Documentation
¶
Index ¶
- Constants
- func ClearDb()
- func ClientCredenitalsAuth(issuer, clientID, clientSecret string)
- func CloseDb()
- func FatalOnError(err error)
- func InitDb()
- func PrettyPrintDecodedJWT(token string)
- func PrettyPrintJSON(jsonBytes []byte)
- func RefreshToken(issuer, clientID, refreshToken string)
- func ResourceOwnerCredentialsAuth(issuer, clientID, username, password string)
- type JOSEHeader
- type JWK
- type JWKSet
- type JWS
- type JWTRegisteredClaims
- type Metadata
- type OpenIDAddressClaim
- type OpenIDProviderMetadata
- type OpenIDStandardClaims
- type Token
Constants ¶
View Source
const SchemaVersion = "0.0.1"
SchemaVersion defines the database schema used by this version of actl. It will be increased on database schema changes in order to react conflicts.
Variables ¶
This section is empty.
Functions ¶
func ClientCredenitalsAuth ¶
func ClientCredenitalsAuth(issuer, clientID, clientSecret string)
func FatalOnError ¶
func FatalOnError(err error)
FatalOnError checks the err parameter and terminates the process if an error exists
func PrettyPrintDecodedJWT ¶
func PrettyPrintDecodedJWT(token string)
PrettyPrintDecodedJWT parses base64 encoded JWT and prints it's header and payload to stdout.
func PrettyPrintJSON ¶
func PrettyPrintJSON(jsonBytes []byte)
PrettyPrintJSON prints a given json object to stdout. With indentation and syntax highlighting.
func RefreshToken ¶
func RefreshToken(issuer, clientID, refreshToken string)
func ResourceOwnerCredentialsAuth ¶
func ResourceOwnerCredentialsAuth(issuer, clientID, username, password string)
Types ¶
type JOSEHeader ¶
type JOSEHeader struct {
Typ string `json:"typ"`
Alg string `json:"alg"`
KeyID string `json:"kid"`
}
JOSEHeader - the JSON Object Signing and Encryption Header is comprised of a set of Header Parameters. See RFC7515
type JWK ¶
type JWK struct {
// Key ID
Kid string `json:"kid" storm:"id"`
// Key Type
Kty string `json:"kty"`
// Public Key Use (sig or enc)
Use string `json:"use"`
// Key Operations
// sign, verify, encrypt, decrypt, wrapKey, unwrapKey, deriveKey, deriveBits
KeyOps string `json:"key_ops"`
// Algorithm
// See https://tools.ietf.org/html/rfc7518
Alg string `json:"alg"`
// X.509 URL
X5u string `json:"x5u"`
// X.509 Certificate Chain
X5c []string `json:"x5c"`
// X.509 Certificate SHA-1 Thumbprint
X5t string `json:"x5t"`
// X.509 Certificate SHA-256 Thumbprint
X5tS256 string `json:"x5t#S256"`
Issuer string
CreatedAt time.Time
}
JWK - JSON Web Key A JWK is a JSON object that represents a cryptographic key. The members of the object represent properties of the key, including its value. See https://tools.ietf.org/html/rfc7517#section-4
type JWKSet ¶
type JWKSet struct {
Keys []JWK `json:"keys"`
}
JWKSet is a JSON object that represents a set of JWKs. See https://tools.ietf.org/html/rfc7517#section-5
type JWS ¶
type JWS struct{}
JWS (JSON Web Signature) represents digitally signed or MACed content using JSON data structures and base64url encoding.
type JWTRegisteredClaims ¶
type OpenIDAddressClaim ¶
type OpenIDAddressClaim struct {
Formatted string `json:"formatted"`
StreetAddress string `json:"street_address"`
Locality string `json:"locality"`
Region string `json:"region"`
PostalCode string `json:"postal_code"`
Country string `json:"country"`
}
See https://openid.net/specs/openid-connect-core-1_0.html#AddressClaim
type OpenIDProviderMetadata ¶
type OpenIDProviderMetadata struct {
Issuer string `json:"issuer" storm:"id"`
AuthorizationEndpoint string `json:"authorization_endpoint"`
TokenEndpoint string `json:"token_endpoint"`
UserinfoEndpoint string `json:"userinfo_endpoint"`
JwksURI string `json:"jwks_uri"`
RegistrationEndpoint string `json:"registration_endpoint"`
ScopesSupported []string `json:"scopes_supported"`
ResponseTypesSupported []string `json:"response_types_supported"`
ResponseModesSupported []string `json:"response_modes_supported"`
GrantTypesSupported []string `json:"grant_types_supported"`
AcrValuesSupported []string `json:"acr_values_supported"`
SubjectTypesSupported []string `json:"subject_types_supported"`
IDTokenSigningAlgValuesSupported []string `json:"id_token_signing_alg_values_supported"`
IDTokenEncryptionAlgValuesSupported []string `json:"id_token_encryption_alg_values_supported"`
IDTokenEncryptionEncValuesSupported []string `json:"id_token_encryption_enc_values_supported"`
UserinfoSigningAlgValuesSupported []string `json:"userinfo_signing_alg_values_supported"`
UserinfoEncryptionAlgValuesSupported []string `json:"userinfo_encryption_alg_values_supported"`
UserinfoEncryptionEncValuesSupported []string `json:"userinfo_encryption_enc_values_supported"`
RequestObjectSigningAlgValuesSupported []string `json:"request_object_signing_alg_values_supported"`
RequestObjectEncryptionAlgValuesSupported []string `json:"request_object_encryption_alg_values_supported"`
RequestObjectEncryptionEncValuesSupported []string `json:"request_object_encryption_enc_values_supported"`
TokenEndpointAuthMethodsSupported []string `json:"token_endpoint_auth_methods_supported"`
TokenEndpointAuthSigningAlgValuesSupported []string `json:"token_endpoint_auth_signing_alg_values_supported"`
DisplayValuesSupported []string `json:"display_values_supported"`
ClaimTypesSupported []string `json:"claim_types_supported"`
ClaimsSupported []string `json:"claims_supported"`
ServiceDocumentation string `json:"service_documentation"`
ClaimsLocalesSupported bool `json:"claims_locales_supported"`
UILocalesSupported []string `json:"ui_locales_supported"`
ClaimsParameterSupported bool `json:"claims_parameter_supported"`
RequestParameterSupported bool `json:"request_parameter_supported"`
RequestURIParameterSupported bool `json:"request_uri_parameter_supported"`
RequestURIRegistration []string `json:"require_request_uri_registration"`
OpPolicyURI []string `json:"op_policy_uri"`
OpTosURI []string `json:"op_tos_uri"`
IntrospectionEndpoint string `json:"introspection_endpoint"`
TLSClientCertificateBoundAccessTokens bool `json:"tls_client_certificate_bound_access_tokens"`
EndSessionEndpoint string `json:"end_session_endpoint"`
CheckSessionIframe string `json:"check_session_iframe"`
CodeChallengeMethodsSupported []string `json:"code_challenge_methods_supported"`
}
OpenIDProviderMetadata is the description of the OpenID Providers configuration. This information can be fetched from a well known URL. See https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata
func GetAllIssuer ¶
func GetAllIssuer() []OpenIDProviderMetadata
func GetOidcMetadata ¶
func GetOidcMetadata(issuer string, useCache bool) *OpenIDProviderMetadata
func UpsertIssuer ¶
func UpsertIssuer(oidcMetadata *OpenIDProviderMetadata) *OpenIDProviderMetadata
UpsertIssuer persists the OpenID Provider metadata fetched from an issuer URL
type OpenIDStandardClaims ¶
type OpenIDStandardClaims struct {
Subject string `json:"sub"`
Name string `json:"name"`
GivenName string `json:"given_name"`
FamilyName string `json:"family_name"`
MiddleName string `json:"middle_name"`
Nickname string `json:"nickname"`
PreferredUsername string `json:"preferred_username"`
Profile string `json:"profile"`
Picture string `json:"picture"`
Website string `json:"website"`
Email string `json:"email"`
EmailVerified bool `json:"email_verified"`
Gender string `json:"gender"`
Birthdate string `json:"birthdate"`
Zoneinfo string `json:"zoneinfo"`
Locale string `json:"locale"`
PhoneNumber string `json:"phone_number"`
PhoneNumberVerified string `json:"phone_number_verified"`
Address OpenIDAddressClaim `json:"address"`
UpdatedAt string `json:"updated_at"`
}
See https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims
type Token ¶
type Token struct {
Encoded string `storm:"id"`
Header map[string]interface{}
Payload map[string]interface{}
}
Token is an OAuth Token
func AuthorizationCodeAuth ¶
func UpsertJWT ¶
UpsertJWT creates a Token object from a given JWT string and persists it in the local database.
func (*Token) GetJOSEHeader ¶
func (t *Token) GetJOSEHeader() *JOSEHeader
func (*Token) GetOidcStandardClaims ¶
func (t *Token) GetOidcStandardClaims() *OpenIDStandardClaims
func (*Token) GetRegisteredClaims ¶
func (t *Token) GetRegisteredClaims() *JWTRegisteredClaims
Source Files
Click to show internal directories.
Click to hide internal directories.