op

package
v1.0.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 3, 2024 License: AGPL-3.0 Imports: 22 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DecodeRequest

func DecodeRequest(rel interface{}) (*fosite.Request, error)

func NewOIDCServer

func NewOIDCServer(oidc_handler *OIDCHandler, cfg *viper.Viper) error

func Run

func Run(done chan error, cfg *viper.Viper, handler handlers.MobilityAccountsHandler, storage storage.Storage)

func ToBytes

func ToBytes() mapstructure.DecodeHookFunc

func ToTimeHookFunc

func ToTimeHookFunc() mapstructure.DecodeHookFunc

Types

type IssuerPublicKeys

type IssuerPublicKeys struct {
	Issuer    string
	KeysBySub map[string]SubjectPublicKeys `mapstructure:"keys_by_sub"`
}

type OIDCClient

type OIDCClient struct {
	ID            string
	OIDC          bool
	Secret        string
	RedirectURIs  []string `mapstructure:"redirect_uris"`
	ResponseTypes []string `mapstructure:"response_types"`
	GrantTypes    []string `mapstructure:"grant_types"`
	Scopes        []string
	Audience      []string
	Public        bool
	//OIDC specific
	TokenEndpointAuthMethod string `mapstructure:"token_endpoint_auth_method"`
}

type OIDCConfig

type OIDCConfig struct {
	Enable     bool
	CSRFKey    bool `mapstructure:"csrf_key"`
	Port       bool
	Namespaces map[string]OIDCNamespaceConfig
}

type OIDCHandler

type OIDCHandler struct {
	NamespaceProviders map[string]fosite.OAuth2Provider

	Protocol   string //HTTP (dev env) or HTTPS
	PrivateKey *rsa.PrivateKey
	// contains filtered or unexported fields
}

func NewOIDCHandler

func NewOIDCHandler(h handlers.MobilityAccountsHandler, storage storage.Storage, config *viper.Viper) *OIDCHandler

func (*OIDCHandler) AuthEndpoint

func (op *OIDCHandler) AuthEndpoint(w http.ResponseWriter, r *http.Request)

func (*OIDCHandler) IntrospectionEndpoint

func (op *OIDCHandler) IntrospectionEndpoint(w http.ResponseWriter, r *http.Request)

func (*OIDCHandler) TokenEndpoint

func (op *OIDCHandler) TokenEndpoint(w http.ResponseWriter, req *http.Request)

func (*OIDCHandler) UserinfoEndpoint

func (op *OIDCHandler) UserinfoEndpoint(w http.ResponseWriter, req *http.Request)

func (*OIDCHandler) WellKnownJWKSEndpoint

func (op *OIDCHandler) WellKnownJWKSEndpoint(w http.ResponseWriter, r *http.Request)

func (*OIDCHandler) WellKnownOIDCEndpoint

func (op *OIDCHandler) WellKnownOIDCEndpoint(w http.ResponseWriter, r *http.Request)

type OIDCNamespaceConfig

type OIDCNamespaceConfig struct {
	Namespace    string
	SecretKey    string            `mapstructure:"secret_key"`
	TemplatesDir string            `mapstructure:"templates_dir"`
	MatchClaims  map[string]string `mapstructure:"match_claims"`
	Clients      []OIDCClient
}

type OIDCProviderStore

type OIDCProviderStore struct {
	Namespace               string
	MobilityAccountsHandler handlers.MobilityAccountsHandler
	KV                      storage.KVStore
	Clients                 map[string]fosite.Client
}

func (*OIDCProviderStore) Authenticate

func (s *OIDCProviderStore) Authenticate(_ context.Context, name string, secret string) error

func (*OIDCProviderStore) ClientAssertionJWTValid

func (s *OIDCProviderStore) ClientAssertionJWTValid(_ context.Context, jti string) error

func (*OIDCProviderStore) CreateAccessTokenSession

func (s *OIDCProviderStore) CreateAccessTokenSession(_ context.Context, signature string, req fosite.Requester) error

func (*OIDCProviderStore) CreateAuthorizeCodeSession

func (s *OIDCProviderStore) CreateAuthorizeCodeSession(_ context.Context, code string, req fosite.Requester) error

func (*OIDCProviderStore) CreateOpenIDConnectSession

func (s *OIDCProviderStore) CreateOpenIDConnectSession(_ context.Context, authorizeCode string, requester fosite.Requester) error

func (*OIDCProviderStore) CreatePARSession

func (s *OIDCProviderStore) CreatePARSession(ctx context.Context, requestURI string, request fosite.AuthorizeRequester) error

CreatePARSession stores the pushed authorization request context. The requestURI is used to derive the key.

func (*OIDCProviderStore) CreatePKCERequestSession

func (s *OIDCProviderStore) CreatePKCERequestSession(_ context.Context, code string, req fosite.Requester) error

func (*OIDCProviderStore) CreateRefreshTokenSession

func (s *OIDCProviderStore) CreateRefreshTokenSession(_ context.Context, signature string, req fosite.Requester) error

func (*OIDCProviderStore) DeleteAccessTokenSession

func (s *OIDCProviderStore) DeleteAccessTokenSession(_ context.Context, signature string) error

func (*OIDCProviderStore) DeleteOpenIDConnectSession

func (s *OIDCProviderStore) DeleteOpenIDConnectSession(_ context.Context, authorizeCode string) error

DeleteOpenIDConnectSession is not really called from anywhere and it is deprecated.

func (*OIDCProviderStore) DeletePARSession

func (s *OIDCProviderStore) DeletePARSession(ctx context.Context, requestURI string) error

DeletePARSession deletes the context.

func (*OIDCProviderStore) DeletePKCERequestSession

func (s *OIDCProviderStore) DeletePKCERequestSession(_ context.Context, code string) error

func (*OIDCProviderStore) DeleteRefreshTokenSession

func (s *OIDCProviderStore) DeleteRefreshTokenSession(_ context.Context, signature string) error

func (*OIDCProviderStore) GetAccessTokenSession

func (s *OIDCProviderStore) GetAccessTokenSession(_ context.Context, signature string, _ fosite.Session) (fosite.Requester, error)

func (*OIDCProviderStore) GetAuthorizeCodeSession

func (s *OIDCProviderStore) GetAuthorizeCodeSession(_ context.Context, code string, _ fosite.Session) (fosite.Requester, error)

func (*OIDCProviderStore) GetClient

func (s *OIDCProviderStore) GetClient(_ context.Context, id string) (fosite.Client, error)

func (*OIDCProviderStore) GetOpenIDConnectSession

func (s *OIDCProviderStore) GetOpenIDConnectSession(_ context.Context, authorizeCode string, requester fosite.Requester) (fosite.Requester, error)

func (*OIDCProviderStore) GetPARSession

func (s *OIDCProviderStore) GetPARSession(ctx context.Context, requestURI string) (fosite.AuthorizeRequester, error)

GetPARSession gets the push authorization request context. If the request is nil, a new request object is created. Otherwise, the same object is updated.

func (*OIDCProviderStore) GetPKCERequestSession

func (s *OIDCProviderStore) GetPKCERequestSession(_ context.Context, code string, _ fosite.Session) (fosite.Requester, error)

func (*OIDCProviderStore) GetPublicKey

func (s *OIDCProviderStore) GetPublicKey(ctx context.Context, issuer string, subject string, keyId string) (*jose.JSONWebKey, error)

func (*OIDCProviderStore) GetPublicKeyScopes

func (s *OIDCProviderStore) GetPublicKeyScopes(ctx context.Context, issuer string, subject string, keyId string) ([]string, error)

func (*OIDCProviderStore) GetPublicKeys

func (s *OIDCProviderStore) GetPublicKeys(ctx context.Context, issuer string, subject string) (*jose.JSONWebKeySet, error)

func (*OIDCProviderStore) GetRefreshTokenSession

func (s *OIDCProviderStore) GetRefreshTokenSession(_ context.Context, signature string, _ fosite.Session) (fosite.Requester, error)

func (*OIDCProviderStore) InvalidateAuthorizeCodeSession

func (s *OIDCProviderStore) InvalidateAuthorizeCodeSession(ctx context.Context, code string) error

func (*OIDCProviderStore) IsJWTUsed

func (s *OIDCProviderStore) IsJWTUsed(ctx context.Context, jti string) (bool, error)

func (*OIDCProviderStore) MarkJWTUsedForTime

func (s *OIDCProviderStore) MarkJWTUsedForTime(ctx context.Context, jti string, exp time.Time) error

func (*OIDCProviderStore) RevokeAccessToken

func (s *OIDCProviderStore) RevokeAccessToken(ctx context.Context, requestID string) error

func (*OIDCProviderStore) RevokeRefreshToken

func (s *OIDCProviderStore) RevokeRefreshToken(ctx context.Context, requestID string) error

func (*OIDCProviderStore) RevokeRefreshTokenMaybeGracePeriod

func (s *OIDCProviderStore) RevokeRefreshTokenMaybeGracePeriod(ctx context.Context, requestID string, signature string) error

func (*OIDCProviderStore) SetClientAssertionJWT

func (s *OIDCProviderStore) SetClientAssertionJWT(_ context.Context, jti string, exp time.Time) error

type PublicKeyScopes

type PublicKeyScopes struct {
	Key    *jose.JSONWebKey
	Scopes []string
}

type StoreAuthorizeCode

type StoreAuthorizeCode struct {
	Active    bool            `json:"active"`
	Requester *fosite.Request `json:"requester"`
}

func DecodeStoreAuthorizeCode

func DecodeStoreAuthorizeCode(rel interface{}) (StoreAuthorizeCode, error)

type StoreRefreshToken

type StoreRefreshToken struct {
	Active    bool
	Requester fosite.Requester
}

type SubjectPublicKeys

type SubjectPublicKeys struct {
	Subject string
	Keys    map[string]PublicKeyScopes
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL