Documentation ¶
Index ¶
- Constants
- Variables
- type AdminServer
- type InvitationHandler
- type JWTVerifierFactory
- type Link
- type MultiServerConfig
- type OIDCServer
- type ResetPasswordHandler
- type SendResetPasswordEmailHandler
- type Server
- func (s *Server) AddConnector(cfg connector.ConnectorConfig) error
- func (s *Server) Client(clientID string) (client.Client, error)
- func (s *Server) ClientCredsToken(creds oidc.ClientCredentials) (*jose.JWT, time.Time, error)
- func (s *Server) CodeToken(creds oidc.ClientCredentials, sessionKey string) (*jose.JWT, string, time.Time, error)
- func (s *Server) CrossClientAuthAllowed(requestingClientID, authorizingClientID string) (bool, error)
- func (s *Server) HTTPHandler() http.Handler
- func (s *Server) JWTVerifierFactory() JWTVerifierFactory
- func (s *Server) KillSession(sessionKey string) error
- func (s *Server) Login(ident oidc.Identity, key string) (string, error)
- func (s *Server) NewClientTokenAuthHandler(handler http.Handler) http.Handler
- func (s *Server) NewSession(ipdcID, clientID, clientState string, redirectURL url.URL, nonce string, ...) (string, error)
- func (s *Server) ProviderConfig() oidc.ProviderConfig
- func (s *Server) RefreshToken(creds oidc.ClientCredentials, scopes scope.Scopes, token string) (*jose.JWT, string, time.Time, error)
- func (s *Server) Run() chan struct{}
- type ServerConfig
- type SingleServerConfig
- type StateConfigurer
- type Template
- type UserMgmtServer
Constants ¶
View Source
const ( AdminAPIVersion = "v1" AdminAPISecretLength = 128 )
View Source
const ( LoginPageTemplateName = "login.html" RegisterTemplateName = "register.html" VerifyEmailTemplateName = "verify-email.html" SendResetPasswordEmailTemplateName = "send-reset-password.html" ResetPasswordTemplateName = "reset-password.html" OOBTemplateName = "oob-template.html" APIVersion = "v1" )
Variables ¶
View Source
var ( AdminGetEndpoint = addBasePath("/admin/:id") AdminCreateEndpoint = addBasePath("/admin") AdminGetStateEndpoint = addBasePath("/state") AdminCreateClientEndpoint = addBasePath("/client") AdminConnectorsEndpoint = addBasePath("/connectors") )
View Source
var ( UsersSubTree = "/users" UsersListEndpoint = addBasePath(UsersSubTree) UsersCreateEndpoint = addBasePath(UsersSubTree) UsersGetEndpoint = addBasePath(UsersSubTree + "/:id") UsersDisableEndpoint = addBasePath(UsersSubTree + "/:id/disable") UsersResendInvitationEndpoint = addBasePath(UsersSubTree + "/:id/resend-invitation") AccountSubTree = "/account" AccountListRefreshTokens = addBasePath(AccountSubTree + "/:userid/refresh") AccountRevokeRefreshToken = addBasePath(AccountSubTree + "/:userid/refresh/:clientid") )
Functions ¶
This section is empty.
Types ¶
type AdminServer ¶
type AdminServer struct {
// contains filtered or unexported fields
}
AdminServer serves the admin API.
func NewAdminServer ¶
func NewAdminServer(adminAPI *admin.AdminAPI, rotator *key.PrivateKeyRotator, secret string) *AdminServer
func (*AdminServer) HTTPHandler ¶
func (s *AdminServer) HTTPHandler() http.Handler
type InvitationHandler ¶ added in v0.2.0
type InvitationHandler struct {
// contains filtered or unexported fields
}
func (*InvitationHandler) ServeHTTP ¶ added in v0.2.0
func (h *InvitationHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type JWTVerifierFactory ¶
type JWTVerifierFactory func(clientID string) oidc.JWTVerifier
type MultiServerConfig ¶
func (*MultiServerConfig) Configure ¶
func (cfg *MultiServerConfig) Configure(srv *Server) error
type OIDCServer ¶
type OIDCServer interface { Client(string) (client.Client, error) NewSession(connectorID, clientID, clientState string, redirectURL url.URL, nonce string, register bool, scope []string) (string, error) Login(oidc.Identity, string) (string, error) // CodeToken exchanges a code for an ID token and a refresh token string on success. CodeToken(creds oidc.ClientCredentials, sessionKey string) (*jose.JWT, string, time.Time, error) ClientCredsToken(creds oidc.ClientCredentials) (*jose.JWT, time.Time, error) // RefreshToken takes a previously generated refresh token and returns a new ID token and new refresh token // if the token is valid. RefreshToken(creds oidc.ClientCredentials, scopes scope.Scopes, token string) (*jose.JWT, string, time.Time, error) KillSession(string) error CrossClientAuthAllowed(requestingClientID, authorizingClientID string) (bool, error) }
type ResetPasswordHandler ¶
type ResetPasswordHandler struct {
// contains filtered or unexported fields
}
func (*ResetPasswordHandler) ServeHTTP ¶
func (h *ResetPasswordHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type SendResetPasswordEmailHandler ¶
type SendResetPasswordEmailHandler struct {
// contains filtered or unexported fields
}
func (*SendResetPasswordEmailHandler) ServeHTTP ¶
func (h *SendResetPasswordEmailHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type Server ¶
type Server struct { IssuerURL url.URL Templates *template.Template LoginTemplate *template.Template RegisterTemplate *template.Template VerifyEmailTemplate *template.Template SendResetPasswordEmailTemplate *template.Template ResetPasswordTemplate *template.Template OOBTemplate *template.Template HealthChecks []health.Checkable // TODO(ericchiang): Make this a map of ID to connector. Connectors []connector.Connector ClientRepo client.ClientRepo ConnectorConfigRepo connector.ConnectorConfigRepo KeySetRepo key.PrivateKeySetRepo RefreshTokenRepo refresh.RefreshTokenRepo UserRepo user.UserRepo PasswordInfoRepo user.PasswordInfoRepo ClientManager *clientmanager.ClientManager KeyManager key.PrivateKeyManager SessionManager *sessionmanager.SessionManager UserManager *usermanager.UserManager UserEmailer *useremail.UserEmailer EnableRegistration bool EnableClientRegistration bool EnableClientCredentialAccess bool RegisterOnFirstLogin bool // contains filtered or unexported fields }
func (*Server) AddConnector ¶
func (s *Server) AddConnector(cfg connector.ConnectorConfig) error
func (*Server) Client ¶ added in v0.5.0
func (*Server) ClientCredsToken ¶
func (*Server) CodeToken ¶
func (*Server) CrossClientAuthAllowed ¶ added in v0.5.0
func (*Server) JWTVerifierFactory ¶
func (s *Server) JWTVerifierFactory() JWTVerifierFactory
func (*Server) NewClientTokenAuthHandler ¶
NewClientTokenAuthHandler returns the given handler wrapped in middleware which requires a Client Bearer token.
func (*Server) NewSession ¶
func (*Server) ProviderConfig ¶
func (s *Server) ProviderConfig() oidc.ProviderConfig
func (*Server) RefreshToken ¶
type ServerConfig ¶
type ServerConfig struct { IssuerURL string IssuerName string IssuerLogoURL string TemplateDir string EmailTemplateDirs []string EmailFromAddress string EmailerConfigFile string StateConfig StateConfigurer EnableRegistration bool EnableClientRegistration bool EnableClientCredentialAccess bool RegisterOnFirstLogin bool }
func (*ServerConfig) Server ¶
func (cfg *ServerConfig) Server() (*Server, error)
type SingleServerConfig ¶
func (*SingleServerConfig) Configure ¶
func (cfg *SingleServerConfig) Configure(srv *Server) error
type UserMgmtServer ¶
type UserMgmtServer struct {
// contains filtered or unexported fields
}
func NewUserMgmtServer ¶
func NewUserMgmtServer(userMgmtAPI *api.UsersAPI, jwtvFactory JWTVerifierFactory, um *usermanager.UserManager, cm *clientmanager.ClientManager, allowClientCredsAuth bool) *UserMgmtServer
func (*UserMgmtServer) HTTPHandler ¶
func (s *UserMgmtServer) HTTPHandler() http.Handler
Click to show internal directories.
Click to hide internal directories.