persona

package
v0.9.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 8, 2020 License: Apache-2.0 Imports: 26 Imported by: 0

Documentation

Overview

Package persona provides a persona broker for use by clients.

Index

Constants

This section is empty.

Variables

View Source
var (
	// StandardClaims is the list of standard OIDC claims that personas import into GA4GH Identity objects.
	StandardClaims = map[string]string{
		"azp":                "Authorized Party (application identifier)",
		"email":              "Email address",
		"email_verified":     "Email Verified (true or false)",
		"family_name":        "Family Name",
		"given_name":         "Given Name",
		"iss":                "Issuer of the Passport",
		"locale":             "Locale",
		"middle_name":        "Middle Name",
		"name":               "Full Name",
		"nickname":           "Nickname",
		"picture":            "Picture",
		"preferred_username": "Preferred Username",
		"profile":            "Profile",
		"sub":                "Subject (user identifier)",
		"zoneinfo":           "Zone info (timezone)",
	}

	// DefaultScope is a list of standard scopes to request.
	DefaultScope = "openid ga4gh ga4gh_passport_v1"

	// AccountScope has default scopes and the account_admin scope.
	AccountScope = DefaultScope + " account_admin"

	// LinkScope has account scope plus the additional account-linking scope.
	LinkScope = AccountScope + " link"
)

Functions

func NewAccessToken

func NewAccessToken(name, issuer, clientID, scope string, persona *cpb.TestPersona) (ga4gh.AccessJWT, string, error)

NewAccessToken returns an access token for a persona at a given issuer. The persona parameter may be nil.

func ToIdentity

func ToIdentity(ctx context.Context, name string, persona *cpb.TestPersona, scope, visaIssuer string) (*ga4gh.Identity, error)

ToIdentity retuns an Identity from persona configuration settings.

Types

type Server

type Server struct {
	Handler *mux.Router
	// contains filtered or unexported fields
}

Server is a fake OIDC passport broker service for a playground or test environment. Private keys are well-known and allows any user to act as system administrator. WARNING: ONLY for use with synthetic or test data.

Do not use unless you fully understand the security and privacy implications.

func NewBroker

func NewBroker(issuerURL string, key *testkeys.Key, service, path string, useOIDCPrefix bool) (*Server, error)

NewBroker returns a Persona Broker Server

func (*Server) Config

func (s *Server) Config() *dampb.DamConfig

Config returns the DAM configuration currently in use.

func (*Server) Sign

func (s *Server) Sign(header map[string]string, claim interface{}) (string, error)

Sign the jwt with the private key in Server.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL