Documentation ¶
Index ¶
Constants ¶
const ( TypeGeneric = "generic" TypeOkta = "okta" TypeKeycloak = "keycloak" )
Provider type string const
const ( IDPAuthTypeAccessToken = "accessToken" IDPAuthTypeClient = "client" )
IDP Auth type string const
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthClient ¶
AuthClient - Interface representing the auth Client
func NewAuthClient ¶
func NewAuthClient(tokenURL string, apiClient api.Client, opts ...AuthClientOption) (AuthClient, error)
NewAuthClient - create a new auth client with client options
type AuthClientOption ¶
type AuthClientOption func(*authClientOptions)
AuthClientOption - configures auth client.
func WithClientSecretAuth ¶
func WithClientSecretAuth(clientID, clientSecret string) AuthClientOption
WithClientSecretAuth - sets up to use client secret authenticator
func WithKeyPairAuth ¶
func WithKeyPairAuth(clientID, audience string, privKey *rsa.PrivateKey, publicKey []byte) AuthClientOption
WithKeyPairAuth - sets up to use public/private key pair authenticator
func WithServerName ¶
func WithServerName(serverName string) AuthClientOption
WithServerName - sets up the server name in auth client
type AuthorizationServerMetadata ¶
type AuthorizationServerMetadata struct { Issuer string `json:"issuer,omitempty"` AuthorizationEndpoint string `json:"authorization_endpoint,omitempty"` TokenEndpoint string `json:"token_endpoint,omitempty"` RegistrationEndpoint string `json:"registration_endpoint,omitempty"` JwksURI string `json:"jwks_uri,omitempty"` IntrospectionEndpoint string `json:"introspection_endpoint,omitempty"` RevocationEndpoint string `json:"revocation_endpoint,omitempty"` EndSessionEndpoint string `json:"end_session_endpoint,omitempty"` DeviceAuthorizationEndpoint string `json:"device_authorization_endpoint,omitempty"` PushedAuthorizationRequestEndpoint string `json:"pushed_authorization_request_endpoint,omitempty"` ResponseTypesSupported []string `json:"response_types_supported,omitempty"` ResponseModesSupported []string `json:"response_modes_supported,omitempty"` GrantTypesSupported []string `json:"grant_types_supported,omitempty"` SubjectTypeSupported []string `json:"subject_types_supported,omitempty"` ScopesSupported []string `json:"scopes_supported,omitempty"` TokenEndpointAuthMethodSupported []string `json:"token_endpoint_auth_methods_supported,omitempty"` ClaimsSupported []string `json:"claims_supported,omitempty"` CodeChallengeMethodsSupported []string `json:"code_challenge_methods_supported,omitempty"` IntrospectionEndpointAuthMethodsSupported []string `json:"introspection_endpoint_auth_methods_supported,omitempty"` RevocationEndpointAuthMethodsSupported []string `json:"revocation_endpoint_auth_methods_supported,omitempty"` RequestParameterSupported bool `json:"request_parameter_supported,omitempty"` RequestObjectSigningAlgValuesSupported []string `json:"request_object_signing_alg_values_supported,omitempty"` }
AuthorizationServerMetadata - OAuth metadata from IdP
type ClientBuilder ¶
type ClientBuilder interface { SetClientName(string) ClientBuilder SetScopes([]string) ClientBuilder SetGrantTypes([]string) ClientBuilder SetResponseType([]string) ClientBuilder SetTokenEndpointAuthMethod(tokenAuthMethod string) ClientBuilder SetRedirectURIs([]string) ClientBuilder SetLogoURI(string) ClientBuilder SetJWKSURI(string) ClientBuilder SetJWKS([]byte) ClientBuilder SetExtraProperties(map[string]string) ClientBuilder Build() (ClientMetadata, error) }
ClientBuilder - Builder for IdP client representation
func NewClientMetadataBuilder ¶
func NewClientMetadataBuilder() ClientBuilder
NewClientMetadataBuilder - create a new instance of builder to construct client metadata
type ClientMetadata ¶
type ClientMetadata interface { GetClientName() string GetClientID() string GetClientSecret() string GetClientIDIssuedAt() *time.Time GetClientSecretExpiresAt() *time.Time GetScopes() []string GetGrantTypes() []string GetTokenEndpointAuthMethod() string GetResponseTypes() []string GetClientURI() string GetRedirectURIs() []string GetLogoURI() string GetJwksURI() string GetJwks() map[string]interface{} GetExtraProperties() map[string]string }
ClientMetadata - Interface for IdP client metadata representation
type MockIDPServer ¶
type MockIDPServer interface { GetMetadataURL() string GetIssuer() string GetTokenURL() string GetAuthEndpoint() string SetMetadataResponseCode(statusCode int) SetTokenResponse(accessToken string, expiry time.Duration, statusCode int) SetRegistrationResponseCode(statusCode int) Close() }
MockIDPServer - interface for mock IDP server
func NewMockIDPServer ¶
func NewMockIDPServer() MockIDPServer
NewMockIDPServer - creates a new mock IDP server for tests
type Provider ¶
type Provider interface { GetName() string GetTitle() string GetIssuer() string GetTokenEndpoint() string GetAuthorizationEndpoint() string GetSupportedScopes() []string GetSupportedGrantTypes() []string GetSupportedTokenAuthMethods() []string GetSupportedResponseMethod() []string RegisterClient(clientMetadata ClientMetadata) (ClientMetadata, error) UnregisterClient(clientID string) error }
Provider - interface for external IdP provider
type ProviderRegistry ¶
type ProviderRegistry interface { // RegisterProvider - registers the provider using the config RegisterProvider(idp corecfg.IDPConfig, tlsCfg corecfg.TLSConfig, proxyURL string, clientTimeout time.Duration) error // GetProviderByName - returns the provider from registry based on the name GetProviderByName(name string) (Provider, error) // GetProviderByIssuer - returns the provider from registry based on the IDP issuer GetProviderByIssuer(issuer string) (Provider, error) // GetProviderByTokenEndpoint - returns the provider from registry based on the IDP token endpoint GetProviderByTokenEndpoint(tokenEndpoint string) (Provider, error) // GetProviderByAuthorizationEndpoint - returns the provider from registry based on the IDP authorization endpoint GetProviderByAuthorizationEndpoint(authEndpoint string) (Provider, error) }
ProviderRegistry - interface for provider registry
func NewProviderRegistry ¶
func NewProviderRegistry() ProviderRegistry
NewProviderRegistry - create a new provider registry
type ProviderType ¶
type ProviderType int
ProviderType - type of provider
const ( Generic ProviderType = iota + 1 Okta KeyCloak )
Provider types
type Scopes ¶
type Scopes []string
Scopes - type for serializing scopes in client representation
func (*Scopes) MarshalJSON ¶
MarshalJSON - serializes the scopes in array as space separated string
func (*Scopes) UnmarshalJSON ¶
UnmarshalJSON - deserializes the scopes from space separated string to array