIDCHandler(h handlers.MobilityAccountsHandler, storage storage.Storage, config *viper.Viper) *OIDCHandler
func (*OIDCHandler) AuthEndpoint ¶
func (op *OIDCHandler) AuthEndpoint(w http.ResponseWriter, r *http.Request)
func (*OIDCHandler) IntrospectionEndpoint ¶
func (op *OIDCHandler) IntrospectionEndpoint(w http.ResponseWriter, r *http.Request)
func (*OIDCHandler) TokenEndpoint ¶
func (op *OIDCHandler) TokenEndpoint(w http.ResponseWriter, req *http.Request)
func (*OIDCHandler) UserinfoEndpoint ¶
func (op *OIDCHandler) UserinfoEndpoint(w http.ResponseWriter, req *http.Request)
func (*OIDCHandler) WellKnownJWKSEndpoint ¶
func (op *OIDCHandler) WellKnownJWKSEndpoint(w http.ResponseWriter, r *http.Request)
func (*OIDCHandler) WellKnownOIDCEndpoint ¶
func (op *OIDCHandler) WellKnownOIDCEndpoint(w http.ResponseWriter, r *http.Request)
type OIDCNamespaceConfig ¶
type OIDCProviderStore ¶
type OIDCProviderStore struct { Namespace string MobilityAccountsHandler handlers.MobilityAccountsHandler KV storage.KVStore Clients map[string]fosite.Client }
func NewOIDCProviderStore ¶
func NewOIDCProviderStore(c OIDCNamespaceConfig, h handlers.MobilityAccountsHandler, storage storage.KVStore) *OIDCProviderStore
func (*OIDCProviderStore) Authenticate ¶
func (*OIDCProviderStore) ClientAssertionJWTValid ¶
func (s *OIDCProviderStore) ClientAssertionJWTValid(_ context.Context, jti string) error
func (*OIDCProviderStore) CreateAccessTokenSession ¶
func (*OIDCProviderStore) CreateAuthorizeCodeSession ¶
func (*OIDCProviderStore) CreateOpenIDConnectSession ¶
func (*OIDCProviderStore) CreatePARSession ¶
func (s *OIDCProviderStore) CreatePARSession(ctx context.Context, requestURI string, request fosite.AuthorizeRequester) error
CreatePARSession stores the pushed authorization request context. The requestURI is used to derive the key.
func (*OIDCProviderStore) CreatePKCERequestSession ¶
func (*OIDCProviderStore) CreateRefreshTokenSession ¶
func (*OIDCProviderStore) DeleteAccessTokenSession ¶
func (s *OIDCProviderStore) DeleteAccessTokenSession(_ context.Context, signature string) error
func (*OIDCProviderStore) DeleteOpenIDConnectSession ¶
func (s *OIDCProviderStore) DeleteOpenIDConnectSession(_ context.Context, authorizeCode string) error
DeleteOpenIDConnectSession is not really called from anywhere and it is deprecated.
func (*OIDCProviderStore) DeletePARSession ¶
func (s *OIDCProviderStore) DeletePARSession(ctx context.Context, requestURI string) error
DeletePARSession deletes the context.
func (*OIDCProviderStore) DeletePKCERequestSession ¶
func (s *OIDCProviderStore) DeletePKCERequestSession(_ context.Context, code string) error
func (*OIDCProviderStore) DeleteRefreshTokenSession ¶
func (s *OIDCProviderStore) DeleteRefreshTokenSession(_ context.Context, signature string) error
func (*OIDCProviderStore) GetAccessTokenSession ¶
func (*OIDCProviderStore) GetAuthorizeCodeSession ¶
func (*OIDCProviderStore) GetOpenIDConnectSession ¶
func (*OIDCProviderStore) GetPARSession ¶
func (s *OIDCProviderStore) GetPARSession(ctx context.Context, requestURI string) (fosite.AuthorizeRequester, error)
GetPARSession gets the push authorization request context. If the request is nil, a new request object is created. Otherwise, the same object is updated.
func (*OIDCProviderStore) GetPKCERequestSession ¶
func (*OIDCProviderStore) GetPublicKey ¶
func (*OIDCProviderStore) GetPublicKeyScopes ¶
func (*OIDCProviderStore) GetPublicKeys ¶
func (*OIDCProviderStore) GetRefreshTokenSession ¶
func (*OIDCProviderStore) InvalidateAuthorizeCodeSession ¶
func (s *OIDCProviderStore) InvalidateAuthorizeCodeSession(ctx context.Context, code string) error
func (*OIDCProviderStore) MarkJWTUsedForTime ¶
func (*OIDCProviderStore) RevokeAccessToken ¶
func (s *OIDCProviderStore) RevokeAccessToken(ctx context.Context, requestID string) error
func (*OIDCProviderStore) RevokeRefreshToken ¶
func (s *OIDCProviderStore) RevokeRefreshToken(ctx context.Context, requestID string) error
func (*OIDCProviderStore) RevokeRefreshTokenMaybeGracePeriod ¶
func (*OIDCProviderStore) SetClientAssertionJWT ¶
type PublicKeyScopes ¶
type PublicKeyScopes struct { Key *jose.JSONWebKey Scopes []string }
type StoreAuthorizeCode ¶
type StoreAuthorizeCode struct { Active bool `json:"active"` Requester *fosite.Request `json:"requester"` }
func DecodeStoreAuthorizeCode ¶
func DecodeStoreAuthorizeCode(rel interface{}) (StoreAuthorizeCode, error)
type StoreRefreshToken ¶
type SubjectPublicKeys ¶
type SubjectPublicKeys struct { Subject string Keys map[string]PublicKeyScopes }
Click to show internal directories.
Click to hide internal directories.