oauth

package
v1.1.35 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 26, 2022 License: Apache-2.0 Imports: 21 Imported by: 0

Documentation

Index

Constants

View Source
const (
	TypeGeneric  = "generic"
	TypeOkta     = "okta"
	TypeKeycloak = "keycloak"
)

Provider type string const

View Source
const (
	IDPAuthTypeAccessToken = "accessToken"
	IDPAuthTypeClient      = "client"
)

IDP Auth type string const

Variables

This section is empty.

Functions

This section is empty.

Types

type AuthClient

type AuthClient interface {
	GetToken() (string, error)
}

AuthClient - Interface representing the auth Client

func NewAuthClient

func NewAuthClient(tokenURL string, apiClient api.Client, opts ...AuthClientOption) (AuthClient, error)

NewAuthClient - create a new auth client with client options

type AuthClientOption

type AuthClientOption func(*authClientOptions)

AuthClientOption - configures auth client.

func WithClientSecretAuth

func WithClientSecretAuth(clientID, clientSecret string) AuthClientOption

WithClientSecretAuth - sets up to use client secret authenticator

func WithKeyPairAuth

func WithKeyPairAuth(clientID, audience string, privKey *rsa.PrivateKey, publicKey []byte) AuthClientOption

WithKeyPairAuth - sets up to use public/private key pair authenticator

func WithServerName

func WithServerName(serverName string) AuthClientOption

WithServerName - sets up the server name in auth client

type AuthorizationServerMetadata

type AuthorizationServerMetadata struct {
	Issuer string `json:"issuer,omitempty"`

	AuthorizationEndpoint              string `json:"authorization_endpoint,omitempty"`
	TokenEndpoint                      string `json:"token_endpoint,omitempty"`
	RegistrationEndpoint               string `json:"registration_endpoint,omitempty"`
	JwksURI                            string `json:"jwks_uri,omitempty"`
	IntrospectionEndpoint              string `json:"introspection_endpoint,omitempty"`
	RevocationEndpoint                 string `json:"revocation_endpoint,omitempty"`
	EndSessionEndpoint                 string `json:"end_session_endpoint,omitempty"`
	DeviceAuthorizationEndpoint        string `json:"device_authorization_endpoint,omitempty"`
	PushedAuthorizationRequestEndpoint string `json:"pushed_authorization_request_endpoint,omitempty"`

	ResponseTypesSupported                    []string `json:"response_types_supported,omitempty"`
	ResponseModesSupported                    []string `json:"response_modes_supported,omitempty"`
	GrantTypesSupported                       []string `json:"grant_types_supported,omitempty"`
	SubjectTypeSupported                      []string `json:"subject_types_supported,omitempty"`
	ScopesSupported                           []string `json:"scopes_supported,omitempty"`
	TokenEndpointAuthMethodSupported          []string `json:"token_endpoint_auth_methods_supported,omitempty"`
	ClaimsSupported                           []string `json:"claims_supported,omitempty"`
	CodeChallengeMethodsSupported             []string `json:"code_challenge_methods_supported,omitempty"`
	IntrospectionEndpointAuthMethodsSupported []string `json:"introspection_endpoint_auth_methods_supported,omitempty"`
	RevocationEndpointAuthMethodsSupported    []string `json:"revocation_endpoint_auth_methods_supported,omitempty"`

	RequestParameterSupported              bool     `json:"request_parameter_supported,omitempty"`
	RequestObjectSigningAlgValuesSupported []string `json:"request_object_signing_alg_values_supported,omitempty"`
}

AuthorizationServerMetadata - OAuth metadata from IdP

type ClientBuilder

type ClientBuilder interface {
	SetClientName(string) ClientBuilder

	SetScopes([]string) ClientBuilder
	SetGrantTypes([]string) ClientBuilder
	SetResponseType([]string) ClientBuilder
	SetTokenEndpointAuthMethod(tokenAuthMethod string) ClientBuilder

	SetRedirectURIs([]string) ClientBuilder
	SetLogoURI(string) ClientBuilder

	SetJWKSURI(string) ClientBuilder
	SetJWKS([]byte) ClientBuilder
	SetExtraProperties(map[string]string) ClientBuilder

	Build() (ClientMetadata, error)
}

ClientBuilder - Builder for IdP client representation

func NewClientMetadataBuilder

func NewClientMetadataBuilder() ClientBuilder

NewClientMetadataBuilder - create a new instance of builder to construct client metadata

type ClientMetadata

type ClientMetadata interface {
	GetClientName() string
	GetClientID() string
	GetClientSecret() string
	GetClientIDIssuedAt() *time.Time
	GetClientSecretExpiresAt() *time.Time
	GetScopes() []string
	GetGrantTypes() []string
	GetTokenEndpointAuthMethod() string
	GetResponseTypes() []string
	GetClientURI() string
	GetRedirectURIs() []string
	GetLogoURI() string
	GetJwksURI() string
	GetJwks() map[string]interface{}
	GetExtraProperties() map[string]string
}

ClientMetadata - Interface for IdP client metadata representation

type MockIDPServer

type MockIDPServer interface {
	GetMetadataURL() string
	GetIssuer() string
	GetTokenURL() string
	GetAuthEndpoint() string
	SetMetadataResponseCode(statusCode int)
	SetTokenResponse(accessToken string, expiry time.Duration, statusCode int)
	SetRegistrationResponseCode(statusCode int)
	Close()
}

MockIDPServer - interface for mock IDP server

func NewMockIDPServer

func NewMockIDPServer() MockIDPServer

NewMockIDPServer - creates a new mock IDP server for tests

type Provider

type Provider interface {
	GetName() string
	GetTitle() string
	GetIssuer() string
	GetTokenEndpoint() string
	GetAuthorizationEndpoint() string
	GetSupportedScopes() []string
	GetSupportedGrantTypes() []string
	GetSupportedTokenAuthMethods() []string
	GetSupportedResponseMethod() []string
	RegisterClient(clientMetadata ClientMetadata) (ClientMetadata, error)
	UnregisterClient(clientID string) error
}

Provider - interface for external IdP provider

func NewProvider

func NewProvider(idp corecfg.IDPConfig, tlsCfg corecfg.TLSConfig, proxyURL string, clientTimeout time.Duration) (Provider, error)

NewProvider - create a new IdP provider

type ProviderRegistry

type ProviderRegistry interface {
	// RegisterProvider - registers the provider using the config
	RegisterProvider(idp corecfg.IDPConfig, tlsCfg corecfg.TLSConfig, proxyURL string, clientTimeout time.Duration) error
	// GetProviderByName - returns the provider from registry based on the name
	GetProviderByName(name string) (Provider, error)
	// GetProviderByIssuer - returns the provider from registry based on the IDP issuer
	GetProviderByIssuer(issuer string) (Provider, error)
	// GetProviderByTokenEndpoint - returns the provider from registry based on the IDP token endpoint
	GetProviderByTokenEndpoint(tokenEndpoint string) (Provider, error)
	// GetProviderByAuthorizationEndpoint - returns the provider from registry based on the IDP authorization endpoint
	GetProviderByAuthorizationEndpoint(authEndpoint string) (Provider, error)
}

ProviderRegistry - interface for provider registry

func NewProviderRegistry

func NewProviderRegistry() ProviderRegistry

NewProviderRegistry - create a new provider registry

type ProviderType

type ProviderType int

ProviderType - type of provider

const (
	Generic ProviderType = iota + 1
	Okta
	KeyCloak
)

Provider types

type Scopes

type Scopes []string

Scopes - type for serializing scopes in client representation

func (*Scopes) MarshalJSON

func (s *Scopes) MarshalJSON() ([]byte, error)

MarshalJSON - serializes the scopes in array as space separated string

func (*Scopes) UnmarshalJSON

func (s *Scopes) UnmarshalJSON(data []byte) error

UnmarshalJSON - deserializes the scopes from space separated string to array

type Time

type Time time.Time

Time - time

func (*Time) MarshalJSON

func (t *Time) MarshalJSON() ([]byte, error)

MarshalJSON - serialize time to unix timestamp

func (*Time) UnmarshalJSON

func (t *Time) UnmarshalJSON(data []byte) error

UnmarshalJSON - deserialize time to unix timestamp

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL